Rickrollternet!
Just because I am a huge dork, I decided instead of just password protecting my wireless I would make it open and mess with people.
I set up my own router on an old dell running debian, installed iptables, dhcp, and squid and got to work setting up the rickrollternet.
Also running our own dns from another machine in the house...
I edited /etc/dhcpd.conf to seperate into two subnets by mac adress. Looks like this:
shared-network local {
subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name "somedomain.com";
option domain-name-servers *.*.*.*;
deny unknown-clients;
host somehost1 {
hardware ethernet **:**:**:**:**:**;
}
}
subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name-servers 4.2.2.2;
allow unknown-clients;
}
}
Then I set up squid as a transparent proxy and used url_rewrite_program so it would run my own script (basically you tell it where your script is)
Here is the perl script we whipped up to use:
#!/usr/bin/perl
$|=1;
while (<>) {
chop ;
# URL ip-address/fqdn ident method
($url, $address, $ident, $method) = /(\S+)\s+(\S+)\s+(\S+)\s+(\S+)/ ;
$random_number = int(rand(10));
if ($random_number == 1)
{
print "http://www.rickrolllinkhere.com";
}
else
{
print $url;
}
print "\n";
}
It seemed to happen to me during testing about every 6-10 times I typed in a URL.
Then I set iptables to forward everything on the untrusted subnet to the transparent squid proxy running on port 8080 by using this entry:
/sbin/iptables -t nat -A PREROUTING -s untrusted subnet .0 adress/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination untrusted subnet .1 address:8080
So now whenever anyone gets onto our wireless network that isn't us, they will get rickrolled! Next on the list is adding something to my script to play a sound when its run... hehe. I'm twisted. It should be noted you can put in any URL in there... I've also seen scripts to download images, modify them in some annoying way, and then re serve via a local webserver to confuse the hell out of whoever is getting onto the wireless point.
I set up my own router on an old dell running debian, installed iptables, dhcp, and squid and got to work setting up the rickrollternet.
Also running our own dns from another machine in the house...
I edited /etc/dhcpd.conf to seperate into two subnets by mac adress. Looks like this:
shared-network local {
subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name "somedomain.com";
option domain-name-servers *.*.*.*;
deny unknown-clients;
host somehost1 {
hardware ethernet **:**:**:**:**:**;
}
}
subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name-servers 4.2.2.2;
allow unknown-clients;
}
}
Then I set up squid as a transparent proxy and used url_rewrite_program so it would run my own script (basically you tell it where your script is)
Here is the perl script we whipped up to use:
#!/usr/bin/perl
$|=1;
while (<>) {
chop ;
# URL ip-address/fqdn ident method
($url, $address, $ident, $method) = /(\S+)\s+(\S+)\s+(\S+)\s+(\S+)/ ;
$random_number = int(rand(10));
if ($random_number == 1)
{
print "http://www.rickrolllinkhere.com";
}
else
{
print $url;
}
print "\n";
}
It seemed to happen to me during testing about every 6-10 times I typed in a URL.
Then I set iptables to forward everything on the untrusted subnet to the transparent squid proxy running on port 8080 by using this entry:
/sbin/iptables -t nat -A PREROUTING -s untrusted subnet .0 adress/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination untrusted subnet .1 address:8080
So now whenever anyone gets onto our wireless network that isn't us, they will get rickrolled! Next on the list is adding something to my script to play a sound when its run... hehe. I'm twisted. It should be noted you can put in any URL in there... I've also seen scripts to download images, modify them in some annoying way, and then re serve via a local webserver to confuse the hell out of whoever is getting onto the wireless point.