home Torrent

The danger of using other people's Wi-Fi networks. Wireless networks: classification, organization, principle of operation Obtaining complete information about the wifi network

The wireless Wi-Fi network of Tambov State Technical University is organized in infrastructure mode. This means that computers are connected to a wireless access point, which in turn are connected to the university's wired network.

The university wireless network network name (SSID) is TSTU.

To ensure the security of the university's wireless network, access points are configured to use:

802.11i authentication standard (WPA2 - Wi-Fi Protected Access 2) in Enterprise corporate mode; AES (Advanced Encryption Standard) encryption algorithm; PEAP-MS-CHAPv2 protocol (Microsoft Challenge Handshake Authentication Protocol version 2).

ATTENTION!

Only two devices are allowed to operate under one login! Other devices operating under the same login are BLOCKED!

To find out whether a specific adapter model supports WPA2, check the manufacturer's website. This recommendation is especially relevant for devices manufactured before 2006.

If your computer does not have a network adapter installed or the adapter does not support the WPA2 standard, you will not be able to connect to the university wireless network.

The manufacturer may provide software to control the adapter. However, some operating systems have a built-in network adapter management interface.

Windows 7 Professional;
Windows XP Professional Service Pack 3.

Windows 7 Professional

Checking whether your computer has a network adapter

To check whether your computer has a wireless network adapter, open the Network Connections component of Control Panel:

Start -> Control Panel -> Network and Internet -> View network status and tasks -> Change adapter settings

The wireless network adapter is labeled "wlan".

To open the Network Connections window on this computer.

To add a wireless network to the list of available networks, open the “Manage Wireless Networks” control panel component:

Start -> Control Panel -> Network and Internet -> View network status and tasks -> Manage wireless networks

In the window that opens, click on the button "Add":

Then select “Create a network profile manually”:

Fill in your wireless network information as shown in the picture below:

A window will open indicating that the wireless network has been successfully added.

Configuring connection settings

To configure connection settings, click “Change connection settings” in the window shown above when adding a wireless network, or open the “Wireless Network Properties” window by selecting the line "Properties" in the wireless network context menu:

On the “Connection” and “Security” tabs of the “Wireless Network Properties” window, set the connection settings settings, as shown in the figures below:

Check the “Remember my credentials for this connection every time I log in” checkbox if the computer is used by one user. If the computer is used by several users, it is better to disable the setting.

Configure the properties of the protected EAP by calling the corresponding window by clicking on the button "Options" on the "Security" tab in the "Wireless Network Properties" window:

Confirm the selection of parameters with the “OK” button.

The network will be added to the list of networks and will become available for connection when the computer is within range of the network.

Connect to a wireless network

The window will display a list of networks within the range of which the computer falls:

In the list of available wireless networks, you can see a symbol that displays the signal strength for each network. The more bars, the stronger the signal. A strong signal (five bars) means that a wireless network is nearby or there is no interference. To improve the signal level, you can move your computer closer to the access point.

To connect to a wireless network, click on the “Connect” button:

During the connection process the following messages will be displayed:

To enter the university network, you need to fill in the user account information in the window provided, i.e. enter your login and password.

For example, below is a completed window for a user with account U0398:

Once connected successfully, the list of wireless networks will show “Connected” and the icon will appear in the notification area.

If the connection fails, check the configured connection settings again. To do this, open the “Wireless Network Properties” window by selecting the “Properties” line in the wireless network context menu:

To disconnect from the network, click the “Disconnect” button:

For more information, visit the Windows 7 Professional Help and Support Center.

Windows XP Professional Service Pack 3

To connect to the university wireless network, you must complete the following steps:

Check if your computer has a wireless network adapter.
Add a wireless network to the list of available networks.
Configure connection settings.
Connect to a wireless network.

Checking whether your computer has a wireless network adapter

To connect your computer to a wireless network, your computer must have a wireless network adapter installed.

To check whether your computer has a wireless network adapter, you need to open “Network Connections”: click on the button Start, select Settings, then Control Panel, find the section "Network connections":

Start -> Settings -> Control Panel -> Network Connections

The adapters installed in the computer will be listed here. The wireless network adapter is labeled “Wireless Network Connection.”

If the device is turned off, you need to turn it on. To do this, right-click the context menu and select “Enable”, or click on the “Enable network device” task.

To turn on this device, you need to be an administrator on this computer.

When the network adapter is turned on, the icon is visible in the notification area.

Adding a wireless network to the list of available networks

To add a wireless network to the list of available networks, you need to open “Network connections”: click on the button Start, select Settings, then Control Panel, find the section "Network connections":

Right-click to open the context menu for the wireless network connection and select the line "Properties", or click on the task "Changing connection settings".

Discovering vulnerable devices and services on a target network without leaving any trace behind it can be difficult because hackers first attack the router before investigating further. However, there is a way to secretly decrypt and view someone's Wi-Fi activity without connecting to their wireless network.

If you first look at what hackers do with routers, they usually involve various brute force attacks for WPA handshakes or Wi-Fi password phishing. Once they receive the credentials, they immediately begin investigating the compromised network using various tools and techniques.

Port scanners create a lot of noise on wireless networks. Man-in-the-Middle attacks can be overly aggressive and alert users and administrators to the presence of a hacker on the network. Routers keep logs of information about each device that connects to the network. Every action you take while connected to the network can somehow lead to you being discovered on a compromised router.

Therefore, it is best not to connect to the Wi-Fi router at all. In this article, we'll take a closer look at how hackers intercept packets (as they are transmitted to or from the router) and decrypt WPA2 traffic in real time. This information is important for those of you who want to become IT security professionals.

How does this attack work?

Data is sent to and from the router by laptops and smartphones via encrypted radio waves. These radio waves transmit data over the air. The transmitted data is not visible to the human eye, but can be collected using tools such as Airodump-ng. The collected data can then be analyzed using Wireshark.

Wireshark is the most advanced and widely used network analyzer in the world. This gives users the ability to see what's happening on networks at a microscopic level. That's why Wireshark is a network inspection tool used by commercial and non-profit organizations, government agencies, and educational institutions.

One of the great features of Wireshark allows hackers to decipher and view router activity transmitted over the air in plain text, and that's exactly what we'll cover in this article.

Step 1: Find your target network

Airodump-ng is available on all popular Linux distributions and will run on virtual machines and Raspberry Pi. We will use Kali Linux to collect data belonging to a Wi-Fi router that we control ourselves. If you have never used Airdodump-ng before, then you can learn the basics of working with it from our articles on the site.

To enable monitoring mode on the wireless adapter, use the following command:

Airmon-ng start wlan0

Find your target network. To view all available Wi-Fi networks nearby, use the command below. We'll be focusing on our "Null Byte" router as an example.

Airodump-ng wlan0mon

Pay attention to BSSID, CH and ESSID. This information is necessary to collect data sent to the router.

Step 2. Collect Wi-Fi data

To start collecting data belonging to the target network, enter the command below, replacing the relevant parts with the ones you are working with:

Airodump-ng --bssid MacTarget Address --essid Router Name -c Channel Number -w Where to Save Data wlan0mon

We will save the collected data in the /tmp directory in a file called “null_byte” using the -w argument. Airodump-ng will automatically append a number to the end of the filename, so it will actually be saved in the /tmp directory as "null_byte-01.cap".

Here's what to expect from a working Airodump-ng terminal:

The most important thing to look at carefully is the WPA handshake in the top right corner. Wireshark must complete the handshake successfully so that Wi-Fi traffic can be decrypted later. To force devices to disconnect from the network, you can use Aireplay-ng. Completing this task will require reconnecting devices to the network and successfully completing the WPA handshake, but this may raise suspicion among users already connected to the network.

As long as the Airodump-ng terminal is running, data will continue to accumulate. The Airodump-ng terminal can operate for hours or even days. In our Airodump-ng demo session, we allowed packet collection for 15 minutes. The time that Airodump-ng has been running can be seen in the top left corner of the terminal.

Notice the #Data column in the above screenshot. This number indicates how many data packets were collected. The higher the number, the more likely it is that hackers will discover sensitive information that can be used to "pivot" into the network or further compromise the target.

Once enough data has been collected, the Airodump-ng session can be stopped by pressing Ctrl + C. There will now be a file "null_byte-01.cap" (or a file with the name you chose for it) in the /tmp directory. This .cap file will need to be opened using Wireshark.

Step 3: Install the latest version of Wireshark

By default, Wireshark is included in almost all versions of Kali. There are a few versions that don't include Wireshark, so here's a quick rundown of how to install it in Kali.

First, run the apt-get update command to ensure that the latest version of Wireshark is available for download. Open a terminal and enter the command below:

Sudo apt-get update

Then use the following command to install Wireshark:

Sudo apt-get install wireshark

You can use && characters between two commands as shown in the screenshot above. This will instruct the terminal to first sync the package index with the Kali repositories. And then, after the update is successful, she will install Wireshark.

Step 4: Launch Wireshark

Once this is done, Wireshark can be found under the Sniffing & Spoofing category in the Applications menu. To launch Wireshark, simply click on the icon.

Step 5: Configure Wireshark to Decrypt Data

To configure Wireshark to decrypt data found in a .cap file, click the Edit button on the top menu bar, then go to Preferences and expand the Protocols drop-down menu.

Then scroll down and select "IEEE 802.11". The “Enable decryption” checkbox must be checked. Then click on the “Edit” button to add decryption keys for a specific Wi-Fi network.

A new window will appear. Here you will need to specify the password and router name. You must enter your credentials by separating the password and router name with a colon (for example, password: router_name).

First select Key type "wpa-pwd". This key type is required to set the WPA password in plain text. The "Null Byte" Wi-Fi network password is a long encoded string, so we entered "bWN2a25yMmNuM2N6amszbS5vbmlvbg ==: Null Byte" in the Key column. Another example would be "Wonderfulboat555:NETGEAR72", where "Wonderfulboat555" is the password to the router named "NETGEAR72".

When you do this, click OK to save your credentials. Wireshark will now automatically start decrypting data belonging to the Wi-Fi network "Null Byte" when the .cap file is imported.

Step 6: Perform Deep Packet Inspection (DPI)

To import a .cap file into Wireshark, click the File menu and then click Open. The .cap file can be found in the /tmp directory. Select it, then click "Open". Depending on how long the Airodump-ng terminal has been collecting data, it may take several minutes for Wireshark to import and decrypt all the data.

Once the .cap file is opened in Wireshark, you can see thousands of lines of raw web traffic. This sight can be somewhat frightening. Luckily, Wireshark has Display Filters that you can use to control and filter out packets you don't want. There are many cheat sheets online for these display filters to help Wireshark users find relevant and sensitive data. But today we'll look at some of the most useful display filters that hackers use to check the activity happening on the network.

1. Search for POST request data

An HTTP POST request is often used when uploading a file to a server or transferring logins and passwords on websites. When someone logs into Facebook or posts a comment at the bottom of this article, it is done using a POST request.

The POST data in the .cap file most likely contains the most compromising and revealing data. Hackers can find usernames (logins), passwords, real names, home addresses, email addresses, chat logs and much more. To filter POST request data, enter the string below into the display filter panel:

Http.request.method == "POST"

In our example, we signed up for a random website we found on the Internet. It would be naive to think that anyone would request email notifications from their favorite news sites.

If POST requests were found in the .cap file, the Info column will display which rows contain POST request data. Double-clicking on one of the lines will cause a new Wireshark window to appear containing additional information. Scroll down and expand the "HTML Form" drop-down to analyze the data.

After analyzing the collected data from this one POST request, we found a lot of information belonging to some user on the network.

The collected data includes first name, last name and email address, which can later be used for phishing and targeted hacks.

Additionally, the website has a required password field that can be added to password lists or for brute force attacks. It's not uncommon for people to use passwords for multiple accounts. Of course, it is possible that the password will give the attacker access to the Gmail account, which can also be found in the POST request data.

We also see that in this data there is the name of the company where Christopher Hadnagy presumably works. This information can be used by the hacker for subsequent social engineering measures.

Scrolling through the POST request data a little further, even more interesting information appears. Full home address, zip code and telephone number. This can give the hacker information about which house the Wi-Fi router belongs to and the phone number, which can also be used later for social engineering if the hacker decides to send fake SMS messages, for example.

2. Search for GET request data

An HTTP GET request is used to retrieve or download data from web servers. For example, if someone views my Twitter account, their browser will use a GET request to retrieve data from the twitter.com servers. Checking the .cap file for GET requests will not yield usernames or email addresses, but it will allow the hacker to develop a comprehensive profile of website browsing habits.

To filter GET request data, enter the following line in the display filter panel:

Http.request.method == "GET"

Many websites add .html or .php to the end of their URLs. This could be an indicator of a website being viewed by someone on a Wi-Fi network.

It might be useful to filter out GET requests related to CSS and fonts, since these types of requests happen in the background when you browse the Internet. To filter CSS content, use a Wireshark filter like this:

Http.request.method == "GET" && !(http.request.line matches "css")

Here && literally means “and”. The exclamation mark (!) here means "no", so Wireshark is instructed to only display GET requests and not display those HTTP request lines that match the css in any way. This line successfully filters out any useless information associated with regular web resources.

By clicking on one of these lines to explore the HTTP data, you will get more detailed information.

We see that the target is using a Windows computer whose User-Agent is the Chrome browser. As for hardware reconnaissance, such information is very valuable. Hackers can now with a high degree of certainty generate the most suitable payload for this user, specific to the Windows operating system used.

The "Referer" field tells us what site the user was viewing immediately before viewing tomsitpro.com. This most likely means that they found the article "white hat hacker career" through a search query on duckduckgo.com.

A “Referrer” field containing DuckDuckGo instead of the usual Google could indicate that this user is responsible about their privacy, since Google is known for having aggressive policies that are harmful to its customers. This is information that hackers will take into account when creating a targeted payload.

3. Lookup DNS data

By default, encrypted internet traffic will be sent on port 443. You might think that to better understand what sites are being viewed, it would be good to use the tcp.port == 443 display filter, but this usually shows up as raw IP addresses in a column destination, which is not very convenient for quickly identifying domains. In fact, a more effective way to identify websites sending and receiving encrypted data is to filter DNS queries.

The Domain Name System (DNS) is used to translate common website names into machine-readable IP addresses such as https://104.193.19.59. When we visit a domain like google.com, our computer converts the human-readable domain name into an IP address. This happens every time we use a domain name when browsing websites, sending email or chatting online.

Analyzing the .cap file for DNS queries will further help hackers understand which sites are frequently visited by people connected to this router. Hackers can see domain names belonging to websites sending and receiving encrypted data to or from these sites, such as Facebook, Twitter and Google.

To filter DNS data, enter the command below in the display filter field:

Looking at DNS queries can provide us with some interesting information. We can clearly see that this user was browsing travel websites such as expedia.com and kayak.com. This may mean that he will soon go on vacation for a long period of time.

This data is encrypted so that hackers cannot learn flight information or departure details, but using this information to send phishing messages can help a hacker socially engineer a user into revealing personal or financial information.

For example, if DNS queries for a specific bank's website are detected, hackers could spoof an email from that bank and trick the user into making a large Expedia credit card transaction. The fake email may also contain precise information about the target, a link to a fake banking site (controlled by hackers), etc.

How to protect personal data from hackers

At first glance, all the personal data found in the .cap file looks quite innocent. But after analyzing just a few packages, we learned the real name, login, password, email address, home address, phone number, hardware manufacturer, operating system, browser, browsing habits of certain web pages and much more.

All this data was collected even without connecting to a router. Users had no way of even knowing that this had happened to them. All this data can be used by attackers to launch a complex and highly targeted hack against companies or individuals.

Please be aware that all personal information disclosed in this article is also available to Internet Service Providers (ISPs). Readers should be aware that DPI is performed by ISPs every day. To protect yourself from this:

Use stronger passwords. Carrying out brute force to crack light passwords is the main method of hackers to gain access to Wi-Fi routers.
Use a VPN. By using an encrypted connection between you and the VPN provider, all the data we found in this article would not be available to hackers. However, if the VPN provider logs or performs DPI, then all the data would also be easily accessible to hackers.
Use Tor. Unlike a VPN, the Tor network is built on a different security model that does not transfer our data to a single network or ISP.
Use SSL/TLS. Transport Layer Security - Transport Layer Security (HTTPS) will encrypt your web traffic between your browser and the website. Tools like , can help encrypt all your web browser traffic.

Denial of responsibility: This article is written for educational purposes only. The author or publisher did not publish this article for malicious purposes. If readers would like to use the information for personal gain, the author and publisher are not responsible for any harm or damage caused.

I’m not very good at publishing on the topic of legislation and “paper” security, so I’ll try myself in a different genre - let’s talk about practical security. The topic of today's post will be the dangers of using other people's Wi-Fi networks.
I think many experts are already familiar with this topic, but they may also find something new for themselves in this article.

Let's start the conversation with open Wi-Fi networks, so beloved by many for the absence of passwords, availability in many public places and, usually, good Internet speed (when compared with access via mobile networks). But open networks are fraught with great danger - all traffic literally “floats in the air”, there is no encryption or protection from interception. Any user without special knowledge, using ready-made programs, can intercept and analyze all your traffic.

Let's see how this works - to demonstrate, I set my home access point to open network mode:

Then, I connected to this network from a laptop and from an Android tablet, I installed the Intercepter-NG application on the tablet, it is also available for Windows. The application requires super-user rights; after launch, the start window invites you to scan the computers available in the area of visibility:

Having marked my laptop (IP 192.168.0.101), I go to the next screen and start packet interception. After that, I open Yandex on my laptop:

The sniffer confidently caught the opening of pages, and if you go to the tab with the cookie image, you can view a list of all my Cookies that my browser on the laptop sent and received when browsing sites. At the same time, by clicking on any of the lines, Intercepter-NG opens the browser and inserts the intercepted Cookies, thus, without even catching the moment of authorization of the victim on the site of interest, you can enter its open session. This type of attack is called “session hijacking” - “stealing” a session.

So, I demonstrated in practice that there is no protection in principle in an open Wi-Fi network. But the title of this post says “foreign” Wi-Fi networks, not “open” ones. Let's move on to another aspect of wireless security - intercepting traffic inside a closed network. I reconfigured the router by enabling WPA2 with a pre-shared key (this type of Wi-Fi network protection is used in 80% of access points):

I connect to the network again from the laptop and tablet and launch Intercepter-NG again - when scanning it sees the laptop again - I select it and start traffic interception, in parallel from the laptop I go to several sites with HTTP-Basic authorization, and this is what I see on the tablet:

The traffic was successfully intercepted - the “attacker” now knows my password to the router’s web interface and another site. In addition, session hijacking works the same way - after all, all traffic is intercepted.
When using WEP and WPA, everything is very simple; the same keys are used to encrypt different devices on the same network. Since the “attacker” also knows this key and sits on the same network, he still intercepts all traffic and decrypts it with a familiar key.
I used WPA2, in which this problem was solved and clients use different encryption keys, but it contains a serious vulnerability and, knowing the authorization key and intercepting a certain set of packets, you can reveal the so-called Pairwise Transient Key - the key that encrypts the traffic for the traffic we are interested in client.

As practice has shown, the problem can be partially solved by enabling the AP Isolation option, which is supported by most modern Wi-Fi routers:

However, this is not a panacea; the ability to intercept using Intercepter-NG for Android disappears, but more functional utilities, for example, Airodump-ng continue to work. I did not study in more detail the difference in the operation of these utilities and the reasons why Intercepter-NG does not work, postponing this topic for later. In addition, it is impossible to find out whether isolation is enabled on the network to which you are connecting (for example, in a cafe or at an event) without a practical test.

We have figured out the dangers of using other people's Wi-Fi networks, but the issue of protection remains. There are quite a few methods, the main idea is additional encryption of all traffic, and there are enough implementation methods - strict use of SSL wherever possible (HTTPS, SSH, SFTP, SSL-POP, IMAP4-SSL, etc.), connection via VPN , the use of a distributed encryption network such as TOR and so on. This topic is quite extensive and deserves a separate post.

To protect your Wi-Fi network and set a password, you must select the type of wireless network security and encryption method. And at this stage, many people have a question: which one to choose? WEP, WPA, or WPA2? Personal or Enterprise? AES or TKIP? What security settings will best protect your Wi-Fi network? I will try to answer all these questions within the framework of this article. Let's consider all possible authentication and encryption methods. Let's find out which Wi-Fi network security parameters are best set in the router settings.

Please note that security type, or authentication, network authentication, protection, authentication method are all the same thing.

Authentication type and encryption are the main security settings for a wireless Wi-Fi network. I think that first we need to figure out what they are, what versions there are, their capabilities, etc. After which we will find out what type of protection and encryption to choose. I’ll show you using the example of several popular routers.

I highly recommend setting up a password and protecting your wireless network. Set the maximum level of protection. If you leave the network open, without protection, then anyone can connect to it. This is primarily unsafe. And also an extra load on your router, a drop in connection speed and all sorts of problems with connecting different devices.

Wi-Fi network protection: WEP, WPA, WPA2

There are three protection options. Of course, not counting "Open" (No protection).

WEP(Wired Equivalent Privacy) is an outdated and insecure authentication method. This is the first and not very successful method of protection. Attackers can easily access wireless networks that are protected using WEP. There is no need to set this mode in the settings of your router, although it is present there (not always).
WPA(Wi-Fi Protected Access) is a reliable and modern type of security. Maximum compatibility with all devices and operating systems.
WPA2– a new, improved and more reliable version of WPA. There is support for AES CCMP encryption. At the moment, this is the best way to protect a Wi-Fi network. This is what I recommend using.

WPA/WPA2 can be of two types:

WPA/WPA2 - Personal (PSK)- This is the usual authentication method. When you only need to set a password (key) and then use it to connect to a Wi-Fi network. The same password is used for all devices. The password itself is stored on the devices. Where you can view it or change it if necessary. It is recommended to use this option.
WPA/WPA2 - Enterprise- a more complex method that is mainly used to protect wireless networks in offices and various establishments. Allows for a higher level of protection. Used only when a RADIUS server is installed to authorize devices (which gives out passwords).

I think we have figured out the authentication method. The best thing to use is WPA2 - Personal (PSK). For better compatibility, so that there are no problems connecting older devices, you can set the WPA/WPA2 mixed mode. This is the default setting on many routers. Or marked as "Recommended".

Wireless Network Encryption

There are two ways TKIP And AES.

It is recommended to use AES. If you have older devices on your network that do not support AES encryption (but only TKIP) and there will be problems connecting them to the wireless network, then set it to "Auto". TKIP encryption type is not supported in 802.11n mode.

In any case, if you install strictly WPA2 - Personal (recommended), then only AES encryption will be available.

What protection should I install on my Wi-Fi router?

Use WPA2 - Personal with AES encryption. Today, this is the best and safest way. This is what the wireless network security settings look like on ASUS routers:

And this is what these security settings look like on routers from TP-Link (with old firmware).

You can see more detailed instructions for TP-Link.

Instructions for other routers:

If you don’t know where to find all these settings on your router, then write in the comments, I’ll try to tell you. Just don't forget to specify the model.

Since older devices (Wi-Fi adapters, phones, tablets, etc.) may not support WPA2 - Personal (AES), in case of connection problems, set the mixed mode (Auto).

I often notice that after changing the password or other security settings, devices do not want to connect to the network. Computers may receive the error "The network settings saved on this computer do not meet the requirements of this network." Try deleting (forgetting) the network on the device and connecting again. I wrote how to do this on Windows 7. But in Windows 10 you need .

Password (key) WPA PSK

Whatever type of security and encryption method you choose, you must set a password. Also known as WPA key, Wireless Password, Wi-Fi network security key, etc.

Password length is from 8 to 32 characters. You can use letters of the Latin alphabet and numbers. Also special characters: - @ $ # ! etc. No spaces! The password is case sensitive! This means that "z" and "Z" are different characters.

I do not recommend setting simple passwords. It is better to create a strong password that no one can guess, even if they try hard.

It is unlikely that you will be able to remember such a complex password. It would be nice to write it down somewhere. It’s not uncommon for Wi-Fi passwords to be simply forgotten. I wrote in the article what to do in such situations: .

If you need even more security, you can use MAC address binding. True, I don’t see the need for this. WPA2 - Personal paired with AES and a complex password is quite enough.

How do you protect your Wi-Fi network? Write in the comments. Well, ask questions :)

The need to create a virtual hotspot on a laptop may arise for various reasons. For some, it is important to share Internet access via a 3G or WiMax modem for other wireless devices. And someone wants to make a fake access point (Rogue AP) and, luring clients, snatch their traffic. But few people know that the ability to do this is built into Windows itself!

With the advent of 3G network coverage from mobile operators, I began to use the mobile Internet more and more often. If you work via a USB modem, you can often achieve a fairly tolerable connection. Moreover, such devices are very cheap and are sold complete with very reasonable tariffs that will not ruin you on the first day of use. One of the problems that I became confused about after purchasing a 3G modem was organizing a hotspot from my laptop so that I could distribute mobile Internet to other wireless devices via Wi-Fi.

Mac OX X

In Mac OS X, it probably won’t be possible to make a standard adapter work in Infrastructure mode. But you can share the Internet for one single client who connects to a MacBook via a wireless network without even going into the console.

How to make life easier?

So, to raise a full-fledged hotspot, we only needed a few commands in the console and a couple of mouse clicks. But I hasten to disappoint you: immediately after rebooting or logging out of the system (even into sleep mode), all operations will have to be done again. It's inconvenient and tiring. Fortunately, there were many developers who read the MSDN article about Wireless Hosted Network and implemented utilities to make setting up a software hotspot easier and more understandable.

I recommend two: Virtual Router and Connectify. Both are free and allow you to select a connection through a convenient GUI interface that you want to share using a software access point, and then raise the hotspot in two clicks. In this case, you do not need to enter the SSID and network key every time: everything will work even after a reboot.

Virtual Router provides a minimum of functionality and has not been developed for a long time, but it is distributed as open source (a good example of using the corresponding API calls of the system). This is essentially a graphical version of netsh commands.

The Connectify utility is much more sophisticated. To implement additional features not provided by the standard capabilities of Windows, it even has to install virtual devices and drivers into the system. And it bears fruit. For example, you don’t have to bind the WPA2-PSK/AES encryption type to the hardwired Wireless Hosted Network: if you want, create at least an open hotspot. This is especially important to clone the parameters of an existing wireless network (for example, to expand its range or create a fake access point). In addition, Connectify has a built-in UPnP server and allows you to share your VPN connection (including OpenVPN). With such capabilities, your virtual hotspot will definitely find application.

But to make it easier to understand in what situations it is needed, we have prepared for you a selection of the most popular cases. You can read about them in the sidebar.