Wifi Protector 1.4.5

Detects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle).

Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning.

Don't allow such tools to break your privacy and steal your data. You can defend yourself with a single app.

Allows secure usage of Facebook, Twitter, LinkedIn, Live.com, eBay ...

WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access.

Features

- No configuration required, works off the shelf for novices
- Experts can change many settings to adapt the app to their needs
- Undetectable by the bad guy
- 100% silent and passive inside the network. Generates no noise
- Highly customizable notifications
- Plays ringtone on attack (optional)
- Vibrates in a given pattern on attack (optional)
- Easy to use one-click-interface as well as detailed network view for experts
- "Immunity" protects you without disabling Wi-Fi (root required)
- Can also disable Wi-Fi if you don't have root access to your phone
- Logging of all spoofing attempts with details about the network and the attacker
- Works in complex wireless LANs, like vWLAN and WDS (please see FAQ)
- Detects networks already under attack
- Automatic countermeasures
- Uses very few resources
- Uses no resources if Wi-Fi is disabled
- Nearly zero battery consumption
- Requires very few permissions. Requests only absolutely necessary permissions

FAQ

Q: What is the ARP cache?
A: The ARP cache is a temporary storage on your phone that holds pairs of IP and MAC addresses that belong together.

Q: What is ARP cache poisoning?
A: ARP cache poisoning is a method to inject false information into your phone's ARP cache by sending forged packets to the (Wifi) network.

Q: What is DOS attack (Denial Of Service) through ARP cache poisoning?
A: An attacker changes the ARP cache on your phone in a way that invalid MAC addresses are associated with certain IP addresses. Very popular is to inject a false MAC address for the default gateway of your phone. This is an effective way to prevent your phone from accessing the internet. The attack is very lightweight, so a single attacker can disturb large networks. With Wifi Protector on a rooted phone you are immune to this kind of attack.

Q: What is MITM attack (Man In The Middle) through ARP cache poisoning?
A: Like in DOS attacks an attacker changes the MAC address of your phone's default gateway in your phone's ARP cache. Instead of injecting an invalid MAC address he places the MAC address of his own device into the cache. If possible, he also poisons the ARP cache of the default gateway in the Wifi network and changes the MAC address associated with your phone's IP address in the gateway's ARP cache. If the default gateway is vulnerable, the attacker has established a full-routing MITM. He can now read and change everything you send and receive over the network, in some special cases even if you use encryption. If the default gateway is not vulnerable, the attacker has established a half-routing MITM. He can then read and change everything you send, but not the data you receive. With Wifi Protector on a rooted phone you are immune against half-routing and - to some extent - against full-routing MITM. In the full-routing MITM scenario Wifi Protector prevents the attacker to read and change everything you send, but not the data to receive. In any cases you get an alarm.

For questions, suggestions, feature requests, feel free to visit the forum.