I realize you are speaking in jest, but for those who might consider this approach as a means of drumming up business, you may want to give some thought.
Connecting to a network to which you have no reason nor any right to connect can be considered hacking, and you could be subject to prosecution, ironically by an organization that is asking for trouble anyway.Just because I don't have locks on my doors does not mean it's ok for you to walk into my home any time you please. Please be careful how you approach a company when you have discovered by accident a particularly egregious vulnerability. Tom ""Dan Penn"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > You have given me an idea. All I need is a laptop now =) I would go > war driving in the area to specifically find businesses running > unsecured wireless. I bet I would find some businesses that didn't even > know they were running wireless such as this thread started out. > > Dan > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Stephen Manuel > Sent: Tuesday, June 25, 2002 10:02 AM > To: [EMAIL PROTECTED] > Subject: Re: Rogue Wireless LANs [7:47287] > > Neil and others, > > Recently I installed in my home a linksys wireless router/switch/ap, it > works great, yes I have wep enabled. > > After installing the equipment, I became really interested in wireless > networking, reading some books, looking for a certification track, > scouring > websites, etc... > > I downloaded netstumbler and acquired all the necessary equipment to do > some > serious wardriving. I've logged over 300 AP's, mapped them using > Stumverter > and MS Mappoint 2002, it gets down to what side of the street the AP was > on, > just to add a little spice to the situation, I've got netstumbler to > play a > .wav file when it finds an AP. > > Amazingly, 75% of the AP's I've found don't have web enabled. A rather > large > number of the AP's use the company name as the SSID or use the vendor > default SSID, ie. tsunami for Cisco. > > I'm convinced this whole area of wireless networking is wide open to be > farmed for business. I've been trying formulate a business plan to > approach > businesses to help them install a wireless infrastructure properly and > setup > security measures for those companies already in the wireless business > without implementing security. > > What my research has shown me so far is that without upper managements > support for strict policies with regards to the installation of AP's the > company is playing a game of russian roulette because the current > Wireless > Implementation is FULL of security holes. > > Depending on how much security you want to implement here's what I would > recommend. > > Enable WEP - however airsnort a linux utility can crack wep in a > relatively > short time > > Disable the SSID Broadcast - most AP's have this option, this will > prevent > netstumbler from picking up the presence of the AP which makes it a > little > more difficult to associate with the AP. Kismet is a linux utility that > will > still detect the presence of the AP by passively sniffing for the > wireless > packets. > > MAC Filtering - enable it but most AP and Wireless cards allow you to > spoof > the MAC address, meaning a wireless sniffer like ethereal can sniff out > a > few MAC addresses and a hacker can use one to gain access. > > Place the AP outside of the firewall > > Create VPN access for those wireless clients needing access to internal > servers. > > I'm sure others have done work in this area and can add to the > discussion. > > BTW, interesting enough the first 3 companies I approached about the > unsecure AP's, 1 denies having wireless networking installed, 2 ignored > me. > > HTH, > > Stephen Manuel > > > > > ----- Original Message ----- > From: "Neil Borne" > To: > Sent: Tuesday, June 25, 2002 8:52 AM > Subject: Re: Rogue Wireless LANs [7:47287] > > > > The problem that I am coming accross is that some of my customers take > the > > wireless gear outta the box and plug it in and when they figure that > work > > with factory defaults they leave it alone....then all of a sudden > someone > > pulls up in the front yard and starts snooping around. > > > > One thing you can do is WEP and depending on the vendor try some > filtering > > by mac, ssid, or protocol... > > > > > > You will have do some serious lockdown measures when its a internal > user > as > > opposed to outside users....... > > > > > > But like the last email stated if things get bad use netstumbler but > be > > careful from the last I heard it works with only some wireless > cards... > > > > > > >From: "Patrick Donlon" > > >Reply-To: "Patrick Donlon" > > >To: [EMAIL PROTECTED] > > >Subject: Rogue Wireless LANs [7:47287] > > >Date: Mon, 24 Jun 2002 11:48:48 -0400 > > > > > >I've just found a wireless LAN set up by someone in the building, I > found > > >it > > >by chance when I was checking something with a colleague from another > dept. > > >The WLAN has zero security which is not a surprise and lets the user > into > > >the main LAN in the site with a DHCP address served up too! Does > anyone > > >have > > >any tips on preventing users and dept's who don't think about > security > from > > >plugging whatever they like into the network, > > > > > >Cheers > > > > > >Pat > > > > > > > > > > > >-- > > > > > >email me on : [EMAIL PROTECTED] > > _________________________________________________________________ > > Get your FREE download of MSN Explorer at > http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47402&t=47287 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
