>You have given me an idea. All I need is a laptop now =) I would go >war driving in the area to specifically find businesses running >unsecured wireless. I bet I would find some businesses that didn't even >know they were running wireless such as this thread started out. > >Dan
I'd get some legal advice, or at least talk to the FCC, about whether this would be a violation of the Communications Act of 1934. I _think_ it would be OK as long as you didn't disclose message content. > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of >Stephen Manuel >Sent: Tuesday, June 25, 2002 10:02 AM >To: [EMAIL PROTECTED] >Subject: Re: Rogue Wireless LANs [7:47287] > >Neil and others, > >Recently I installed in my home a linksys wireless router/switch/ap, it >works great, yes I have wep enabled. > >After installing the equipment, I became really interested in wireless >networking, reading some books, looking for a certification track, >scouring >websites, etc... > >I downloaded netstumbler and acquired all the necessary equipment to do >some >serious wardriving. I've logged over 300 AP's, mapped them using >Stumverter >and MS Mappoint 2002, it gets down to what side of the street the AP was >on, >just to add a little spice to the situation, I've got netstumbler to >play a >.wav file when it finds an AP. > >Amazingly, 75% of the AP's I've found don't have web enabled. A rather >large >number of the AP's use the company name as the SSID or use the vendor >default SSID, ie. tsunami for Cisco. > >I'm convinced this whole area of wireless networking is wide open to be >farmed for business. I've been trying formulate a business plan to >approach >businesses to help them install a wireless infrastructure properly and >setup >security measures for those companies already in the wireless business >without implementing security. > >What my research has shown me so far is that without upper managements >support for strict policies with regards to the installation of AP's the >company is playing a game of russian roulette because the current >Wireless >Implementation is FULL of security holes. > >Depending on how much security you want to implement here's what I would >recommend. > >Enable WEP - however airsnort a linux utility can crack wep in a >relatively >short time > >Disable the SSID Broadcast - most AP's have this option, this will >prevent >netstumbler from picking up the presence of the AP which makes it a >little >more difficult to associate with the AP. Kismet is a linux utility that >will >still detect the presence of the AP by passively sniffing for the >wireless >packets. > >MAC Filtering - enable it but most AP and Wireless cards allow you to >spoof >the MAC address, meaning a wireless sniffer like ethereal can sniff out >a >few MAC addresses and a hacker can use one to gain access. > >Place the AP outside of the firewall > >Create VPN access for those wireless clients needing access to internal >servers. > >I'm sure others have done work in this area and can add to the >discussion. > >BTW, interesting enough the first 3 companies I approached about the >unsecure AP's, 1 denies having wireless networking installed, 2 ignored >me. > >HTH, > >Stephen Manuel > > > > >----- Original Message ----- >From: "Neil Borne" >To: >Sent: Tuesday, June 25, 2002 8:52 AM >Subject: Re: Rogue Wireless LANs [7:47287] > > >> The problem that I am coming accross is that some of my customers take >the >> wireless gear outta the box and plug it in and when they figure that >work >> with factory defaults they leave it alone....then all of a sudden >someone >> pulls up in the front yard and starts snooping around. >> >> One thing you can do is WEP and depending on the vendor try some >filtering >> by mac, ssid, or protocol... >> >> >> You will have do some serious lockdown measures when its a internal >user >as >> opposed to outside users....... >> >> >> But like the last email stated if things get bad use netstumbler but >be >> careful from the last I heard it works with only some wireless >cards... >> >> >> >From: "Patrick Donlon" >> >Reply-To: "Patrick Donlon" >> >To: [EMAIL PROTECTED] >> >Subject: Rogue Wireless LANs [7:47287] >> >Date: Mon, 24 Jun 2002 11:48:48 -0400 >> > >> >I've just found a wireless LAN set up by someone in the building, I >found >> >it >> >by chance when I was checking something with a colleague from another >dept. >> >The WLAN has zero security which is not a surprise and lets the user >into >> >the main LAN in the site with a DHCP address served up too! Does >anyone >> >have >> >any tips on preventing users and dept's who don't think about >security >from >> >plugging whatever they like into the network, >> > >> >Cheers >> > >> >Pat >> > >> > >> > >> >-- >> > >> >email me on : [EMAIL PROTECTED] >> _________________________________________________________________ >> Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47407&t=47287 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
