Re: RE: Wireless Security

[Alloishus BeauMains <all0i5hu5 () gmail com>]

There are some recent court cases prosecuting folks for using
unsecured networks. Not alleged, but actually found guilty.

As far as I read from those cases, and much to the dismay of the
computer security community as a whole, security of the actual network
did not matter.

Attractive nuisance has not been upheld in court, as far as computer
security goes.


On 10/18/05, Dave Bush <hockeystatman () gmail com> wrote:
> On 10/17/05, Herman Frederick Ebeling, Jr. <hfebelingjr () lycos com> wrote:
> >  Yep, which is why I was thinking that one should be able to use Network
> > Neighborhood to glean any and all information
> > about who they are.
>
>  If something happens that an attacker doesn't show up in Network
> Neighborhood, remember the benefits of the command line tools that are
> out there. (Yes, even for Windows!)
>
>  nbtstat -A <ip address of rogue system>
>
>  That'll give you output similar to this:
>
>  U:\>nbtstat -A 10.1.58.56
>
>  Local Area Connection:
>  Node IpAddress: [10.1.58.56] Scope Id: []
>
>            NetBIOS Remote Machine Name Table
>
>        Name               Type         Status
>     ---------------------------------------------
>     DBUSH-XPNB     <00>  UNIQUE      Registered
>     [REMOVED]        <00>  GROUP       Registered
>     DBUSH-XPNB     <20>  UNIQUE      Registered
>     [REMOVED]        <1E>  GROUP       Registered
>
>     MAC Address = 00-0F-1F-C8-DD-51
>
>
>  Under type, 00 UNIQUE is the workstation service and 00 GROUP is the
> domain name. (Not that it really matters, but I removed the domain
> name references above.) Type 20 UNIQUE is the file server service.
> Here's a good reference I found by Googling:
>
>  http://is-it-true.org/nt/atips/atips274.shtml
>
>  As for the questions that originally started this - I'M NOT A LAWYER
> - but I'd think that leaving a wireless access point unconfigured so
> that anyone could connect to it could be considered an attractive
> nuisance. (Let's go back to Business Law from undergrad, shall we?)
>
>  An attractive nuisance is defined as something that attracts children
> but also endangers their safety. I'd think that the legal definition
> is more along the lines of physical safety, like an unfenced swimming
> pool. I'm guessing that some lawyer could extend an open wireless
> access point to be an attractive nuisance though.
>
>  Let's guess that little Joey connects to an access point that Martha
> was too inexperienced or lazy to properly configure. Joey goes online,
> buys some veterinarian grade Viagra, and manages to turn his leg into
> solid concrete thus ruining his potential football career. An
> ambulance chasing lawyer would love to argue the fact that Joey
> couldn't have done that if Martha had taken the steps necessary to
> prevent Joey from accessing her network.
>
>  Now, if Martha could prove that she'd at a minimum encrypted her
> network with WEP then it's going to be much, much more difficult for
> that lawyer to prove his point. Martha did put up a "fence" to protect
> her network by implementing WEP. Joey had to bring his fence cutters
> (in the form of AirSnort) in order to get into a place he should have
> reasonably known he wasn't supposed to be in.
>
>  Could Martha shoot Joey for being in her pool? Not unless he was
> threatening Martha in such a way as she felt she had to protect
> herself. Along the same lines, sorry - you can't legally retaliate
> against someone using your wide open wireless access point. The best
> you can do is lock them out in some way (MAC filtering, WEP, etc.) to
> tell them to stay out.
>
>  This is for active connections folks. Anyone can passively monitor
> traffic on your network as long as they can pick up your signal. I'm
> taking a class that's basically a wireless hacking class as part of my
> Masters, and I've already had a nice conversation with the police when
> they were wondering what I was doing outside of Home Depot at 10:45 PM
> on a Saturday night. (Sitting far back in their parking lot,
> monitoring their broadcast beacons with AiroPeek, and guessing that
> they're using a Cisco proprietary encryption protocol to protect
> themselves.) When the cops asked what I was doing, I told them
> homework and explained exactly what I was doing. Because I was
> passively monitoring signals that were being sent all over the area,
> there was nothing they could do. The second I start trying to break
> into the network though it's, "Hello Mr. Handcuffs."
>
>  Again, I'm not a lawyer, but I'd think that leaving an access point
> wide open is an invitation not only to be hacked, but to also possibly
> find yourself in court because some dumb kid got in trouble via your
> connection.
>
>  CYA folks!
>
> --
> Dave Bush <hockeystatman () gmail com>
>
> There are two seasons in my world - Hockey and Construction