Security Basics mailing list archives
RE: Wireless Security (Part 2)
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 16 May 2006 11:47:08 -0700
No, for two reasons. 1. You haven't mentioned any way to ensure that the intruder visits that page and sees it, let alone agrees to its conditions. [Technology exists to address this, it's called a "captive portal". So this problem, at least, can be solved.] 2. Can you post a sign on your driveway, giving yourself the right to search any cars that park there that you don't recognize? I don't think so. You have the right to report them to the *police*, who in turn might determine that a search warrant (or one of the few exceptions) is appropriate, but simply arrogating that authority to yourself is risky at best. Really, it would be a whole lot simpler to (a) secure the network in the first place, and (b) ban and/or report any intruder who gets past that security. [If you lock access to a list of MAC addresses, the only way an intruder can get in is to spoof one of those addresses, and so identifying and banning him will be problematic at best.] An awful lot of the intruders I encounter have a NetBIOS name set, so their computer offers me clues about who they are *without* any kind of counter-intrusion on my part. And since they're just looking for free bandwidth, it doesn't take a lot of banning effort before they decide to go somewhere easier. My current "ban" list is not very long, and there's only one entry on there for which the police *will* be called if it shows up again. But that one wasn't just hitching a free Internet connection.... David Gillett
-----Original Message----- From: Ebeling, Jr., Herman Frederick [mailto:hfebelingjr () lycos com] Sent: Monday, May 15, 2006 2:34 PM To: security-basics () securityfocus com Subject: Wireless Security (Part 2) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A few months back we had a discussion going about whether or not a person who has setup a Wi-Fi network for their and their families use. And IF someone illegally connects to said network if the person who setup the network has the right to go into the other person's computer to find out who they are. The consensus is/was that sadly no the person who setup the Wi-Fi network doesn't have the right to go into the intruder's computer to find out who they are. What IF the person who sets up the Wi-Fi network has a web page, or a dialog box that is displayed that says the following whenever a new computer signs onto the network: WARNING You have connected to a PRIVATE COMPUTER NETWORK IF you were NOT invited to join the network then leave now. IF you continue to use the network, know that by doing so you consent to having your computer inspected for the purpose of finding out who you are so that the proper authorities can be notified. IF you leave now no actions will be taken, but IF you continue then the appropriate actions WILL be taken, you have been WARNED. This is your ONLY warning, leave NOW. Also know that along with your name your computers MAC address will also be recorded, and blocked in the future. If the above is setup as a web page then the capitalized words would be in bold as well as red to catch the person's attention. Also with the above they wouldn't be able to say that they weren't warned, correct? - ----- Herman Live Long and Prosper ___________________ _-_ \==============_=_/ ____.---'---`---.____ \_ \ \----._________.----/ \ \ / / `-_-' __,--`.`-'..'-_ /____ ||- `--.____,-' -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 Comment: Space the Final Frontier iQA/AwUBRGjzqx/i52nbE9vTEQL2VgCfa6k5g7v+iXyLAWn8x0C4puoejFIAnA0l pyeqL5W4eOfzDQCLuHEk31Q/ =c+u5 -----END PGP SIGNATURE-----
Current thread:
- Wireless Security (Part 2) Ebeling, Jr., Herman Frederick (May 15)
- RE: Wireless Security (Part 2) Murad Talukdar (May 16)
- RE: Wireless Security (Part 2) Ebeling, Jr., Herman Frederick (May 17)
- Re : Wireless Security (Part 2) Maxime COSTE (May 16)
- RE: Wireless Security (Part 2) David Gillett (May 16)
- Re: Wireless Security (Part 2) Ian Scott (May 17)
- Re: Wireless Security (Part 2) Ansgar -59cobalt- Wiechers (May 17)
- RE: Wireless Security (Part 2) Ebeling, Jr., Herman Frederick (May 20)
- Re: Wireless Security (Part 2) Ansgar -59cobalt- Wiechers (May 20)
- RE: Wireless Security (Part 2) Ebeling, Jr., Herman Frederick (May 20)
- <Possible follow-ups>
- RE: Wireless Security (Part 2) Craig Wright (May 16)
- RE: Wireless Security (Part 2) Steve Armstrong (May 16)
- RE: Wireless Security (Part 2) Ebeling, Jr., Herman Frederick (May 17)
- RE: Wireless Security (Part 2) Ramsdell, Scott (May 16)
- RE: Wireless Security (Part 2) Bob Radvanovsky (May 16)
- Re: Wireless Security (Part 2) Robb Wait (May 20)
(Thread continues...)
- RE: Wireless Security (Part 2) Murad Talukdar (May 16)