RE: Wireless Security (Part 2)

[Murad Talukdar <talukdar_m () subway com>]

Hi Herman,
I don't think you'd get what you wanted from ipconfig /all-it would show you gateways/dns etc but not other machines 
that are connected to yours. Netstat could do that. Your router may have some ability to show connections in a gui or 
even in the logs.
You could possibly use arp to work out MAC addresses too. Working out IP's on a wireless network is only part of the 
solution though--where are they physically? You'd need some kind of tool to narrow that down. I know Netstumbler is 
good for checking AP's but don't know if it can be used to find wireless NIC's that are connected. Might be worth 
investigating--someone else on the list may be better at telling you that. As ever, change the keys for the SSID often 
if it is using WEP or go to WPA if the router has the capability. 
Good luck.



---------- Original Message ----------------------------------
From: "Ebeling, Jr., Herman Frederick" <hfebelingjr () lycos com>
Reply-To: hfebelingjr () lycos com
Date:  Tue, 16 May 2006 19:17:03 -0400

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ----Original Message----
> From: Murad Talukdar [mailto:talukdar_m () subway com]
> Sent: Tuesday, 16 May, 2006 00:25
> To: hfebelingjr () lycos com; security-basics () securityfocus com
> Subject: RE: Wireless Security (Part 2)
>
> : Hey Herman,
> : Still doesn't give you the legal right to access their machine. I'm
> : pretty sure this is warrant territory. Call your local police etc
> : and see what they say.
> : 
> : The fact that you have the ABILITY to do this doesn't mean you have
> : the right/jurisdiction. Any access you may take up would no doubt
> : void any kind of legal argument you could use if you found
> : incriminating evidence on the machine in question. (i.e. how does
> the
> : State/Court/Crown ensure that YOU didn't put the incriminating
> : evidence there). 
> : 
> : Having a definite warning banner is a great idea because then the
> : unauthorized person knows for sure that they are not supposed to be
> : there and they have been told in no uncertain terms. Not sure about
> : putting the caveat about hacking them in kind (which is pretty much
> : what you'd be doing). 
> : 
> : 
> : Regards
> : Murad Talukdar
>
> Murad,
>
>       I admit that the owner of a network could get into trouble for
> trying to ID the person who has illegally connecting to their
> network.
>
>       Uh, wouldn't just running ipconfig/all show one all the computers on
> their network.  And being as it would be run only on the network
> owner's computer they haven't "hacked" anything have they.
>
> - -----
> Herman
> Live Long and Prosper
> ___________________          _-_
> \==============_=_/ ____.---'---`---.____
>             \_ \    \----._________.----/
>               \ \   /  /    `-_-'
>           __,--`.`-'..'-_
>          /____          ||-
>               `--.____,-'
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3
> Comment: Space the Final Frontier
>
> iQA/AwUBRGpdbB/i52nbE9vTEQItIQCg8RP2aBvyZ8GCwewU8eHAwLH+1ncAoKny
> agen++nsU671K/x1DiU6EQEM
> =VKX8
> -----END PGP SIGNATURE-----