Firewall Wizards mailing list archives
RE: Interlopers on the WLAN
From: "Frank O'Dwyer" <fod () brd ie>
Date: 06 Nov 2002 09:54:20 +0000
On Wed, 2002-11-06 at 09:17, Philip J. Koenig wrote:
On 6 Nov 2002 at 8:42, Frank O'Dwyer boldly uttered:So if you set your network up in the same sort of configuration, without even a rudimentary attempt to restrict access, no clue that the network is private, and route every packet thrown at you, then how on earth is anyone supposed to know what you intended. Basically, it's unreasonable to expect people to read your mind.Personally when I started the thread I was thinking more in terms of the whole practice of "wardriving" and whether it's defensible from a legal standpoint or not. I was not referring to clueful individuals and organizations/ institutions that properly take care of the security issues on their WLANs. I was referencing the very clear fact that a huge amount of these WLANs are operated by non-technical consumers who, in my view, cannot really be expected to understand all the technical/security issues at play, particularly if the vendors not only ship the product with an insecure default configuration, but also do a poor job of educating the consumer about the issues at hand. Given that there are so many WLANs out there that are owned/operated by these types of users, it makes me think that to assume a WLAN is "public" simply because a non-technical user set it up in it's most likely configuration is a stretch to say the least.
Good point. I was more arguing against the default assumption that all WLAN networks are private though, than that they should be assumed public. If there is an open access point, it's just not obvious how that is intended to be used. Yes, Harry Homeowner may unintentionally create an open access point at home, but then he is also the very same guy who will switch on his laptop and connect to any hotspot that is around. He is therefore the very one who would be automatically criminalised by such a default assumption. But you can't assume he knows what is going on *then* either. I also think that passively connecting to what appear to be open hotspots is an altogether different thing than running around the city in the back of a cab with Netstumbler. Sure, in many instances it amounts to sitting outside someone's house trying to make calls on their cordless phone, but where all of these analogies break down is that it's going to be unclear if the WLAN was intended to offer service, and it's also going to be unclear as to what the user intended to connect to. Making criminals out of everyone so that they can't co-operate even when they wish to is not a great solution to this issue IMO.
Further on the legal/abuse front: I predict the next wave of spammers will be heavily exploiting open WLANs to anonymize themselves while sending out spam, and I wouldn't be a bit surprised to see DNS-based blacklists of open WLANs pop up, just like the various ones that are now operating to flag open SMTP relays and other potential spam sources.
I'm not sure that would work. For example if I created an open WLAN here, everything would appear to originate from a dynamic IP address. To block that, you'd have to block my entire ISP, which would prevent a sizeable proportion of the UK from sending email. But also worrying is the potential for somebody to start launching full-on attacks using WLANs as the connection point. These will appear to originate from Harry Homeowner's DSL connection or from XYZ Corp. I don't know if it would be possible to physically locate the origin of a WLAN sender, as it is with mobile phones, but if so then that would be a saving grace. Otherwise we may be stuck with one of two fairly ugly scenarios: plausible deniability for Harry Hacker ("it wasn't me, someone must have used my open WLAN"), or Harry Homeowner made liable for everything originating from his connection. Cheers, Frank. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Interlopers on the WLAN Philip J. Koenig (Nov 05)
- Re: Interlopers on the WLAN Al Potter (Nov 05)
- Re: Interlopers on the WLAN Mikael Olsson (Nov 05)
- Re: Interlopers on the WLAN Frank O'Dwyer (Nov 05)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- RE: Interlopers on the WLAN Bill Royds (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 09)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)