Penetration Testing mailing list archives

RE: Netstumbling

From: "Andrew Ruef" <jabberwocky () mediasoft net>
Date: Wed, 5 Mar 2003 17:44:13 -0500

I believe the official FBI stance is, connecting to an open network is
not a crime. 

A. Ruef

-----Original Message-----
From: Nick Jacobsen [mailto:nick () ethicsdesign com] 
Sent: Wednesday, March 05, 2003 12:12 PM
To: stonewall; pen-test () securityfocus com
Subject: Re: Netstumbling

Just from my expirience, I have never had any problems, and none of my
friends have reported any problems either.  I will walk around downtown
with
my laptop open, and an external antenna on my back (looks funky, and I
get
some odd stares, but it works), and the most I have ever had happen is a
cop
ask me what I was doing...  I told hime I was using my laptop to do a
wireless security assesment...  he just sort of looked at me oddly and
walked off...  probably had no idea what I was talking about...  I've
done
this in Portland, Roseburg, Salem, Eugene (all in Oregon), as well as
New
Orleans and Chicago.  Most of the time, the cops have no idea what you
are
talking about...

Anyway, my 2 cents,

Nick Jacobsen
Ethics Design
nick () ethicsdesign com

----- Original Message -----
From: "stonewall" <stonewall () cavtel net>
To: <pen-test () securityfocus com>
Sent: Wednesday, March 05, 2003 6:14 AM
Subject: Netstumbling

HI, I need some advice.

I am interested in the reaction that list members have gotten from

various

government agencies while netstumbling.  Is there any clear guidance

on
the

legality of 'stumbling?  I am talking here about just 'stumbling, not

set
to

auto reconfigure the card, just assessment and locating WAPs.

You cannot be in the security business without being able to assess

threats.

In this business, paranoia is not paranoia, it is due diligence.  I

believe

that anyone serious about security must be able to assess wireless

zones,

overlapping areas, buildings with multiple WAPs, etc.  But have you

been

threatened by LE personnel in the process?

Thanks in advance for your info.

stonewall

------------------------------------------------------------------------
--
--


Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html



------------------------------------------------------------------------
----

Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html


----------------------------------------------------------------------------

Are your vulnerability scans producing just another report?
Manage the entire remediation process with StillSecure VAM's
Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html

Current thread:

Netstumbling stonewall (Mar 05)
- Re: Netstumbling IndianZ (Mar 05)
- RE: Netstumbling Ken Kousky (Mar 05)
- Re: Netstumbling Nick Jacobsen (Mar 05)
  - RE: Netstumbling Andrew Ruef (Mar 06)
- Re: Netstumbling Joseph W. Shaw II (Mar 06)
- Program for automatic attack replay LordEidi (Mar 06)
  - RE: Program for automatic attack replay Rob Shein (Mar 06)
  - Re: Program for automatic attack replay Andreas Östling (Mar 06)
- <Possible follow-ups>
- RE: Netstumbling Freeland, Jim (Mar 06)
- RE: Netstumbling PJD (Mar 06)
- RE: Netstumbling Klahn, Paul (Mar 06)