In secured office building, "Free Public WiFi" network shows up out of nowhere

[Shawn <swarzkopf () legolas sinnerz us>]

This scenario occurred this morning- any suggestions or insights are 
appreciated, as are any comments as to my handling of this.

I'm a Security Specialist for a medium sized company. I have only 
been working in security for 2 months. There are no other 
Security Specialists here. I report to our Manager of Information 
Security, who is out of town on business. I work in a 6 floor office 
building which we own completely. We lease the second floor to a computer 
training center. We do not permit our employees to use any wireless 
networks, and we do not have any access points. Ad hoc connection is 
prevented through group policy. All of our laptops are XP SP2. Up until 
today, I have never seen an available wireless network here.

Periodically I check to make sure that no one has installed an 
unauthorized WAP. This morning I fired up NetStumbler and found that a 
network named "Free Public WiFi" was not only available, but available at 
full strength. This was listed as a peer to peer network, so I assumed 
that the network was actually being broadcast from another wireless device 
(laptop). This network was listed as being wide open with no required key 
and no encryption. The originating point definitely appears to be coming 
from within my building, but I haven't been able to determine exactly 
where.

I immediatley checked the MAC address of the wireless SSID to make sure 
that it didn't belong to one of my company assets. It did not.

I then connected to the network with my laptop. I was not assigned an IP 
address, rather Windows gave me one of the default 169.254 APIPA 
addresses. I then
sniffed packets for over an hour. I felt justified in doing this, to make
sure that none of my companies equipment was connecting to this network.
I found no network activity whatsoever.

Finally, I ran a ping sweep against the 169.254.x.x subnet to make sure 
that none of my companies equipment were connected to this network. The 
ping sweep returned only my laptop and one other device. I checked the 
other device's MAC address in my inventory and verified that it too was not our 
equipment.

I then summarized all of my investigation and sent it to my boss in an 
email. I suggested that this network does not appear to be malicious at 
this time and offered to take more action pending his recommendation. I 
believe that this network probably belongs to someone at the computer 
training center on our second floor playing around.

Do you all feel that these were appropriate actions? The only other 
possible action I considered regarding this would be to contact the 
training center on the second floor and ask them about this. What do you 
all think?

As always, your feedback is appreciated.

Thanks,
-Shawn