Firewall Wizards mailing list archives
RE: Interlopers on the WLAN
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 6 Nov 2002 12:01:08 -0500 (EST)
On Wed, 6 Nov 2002, Philip J. Koenig wrote: [SNIP]
Personally when I started the thread I was thinking more in terms of the whole practice of "wardriving" and whether it's defensible from a legal standpoint or not.
Yu've changed the context of the argument, which I'd suspected from the begining that this was more the context meant in the original post. But, passive sniffing is at present apparently not illegal, in fact the secret service is actively 'wardriving' in various pasrts of the US to ascertain the weak default setus that might be infringing security of various gov and mill sites exposed to wireless toys.
I was not referring to clueful individuals and organizations/ institutions that properly take care of the security issues on their WLANs. I was referencing the very clear fact that a huge amount of these WLANs are operated by non-technical consumers who, in my view, cannot really be expected to understand all the technical/security issues at play, particularly if the vendors not only ship the product with an insecure default configuration, but also do a poor job of educating the consumer about the issues at hand. Given that there are so many WLANs out there that are owned/operated by these types of users, it makes me think that to assume a WLAN is "public" simply because a non-technical user set it up in it's most likely configuration is a stretch to say the least. Further on the legal/abuse front: I predict the next wave of spammers will be heavily exploiting open WLANs to anonymize themselves while sending out spam, and I wouldn't be a bit surprised to see DNS-based blacklists of open WLANs pop up, just like the various ones that are now operating to flag open SMTP relays and other potential spam sources.
Spammers might well take this route, and might already have taken this route. They are the less hideous of the security risks one should be envisioning here. As you hinted at with the Mitnick ordeal <which if folks recall, required Tsutomu Shimonura's use of illegal equipment to trace Mitnick down>. I'd certainly use a route such as this to base any attacks upon a private corporate of gov sites these days. The annonimity makes it far too easy a place to hide ones presence from. The free.nets of the past are perhaps a dying breed, soon to be over shadowed by the free wireless routes available for access. And there are many ventures to provide such access advertised weekly in various locations around the globe. I've collected a few examples from various media over the past year or so. The problem gets even messier as to insecure default settings though when one looks at all the new laptops and desktops hipping with wireless trinkets imbedded in the new equipment, turned on with totally insecure default settings. I'm just wondering how long it takes before some of the larger systems are shipped as AP's as well as clients <it might already have been done and I've just missed it>. The point being, this is a nightmare that's already been unleshed and soon to be exposed to big time security issues, if it hasn't already raised it's ugly head. And the focus needs to be pushed ba k towards the vendors to do something about the awful default settings they provide. Until the vendors are forced to take responsibility, it's the end users that will be the ones to share the financial costs of their toys being used for nasty business. And let's not even reopen the old dead thread on the wireless video equipment being shipped as 'security devices' and the exposure they provide. Thanks, Ron DuFresne <broadcast at your own risk> -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Interlopers on the WLAN, (continued)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 09)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Paul Robertson (Nov 06)
- RE: Interlopers on the WLAN Jim Leo (Nov 06)
- RE: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN Kyle R. Hofmann (Nov 05)
- RE: Interlopers on the WLAN Paul Robertson (Nov 05)
- Re: Interlopers on the WLAN Frank O'Dwyer (Nov 09)