Firewall Wizards mailing list archives
RE: Interlopers on the WLAN
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Wed, 06 Nov 2002 12:54:14 -0800
On 6 Nov 2002 at 19:24, Frank O'Dwyer boldly uttered:
On Wed, 2002-11-06 at 10:29, Philip J. Koenig wrote: [...]Mitnick was arrested while running over a stolen cellphone and traversing a chain of at least 3-4 different networks to slow down attempts to find him. If he were doing this over someone's open WLAN while parked on the street out front, all he'd need to do is drive away and it would be next to impossible to find him.True, but equally he might have tossed the cellphone out the window and driven off into the sunset.
There's a big difference here: cellphone's are trackable to a cellsite and a location in realtime, but since WLANs are not centrally managed by a technically clueful organization (cellphone carrier) there is little or no oversight in many cases for interlopers.
The impression of WLAN anonymity may be just as false. While someone is connected to a WLAN, they are certainly revealing *something* about their location. Maybe a lot. If it's possible to get a few arrests based on that fact then that may adjust the attitudes of the attackers.
Given all the essentially unmanaged open WLANs (I'd surmise that the vast majority of "open" WLANs are poorly managed and unsupervised, for obvious reasons) then I do think there's a very big problem that doesn't exist for ie cellular networks.
Otherwise we may be stuck with one of two fairly ugly scenarios: plausible deniability for Harry Hacker ("it wasn't me, someone must have used my open WLAN"), or Harry Homeowner made liable for everything originating from his connection.Personally I favor the latter example, since one should take responsibility for one's actions - in this case, operating an insecure network.This is a kind of 'blame the victim' approach. It would also be deeply hypocritical of the one bringing the charges, i.e. the targets of the attack. After all, theirs may be the only network that was actually breached. How can they prosecute someone else for "operating an insecure network", all on the basis that their own flaky network just got turned over, without blatantly admitting that they operate an insecure network themselves?
Not sure who you're referring to: if a hacker hops on an insecure WLAN and causes damage to some other site by DoS'ing it for example, who's at fault - the commercial site that the hacker attacks, the operator of the insecure WLAN, or the hacker? I say 1) the hacker and to a lesser extent 2) the operator of the insecure WLAN. Certainly not the final victim of the attack. In this particular case the WLAN was "used", not "damaged" per-se.
I can't think of any reasonable definition of "operating an insecure network" that doesn't apply first and foremost to the target of any successful attack. OTOH, I can think of at least two reasonable definitions that *don't* necessarily apply to an open access point.
There are various attacks (ie DDoS attacks) that are next-to- impossible to mitigate simply by network security. It's a global ISP/backbone problem. While you might be able to harden your network/hosts so that they don't die under such an attack, your connectivity can be decimated with little you can do about it from your end, and the end-result is the same as if your hosts died - your users can't access your resources. -- Philip J. Koenig pjklist () ekahuna com Electric Kahuna Systems -- Computers & Communications for the New Millenium _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Interlopers on the WLAN, (continued)
- Re: Interlopers on the WLAN Frank O'Dwyer (Nov 05)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- RE: Interlopers on the WLAN Bill Royds (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 09)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- Re: Interlopers on the WLAN Frank O'Dwyer (Nov 05)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Paul Robertson (Nov 06)
- RE: Interlopers on the WLAN Jim Leo (Nov 06)
- RE: Interlopers on the WLAN R. DuFresne (Nov 06)