Firewall Wizards mailing list archives
RE: Interlopers on the WLAN
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Wed, 06 Nov 2002 14:25:15 -0800
On 6 Nov 2002 at 21:41, Frank O'Dwyer boldly uttered:
On Wed, 2002-11-06 at 20:54, Philip J. Koenig wrote: [...]if a hacker hops on an insecure WLAN and causes damage to some other site by DoS'ing it for example, who's at fault - the commercial site that the hacker attacks, the operator of the insecure WLAN, or the hacker? I say 1) the hackerMe too. Why is there a need to blame anyone else.and to a lesser extent 2) the operator of the insecure WLAN.Why? Firstly, you're assuming the WLAN is "insecure" simply because it lets anyone connect without asking who they are. Maybe that's what the owner and users of the WLAN want. His network, his policy. If you don't like his policy, maybe you need make sure your network isn't connected to his in any way that matters to you.
Once you connect a network to the internet, your security problems often become everyone else's security problems.
Maybe you need to put pressure on the ISP to stop giving connectivity to such "insecure" hosts. Or maybe yours is the insecure network that shouldn't be connected - it's not at all obvious who is putting who at risk here.
Bear in mind my main original point was about the legality or ethics of hopping onto an open WLAN. But beyond that, there is this concept of an "attractive nuisance" when someone connected to the internet does something to encourage hacking activity from systems under their control. The term commonly used is that it's a "rogue" network or system. As you mentioned, the usual choke point for such rogue systems is their upstream provider, and just as it has become an issue for ISPs who host spammers and open-relays, I think it will become an issue for ISP customers with indiscriminately open WLANs. (reinforced by the fact that in many cases, these ISP customers are also breaching the terms of their ISP agreement by providing access to others beyond their household, or in some cases by profiting from selling access)
Regardless, someone's network is not insecure just because it doesn't comply with *your* security policy. It may well be perfectly secure with respect to its own assets, security goals, and policy.
I think there are a variety of commonly-accepted norms for networks connected to the internet, and if you blatantly flout such norms (hosting hackers, spammers, and other troublemakers) you will shortly find yourself without connectivity because of the pressure your upstream will get over you.
Certainly not the final victim of the attack.Of course not. At least not until someone starts setting precedents for holding people liable for running "insecure networks". Because the ultimate victim of an attack is also going to look bad under that standard.
Of course not, but your earlier comment (see below) implies that the victim is as "guilty" as the network used as a launching point for an attack. As I said earlier, there is often absolutely nothing a victim can do to mitigate such attacks (cf the DDoS attacks on E- Trade, Yahoo, Ebay etc by "mafiaboy" a couple years ago), whereas the network(s) where the attack was launched from generally can do quite a lot to prevent such attacks from occurring or succeeding. You wrote: > I can't think of any reasonable definition of "operating an > insecure network" that doesn't apply first and foremost to the > target of any successful attack. [...]
IMO The proper response is (a) to help people to secure their own networks (and no that does not mean shutting down open access points) and (b) prosecute hackers. Making criminals of the rest of us is unjustifiable, ineffectual, and may even be counterproductive.
Point taken, but in the meanwhile I'm not looking forward to thousands of hacker-anonymizing open WLANs creating a serious nuisance for the community either. (much of my consternation should be directed at the greedy WLAN industry groups and hardware vendors who have greatly added to the problem by A) not requiring security to be turned on under the various 802.11 standards and B) shipping products with security defaulting to off.) -- Philip J. Koenig pjklist () ekahuna com Electric Kahuna Systems -- Computers & Communications for the New Millenium _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Interlopers on the WLAN, (continued)
- Re: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- Re: Interlopers on the WLAN R. DuFresne (Nov 06)
- RE: Interlopers on the WLAN Bill Royds (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 06)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 06)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Philip J. Koenig (Nov 09)
- RE: Interlopers on the WLAN Frank O'Dwyer (Nov 09)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Marcus J. Ranum (Nov 06)
- RE: Interlopers on the WLAN Paul Robertson (Nov 06)
- RE: Interlopers on the WLAN Jim Leo (Nov 06)
- RE: Interlopers on the WLAN R. DuFresne (Nov 06)
- Re: Interlopers on the WLAN Kyle R. Hofmann (Nov 05)