Re: Wi-fi. Approaching customers

["Coral J. Cook" <cjcook () strongtowersecurity com>]

What about doing a targeted mail campaign (zip code, zip +4 , etc) with
a flyer about wireless security/insecurity in general with specific
statistics for the target area, or even a generic (not pinpoint gps
accuracy, but large area overview) map showing open access points?

Coral


Gregh wrote:
> I have asked this on another list and there has been discussion but nothing that really seems like an answer so I am 
> asking for help in here.
>
> I did a war drive (and in MY terms that means just driving along gathering SSID data showing open and closed and 
> nothing else BUT that) and found one HELL of a lot more wi-fi in my area than I had previously been aware existed. 
> Most of the SSIDs broadcasted didn't openly identify the company involved though most of them were open. The idea in 
> doing this was that I could note an area where wi-fi is and approach the company (or individual) and offer my 
> services to LEGALLY lock their open wi-fi down. I realise that with open wi-fi, I could be doing anything I wanted to 
> or with their systems but that isn't the point. I work in the area doing I.T. related work and so far have a very 
> good reputation for an inexpensive service and I am self employed so doing the wrong thing would quickly kill all 
> that.
>
> My question is, then, how to approach someone to legally get work from them fixing their badly installed wi-fi and 
> ensuring it is all locked down. If I turn up saying "Your wireless networking is open to hacking and I can fix it" 
> that sounds somewhat suspicious to me if you look at it from the point of view of a user who knows nothing much about 
> it all. Eg, I am telling them something they don't want to hear, for a start and then telling them that if they pay 
> me, they can have it fixed on the spot. I already know how strange it can sound. I happened to pick up the SSID 
> ToysRus which was open and realising they would have their own company employed I.T. people, I just rang them to do 
> them a favour and wasn't I met with suspicion? Yep! All I did was say "You know you have wireless networking?" and 
> they answered "yes...." and I added "It's open and unsecured. You better fix it before someone else finds it" and 
> then got asked 100 questions including "How do YOU know?" blah blah
 by someone you would think KNOWS the game.
> How do YOU approach prospective new customers to tell them their wi-fi is unsecured and needs attention and that you 
> can fix it for a fee?
>
> Any help appreciated.
>
> Greg.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://www.secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/