RE: Walmart using WEP

["Angelacci, Anna M CTR SPAWAR, J616" <anna.angelacci () navy mil>]

Ladies and Gentlemen, 
        This thread makes me question the quality of a small portion of
the group of participants. Please ask yourself this, "Isn't this forum
for IA professionals to learn and share ideas? If so do I belong here?"
War driving should be confined to legally permitted isolated networks,
not illegal local commercial vendors. I apologize for not being
impressed. 

-----Original Message-----
From: terry [mailto:tvernon24 () comcast net] 
Sent: Thursday, July 27, 2006 8:34 AM
To: 'Phil Frederick'; pen-test () securityfocus com
Subject: RE: Walmart using WEP


In my local super walmart, the wifi router is perched above the doors in
the garden center. Maybe it's a signal boosting unit but there's a wired
router next to it, looks like a linksys 24 port. I haven't wardriven
walmart yet to see what's up but the police station 3 blocks away has an
unsecured wifi running. (these cops couldn't run a speedtrap nor less a
wardriver trap)

-terry

-----Original Message-----
From: Phil Frederick [mailto:flosofl () gmail com] 
Sent: Wednesday, July 26, 2006 11:59 AM
To: pen-test () securityfocus com
Subject: Re: Walmart using WEP

The coupon kiosks in Jewel (US grocery chain) are running FC 4.  I
actually saw one of them crash and recover and run through a Fedora boot
screen.  I'm not sure if they are self contained or simply thin clients.
They scan in the bar code on your savings card and generate a customized
coupon list.  I am unaware of what the back-end is running (i.e. Oracle,
MySQL, etc...)

On 7/25/06, M. Shirk <shirkdog_list () hotmail com> wrote:
> Same deal with a local supermarket.  They even have the higher gain
antennas
> for Linksys, with the wireless router sitting right out on the Service
Desk.
> Shirkdog
> http://www.shirkdog.us
>
>
>
>
> > From: cracked () walmart com
> > To: pen-test () securityfocus com
> > Subject: Walmart using WEP
> > Date: 12 Jul 2006 22:54:34 -0000
> >
> > Walmart is using standard web encryption for their symbol barcode
scanners.
> >  This means that it's possible to sniff the network traffic and 
> > crack
the
> > encryption.  Once the WEP key has been discovered, false inventory 
> > and sales information can be submitted to the Walmart databases.
>
> -----------------------------------------------------------------------
> ----
---
> > This List Sponsored by: Cenzic
> >
> > Concerned about Web Application Security?
> > Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
> > Choice Award from eWeek. As attacks through web applications continue

> > to rise, you need to proactively protect your applications from 
> > hackers. Cenzic
has
> > the
> > most comprehensive solutions to meet your application security
penetration
> > testing and vulnerability management needs. You have an option to go 
> > with
a
> > managed service (Cenzic ClickToSecure) or an enterprise software 
> > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service

> > can help you: http://www.cenzic.com/news_events/wpappsec.php
> > And, now for a limited time we can do a FREE audit for you to confirm
your
> > results from other product. Contact us at request () cenzic com for 
> > details.
>
> -----------------------------------------------------------------------
> ----
---
> >
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's 
> FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
------------------------------------------------------------------------
----
--
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
> Choice Award from eWeek. As attacks through web applications continue 
> to
rise,
> you need to proactively protect your applications from hackers. Cenzic

> has
the
> most comprehensive solutions to meet your application security 
> penetration testing and vulnerability management needs. You have an 
> option to go with
a
> managed service (Cenzic ClickToSecure) or an enterprise software 
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service 
> can help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm 
> your results from other product. Contact us at request () cenzic com for 
> details.
------------------------------------------------------------------------
----
--
>

------------------------------------------------------------------------
----
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic
has the 
most comprehensive solutions to meet your application security
penetration 
testing and vulnerability management needs. You have an option to go
with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
----
--


------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic
has the 
most comprehensive solutions to meet your application security
penetration 
testing and vulnerability management needs. You have an option to go
with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------