Penetration Testing mailing list archives
Re: Sneaking a peek on Wlan in airports
From: Toby Barrick <tbarrick () cox net>
Date: Fri, 18 May 2007 12:14:13 -0700
This is something that I have run into many times in the past on both the "wired side" and on the unwired side of the 'Net - - from the inside and from the outside.
From a corporate stand point receiving unsolicited security information from someone - the person reporting the security flaw is ALWAYS suspect and is handled very suspiciously. Whether it be an internal "unauthorized" person or an external person. Actually the external person reporting the flaw may have a bit of a better time of reporting the security flaw given a few factors:
1. Reporting the security flaw being a worried user of the system and FULL cooperation with examiners = probably OK - but why/how did you find it?
2. Reporting the security flaw anonymously = suspect - - logs are pulled3. Reporting the security flaw and offering to assist for a fee = suspect - logs are pulled and notification of authorities is on the table 4. Reporting the security flaw and making even simple demands = extortion - all records are pulled and authorities are notified
5. Lot's more - - insert your own hereWhen reporting issues to the general public that you have obtained specific info on (as in this case) there are various reactions but in general they just don't want to know. Some of the reactions I have gotten are as follows:
1. How did you do that? 2. Who / what are you?3. Prove it - - If proven they may or may not call the cops or get really agitated
4. Well duh! I'm in a public space 5. They just don't want to talk at allI am sure that this is tremendously abridged but it's a bit of a start. Until the general public actually gets a clue reporting anything to them is a waste of time.
Toby ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: Sneaking a peek on Wlan in airports krymson (May 17)
- <Possible follow-ups>
- Re: Re: Sneaking a peek on Wlan in airports ebk_lists (May 17)
- Re: Re: Sneaking a peek on Wlan in airports alan (May 17)
- Re: Re: Sneaking a peek on Wlan in airports killy (May 18)
- Re: Sneaking a peek on Wlan in airports Jason Chambers (May 18)
- Re: Re: Sneaking a peek on Wlan in airports alan (May 17)
- Re: RE: Sneaking a peek on Wlan in airports ebk_lists (May 17)
- RE: RE: Sneaking a peek on Wlan in airports mystic33 (May 17)
- Re: Sneaking a peek on Wlan in airports Thor (Hammer of God) (May 18)
- RE: Sneaking a peek on Wlan in airports Erin Carroll (May 18)
- Re: Re: Sneaking a peek on Wlan in airports ebk_lists (May 18)
- Re: Sneaking a peek on Wlan in airports Toby Barrick (May 18)
- Re: Re: Sneaking a peek on Wlan in airports ebk_lists (May 18)
- Re: Sneaking a peek on Wlan in airports Manuel Arostegui Ramirez (May 19)