I am now wireless!!

Dave would be referring to that e-mail that went around a few years back that "took your picture" and if you clicked on the link it showed a picture of a chimp.
 
lol phew!!! my internet sarcasm meter wasn't working well and i wasn't sure. :D
 
I was at a friends this weekend. They said "we have put in a wireless thingey, so you can use your laptop". So I fired it up. They said "the network is named 'Home' ".

The wireless driver in the laptop showed three open networks, all labeled "Home".

I hope I got the right one so I won't be thrown in jail.
 
wsuffa said:
I was at a friends this weekend. They said "we have put in a wireless thingey, so you can use your laptop". So I fired it up. They said "the network is named 'Home' ".

The wireless driver in the laptop showed three open networks, all labeled "Home".

I hope I got the right one so I won't be thrown in jail.
Click to expand...
Ugh, I had the same issue when I was working with a co-worker over the phone.

He was setting up his daughter's wireless access point in an apartment building with a LOT of college students in it. He couldn't seem to get a good signal strength, even though he was only a few feet from it. Turned out there were FOUR wireless networks, all with the default SSID, and he hadn't changed the default anything on this access point. None of them were password protected from the manufacturer's defaults. How do I know? We ended up connecting to his via cable because, after reconfiguring it twice, he told me it kept switching back to defaults. Uh....no....not really. In reality, he changed TWO of the other wireless access points to what he wanted for his daughter's!

I suspect there were some ticked off neighbors in that building. ;)
 
Brian Austin said:
Ugh, I had the same issue when I was working with a co-worker over the phone.

He was setting up his daughter's wireless access point in an apartment building with a LOT of college students in it. He couldn't seem to get a good signal strength, even though he was only a few feet from it. Turned out there were FOUR wireless networks, all with the default SSID, and he hadn't changed the default anything on this access point. None of them were password protected from the manufacturer's defaults. How do I know? We ended up connecting to his via cable because, after reconfiguring it twice, he told me it kept switching back to defaults. Uh....no....not really. In reality, he changed TWO of the other wireless access points to what he wanted for his daughter's!

I suspect there were some ticked off neighbors in that building. ;)
Click to expand...

Serves 'em right. But I'll also bet they never knew what hit 'em.
 
i've heard mixed opinions on this, but what do you guys think. is it legal for me to setup a sniffer on my network and capture my neighbors data who are stealing my bandwidth? (known as a honeypot) .. one could argue that it is simply intrusion detection and network security. it's not the law i'd be fearing most when using un-secured wireless networks. ;)

the linksys routers are great, they run on linux. i re-flashed mine with a special build that gives me access to parameters not available in the control panel, .. such as signal strength. linksys doesn't give you access to that because laws regulate how strong the signal can be. the unit has settings from 0 to 88. they are shipped at a fixed value of 28, .. so there is quite a bit of room to boost the signal if you need it. ( not that i do :) )
 
Last edited:
mmilano said:
i've heard mixed opinions on this, but what do you guys think. is it legal for me to setup a sniffer on my network and capture my neighbors data who are stealing my bandwidth? (known as a honeypot) .. one could argue that it is simply intrusion detection and network security. it's not the law i'd be fearing most when using un-secured wireless networks. ;)
Click to expand...

Actually, a honeypot is an intentional setup of a network node to allow security breaches while recording the activity through sniffers and logs. In other words, just having a sniffer on the network doesn't constitute a honeypot. If you had a server or workstation with no service packs and some ports wide open, specificially designed to draw in potential security breaches, then you'd have a honeypot.

The only difference between network security (whitehat) and malicious hacking (blackhat) is intent. Knowing that you're aware of your wireless security holes and yet intentionally leaving them open to capture data for purposes other than security would constitute malicious intent in the law's eyes.

No, I'm not a lawyer but I have worked in network security for a while...including on court cases for some law enforcement folks.
 
huh? leaving your wireless network unsecured for the purpose of intentionally capturing packets constitutes a honeypot. i suppose my legal question would come down to proof of the intent. i don't understand your correction. i also work in the industry.

a honeypot could also be something as simple as links on a website to capture webcrawlers who are not obeying robots.txt too. :edit found link to one example: http://www.sqlite.org/cvstrac/wiki
 
Last edited:
what kind of cases were those that you worked on? were you called in as an 'expert witness' or something?
 
mmilano said:
huh? leaving your wireless network unsecured for the purpose of intentionally capturing packets constitutes a honeypot. i suppose my legal question would come down to proof of the intent. i don't understand your correction. i also work in the industry.

a honeypot could also be something as simple as links on a website to capture webcrawlers who are not obeying robots.txt too.
Click to expand...
http://en.wikipedia.org/wiki/Honeypot

http://www.sans.org/resources/idfaq/honeypot3.php

An unsecured network isn't necessarily a target, however. The term is loosely defined. I'm quoting directly from some prosecutors that I worked with.

A network is defined not as a target but a conduit. It's merely a medium to go somewhere. If nothing is on it, there is no honeypot. Ask any CISSP.

Intent would be based on several factors. If you know how to secure a wireless network and have done so in the past, your intentions for leaving your own network open become suspect. Every electronic criminal act tends to be linked up to a physical act. The analogy for this one would be "why did you leave your house unlocked if you knew others in the neighborhood had been robbed recently?"

There is currently a case somewhere in the system (I believe it's at the appellate level but I lost track of it) that the security folks are watching with this very situation. A hacker went into a honeypot (server here, not network) that was intentionally set up to draw someone in (ie port scanning found several open vulnerabilities). The hacker then penetrated the server, leaving traces of himself all over the logs inside the server. The defense argument was that it was entrapment. The current scuttlebutt is that it will make it to the Supreme Court. Everyone is waiting to see what happens.

Some things to think about:

1. Any data you collected is most likely useless on a legal level. No one cares about open home networks unless they're used as a source for some sort of attack...in which case it becomes YOUR problem, not your neighbor's.

2. Any data you collect and use for your own purposes (ie passwords, account numbers, etc.) makes YOU the bad guy here. When two crimes are committed, the prosecutors tend to go for the worst of the two. Identity theft is a biggie right now and anything remotely connected to it tends to attract a LOT of attention.

3. Never, ever write about things on a public forum that could come back to haunt you later. ;)
 
mmilano said:
what kind of cases were those that you worked on? were you called in as an 'expert witness' or something?
Click to expand...
It never went to court after I gave the prosecutor everything I found. My understanding (hearsay, mind you) was that when the technical details of how he did what he did started coming out, he realized he had been nailed and started talking for a deal. Part of the settlement was no details discussed.

I've done a few other things for them since then but nothing significant. I'm not on their speeddial but in their Rolodex. ;)
 
yes, read the whole wikki article and you will see both of us are correct .. even though you are still correcting me.

in reality it is someone setting up bait for someone else to take. it doesn't matter if the baiter is white or black, or if even what the bait is.

for #3 - are you serious? i'm a software engineer working on enterprise level network security software. discussing it, or educating people on how a hacker thinks is the best way to educate about security.
 
Brian Austin said:
It never went to court after I gave the prosecutor everything I found.
Click to expand...
oh so you did the investigation part, .. that would be fun :)
 
mmilano said:
yes, read the whole wikki article and you will see both of us are correct .. even though you are still correcting me.
Click to expand...
I'd trust SANS over Wiki. If you have nothing to target, how can you have a honeypot?

mmilano said:
in reality it is someone setting up bait for someone else to take. it doesn't matter if the baiter is white or black, or if even what the bait is.
Click to expand...
The intention of the baiter is used as a legitimacy argument, however. The court case I mentioned was a corporation, not a law enforcement agency. They brought in the FBI, iirc, AFTER the honeypot had been breached.

mmilano said:
for #3 - are you serious? i'm a software engineer working on enterprise level network security software. discussing it, or educating people on how a hacker thinks is the best way to educate about security.
Click to expand...
Discussing how a hacker thinks wasn't your original post, however:

mmilano said:
i've heard mixed opinions on this, but what do you guys think. is it legal for me to setup a sniffer on my network and capture my neighbors data who are stealing my bandwidth? (known as a honeypot) .. one could argue that it is simply intrusion detection and network security. it's not the law i'd be fearing most when using un-secured wireless networks.
Click to expand...
Personally, I'd be more worried about missing something in the sniffer logs that would bite me later. Unless you've got a SNORT box running with all the definitions enabled and active response of some sort, you run the risk of leaving your network open for someone else to use as a conduit for attacks. I've seen that one, too, and as far as I'm concerned, the guy got away with it. No logs, no response, on the office network he was using (I was brought in to test the vulnerability and see if any "forensic evidence" was available). The only way they got him was with an accidental parking lot camera capture. His laptop screen lit up his face! He was only charged with trespassing from what I heard.
 
mmilano said:
oh so you did the investigation part, .. that would be fun :)
Click to expand...
It is. I'd like to do it full time but LE doesn't pay well enough (and they have some fairly outdated tools). The occasional gig on the side is fun, though.
 
wiki articles are quicker to evolve as terminology/techonology does :) .. i give up arguing my point though. my original post was a hypothetical inqury of opinions on if people thought that information traveling across my wire (or air is should say) is mine, since it is illegal for intruders to be using it in the first place.

Discussing how a hacker thinks wasn't your original post, however:
Click to expand...
you mis-read or seemed to take it that way with your posting on a public forum advice. ;)

it's just interesting to see how the law is evolving around the technology. ultimately i guess in front of a jury, it would be obvious if someone was being malicious, .. and someone who was just borrowing a neighbor's internet would probably not be prosecuted in the first place even though it is considered illegal.

parking lot camera! lol ... i don't know the details, but it would be hillarious if he was using some very creative ways to hide his tracks all to get caught on a security camera located on the property!
 
mmilano said:
you're kidding right? maybe in the movies.
Click to expand...

Gotta be. There's no way an LCD screen can "see" anything. Now if you had one of those laptops with a built in webcam...
 
mmilano said:
parking lot camera! lol ... i don't know the details, but it would be hillarious if he was using some very creative ways to hide his tracks all to get caught on a security camera located on the property!
Click to expand...
He was a smart guy who investigated the network he wanted to breach. He wouldn't say one way or the other on how he knew (at least in anything I saw or heard) but he picked one where nothing was logged and security was minimal. The flippin' administrator password for the local box was BLANK for crying out loud. These guys had been almost asking for it. I told the prosecutor as much, too.

In the end, the smart ones always seem to be nailed by the stupid things. A simple daytime visit and look see around the place would have avoided the whole thing for the guy. He was so busy looking at his computer, though, he forgot to just look around. Stupid.
 
woodstock said:
did you change your network name to GO AWAY or shame shame or something? haha
Click to expand...

My favorite password under such conditons: ER notation for a patient refusing admission despite doctor's advice - MFYOYO.
 
You must log in or register to reply here.
Back
Top