Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Re: Legality of WEP Cracking
From: Matthew Webster <awakenings () mindspring com>
Date: Sat, 19 May 2007 08:26:27 -0400 (GMT-04:00)

Craig,

    Thanks for that information.  I have an additional question that is purely hypothetical
which also tangentially related to the WEP cracking in airports.  In the space around
where I work, there are approximately 200 different access points that are visible
from within the space I work that are not owned by us.  Presently I only use netstumbler
/ kismet to ensure that the devices are not present in our environment.  If we had
a device that was in ad hoc mode, then it could potentially indicate a breach.  
If I wanted to capture packers to investigate our network further, there would be
a high degree of probability that I would inadvertently capture packets from one
of the other 200 different networks invading our space.  It sounds like, because
those wireless networks invade our space, that I would not be permitted to do so
because I would be in awareness that I would also pick up other wireless networks.
Luckily, even with the audit follow-ups, I've never needed to do so, but I could
imagine an incident occurring where I may need to capture traffic (authorized relating
to our own network), but  I may even inadvertently capture plain-text passwords.
This may be a good opportunity to update my forensic procedures to include wireless
breaches and update incident response surrounding wireless networks.  Any thoughts?

Matt

-----Original Message-----
From: cwright () bdosyd com au
Sent: May 18, 2007 11:46 PM
To: pen-test () securityfocus com
Subject: Re: Re: Legality of WEP Cracking

"sniffing the air" is legal

Well actually, if this is sniffing as in intentially capturing an electronic transmission, than this is illegal and 
also criminal.

Interecption + telcomunications - permission = criminal act 
this is true in the US, CA, UK, AU etc

So actually even capturing packets is illegal, proof is difficult though.

Regards
Craig

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]