Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Legality of WEP Cracking
From: DaKahuna <da.kahuna () gmail com>
Date: Sat, 19 May 2007 15:39:43 -0400


On May 18, 2007, at 7:47 PM, Morning Wood wrote:

The UK law is clear, I quote from the UK Computer Misuse Act 1990
(http://www.opsi.gov.uk/ACTS/acts1990/Ukpga_19900018_en_2.htm):


from what I understand here in the US...

"sniffing the air"        is legal
"connecting to an AP you do not have explicit permission" is illegal
"possession of an access restriction device" eg: WEP key
that you are not explicitly allowed permission is illegal

capturing airborne packets "may" be legal, but the moment you begin to
"try" to "crack" a WEP key, you would be entering access restriction device realm instantly. ( do not pass GO! ) , as well, simply connecting to your
target AP is illegal from the get-go ( gimme your dice! )

but my understanding is only a perspective, which may or not be completely
askew...


 How about this scenario.

I am sitting in a Starbuck$ and am connected to the T-Mobile Wireless service.
I start Wireshark and capture all the packets I am seeing from the WAP.
Is this legal or illegal?



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]