RE: Wireless Security

["Herman Frederick Ebeling, Jr." <hfebelingjr () lycos com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To everyone, let's look at this hypothetical situation in a more realistic
light.  Let's say that "Joe Schmoe" has
setup a Wi-Fi network for his and his families to use/share a common cable/DSL
connection.  He is somewhat tech savvy,
but not enough to "effectively" lock down his Wi-Fi enabled router.

One day he comes home (and he is the only person at home) and he knows that all
of the computers in the house are
turned off, but he notices that his router is showing/indicating some sort of
activity.  He knows that it shouldn't be
as there is no one else home and as such all computers are turned off.  He
verifies this by going around and actually
checking all of the computers in the house.

When the family gets home he asks if any of them has told anyone of their Wi-Fi
network, or given anyone permission to
access it.  They don't and haven't.  Then one day as he's going upstairs he
notices that the neighbor "Joe Blow" who
lives right behind his house is sitting in his backyard very close to the
property line with what looks like a Pringles
can pointed in his direction.

Now he remembers an article that he read a while back that told of how people
were using Pringles cans (along with a
host of other cans) to make an antenna for their Wi-Fi cards.  So he figures
that his neighbor "Joe Blow" is the one
who is causing the extra traffic on his router.

He does some research and finds out how to restrict access to specified MAC
addresses, and implements it along with
changing the SSID, and enabling the WEP and/or other security features of his
router.

Then a couple of days later he gets a knock on his front door from Mr. "Joe
Blow" letting him know that he knows that
the network has been "hardened" as much as can be and he can no longer access
the Wi-Fi network.  "Joe Blow" informs
"Joe Schmoe" that IF his access to the Wi-Fi network isn't restored that he'll
go to the police claiming that "Joe
Schmoe" is dealing in kiddie porn.  And that he knows this cause "Joe Schmoe"
had "invited" Mr. "Joe Blow" in and
showed him some of the kiddie porn that he had stored on the various computers
in the house.  And that he can tell the
cops exactly where to find said kiddie porn.

Of course "Joe Blow" knows where it is cause HE is the one who put it there in
the first place.  What if any recourse
would "Joe Schmoe" have?  I mean the kiddie porn IS on HIS computers.  And "Joe
Blow" is more tech savvy then "Joe
Schmoe" and knows how to hide his tracks.  And so there is no evidence to
implicate "Joe Blow" as ever having had
access to "Joe Schmoe's" network.

I mean sadly in today's world it is very possible for someone to "blackmail"
another into allowing them to continue to
do something.

And how would "Joe Schmoe" go about proving that he didn't have anything to do
with the kiddie porn that is/was found
on all of his computers?

Herman

- - -----Original Message-----
From: G. Allen Johnson [mailto:gallenjohnson () sbcglobal net]
Sent: Friday, 14 October, 2005 21:53
To: hfebelingjr () lycos com
Subject: RE: Wireless Security


        You're going to get into the fuzzy area again here.  In order to use
your wireless network, the unauthorized user has to connect to your AP.  To
my knowledge, connecting to an AP will create an IP for that user w/ their
MAC address associated to that IP.  Having said that, time for a quick
analogy reference:  let's assume someone is, for whatever reason, putting
their postal mail in your mail box for the purposes of having their mail
sent out, but leaves their real return address on said piece of mail.  Now
using that MAC addy to ID your perp should be as legal as reading the return
address someone puts on that postal mail, i.e. it is considered personal
information that you knowingly disseminate to the public and at that point
becomes public information.  However, you're still not allowed to open that
guy's postal mail, and you are still not allowed to hack into an
unauthorized user's computer.
        To sum up, one person's illegal activities do not legitimize the
commission of illegal activities by you.  Cyber-retaliation would be
interpreted as cyber-terrorism.  And if you've been keeping up w/ the news,
you know what a hot topic cyber-terrorism is.  I agree w/ you Herman, it
isn't fair.  But it is the politics of the dominant paradigm.
        Oh, and as far as your question about is it hacking if you're not
using any hacking tools?  A command prompt is hacking tool Herman.  So, for
that matter, is Google.  To wander off on another analogy; a hammer is just
a tool so long as you're pounding nails with it.  But the moment you take a
swing at someone with it, it's a weapon.

        Hackers are not classified or defined by the tools that they use,
but by the knowledge that they have and the way that they use it as
perceived by the dominant paradigm.

G. Allen Johnson.

- - -----Original Message-----
From: Herman Frederick Ebeling, Jr. [mailto:hfebelingjr () lycos com]
Sent: Friday, October 14, 2005 10:35 AM
To: G. Allen Johnson; security-basics () securityfocus com
Subject: RE: Wireless Security


*** PGP SIGNATURE VERIFICATION ***
*** Status:   Bad Signature
*** Alert:    Signature did not verify. Message has been altered.
*** Signer:   Herman Frederick Ebeling Jr. <hfebelingjr () lycos com> (0xDB13DBD3)
*** Signed:   14-Oct-05 1:11:35 PM
*** Verified: 14-Oct-05 10:09:16 PM
*** BEGIN PGP VERIFIED MESSAGE ***

G. Allen,

        I'll do that thanks.

        It's not that I'm doubting you, it's just that it doesn't seem right
that even
though they were the ones who were
illegally accessing someone else's network that the owner of the network
can't
look at their box to find out who they
are.

        Would that also apply to just looking at what comes up in Windows
Explorer
under the network icon?  I mean by using
what that they are not "hacking" the other persons box parse, correct?  I
mean
they're just using what is already being
shown on their own box/system.  And not using any "hacking" tools to do so.

Herman

- - -----Original Message-----
From: G. Allen Johnson [mailto:gallenjohnson () sbcglobal net]
Sent: Friday, 14 October, 2005 02:01
To: hfebelingjr () lycos com
Subject: RE: Wireless Security


        Google using the parameters tsunami and hacker.  You will get
multiple hits.  A couple should point you to ZD Net, among many others.  The
story is in fact legit.  Regardless of the fact that someone is making
unauthorized use of your wireless network, it is against the law to hack
into that person's system.

        Now I would have to imagine that there is no reason you couldn't
trap and analyze packets going across your wireless network, it belongs to
you.  And it's likely that some identifying data could be derived from such.
Just bear in mind, the moment you SCAN that person's system w/out
authorization, but w/ the intent of getting into it, you can be brought up
on criminal charges.

        I've read the other replies you've gotten on this question Herman,
and from what I've seen, ALL of them back me up.  That alone should be
telling you something.

G. Allen Johnson.

- - -----Original Message-----
From: Herman Frederick Ebeling, Jr. [mailto:hfebelingjr () lycos com]
Sent: Thursday, October 13, 2005 9:58 PM
To: G. Allen Johnson; security-basics () securityfocus com
Subject: RE: Wireless Security


> > > PGP SIGNATURE VERIFICATION ***
> > > Status:   Bad Signature
> > > Alert:    Signature did not verify. Message has been altered.
> > > Signer:   Herman Frederick Ebeling Jr. <hfebelingjr () lycos com>
(0xDB13DBD3)
> > > Signed:   14-Oct-05 12:48:07 AM
> > > Verified: 14-Oct-05 1:06:25 PM
> > > BEGIN PGP VERIFIED MESSAGE ***

G. Allen,

        But if they're getting an IP from your AP/Wi-Fi enabled router
wouldn't a trace
on their IP address show as being in
that "private" pool of IP addresses?  What about trapping and analyzing the
packets that are going across their
network?  Would it be legal for the person who setup the network to
intercept
and analyze them?

        That doesn't sound quite fair to me.  That they can illegally attach
themselves
to someone else' Wi-Fi network and
that the owner of said network isn't allowed to investigate by looking at
their
computer to at least try and find out
their identity.

        I've read just the article that you directly linked to, was the site
a legit
site, or was it a scam?

Herman

- - -----Original Message-----
From: G. Allen Johnson [mailto:gallenjohnson () sbcglobal net]
Sent: Thursday, 13 October, 2005 22:18
To: hfebelingjr () lycos com
Subject: RE: Wireless Security


"C)     Can the person who initially setup the Wi-Fi network ***legally go
in
and look around>>> his/her neighbors computers?"
"C) ***I'd think that it is possibly a gray area***.  I would think that IF
a person discovers that they uninvited guest(s) and s/he is trying to find
out who they are, and where they are I would think that lawyer would argue
that the person who setup the Wi-Fi network was just investigating those who
were illegally accessing his/her system."

        Negative, no gray area here.  Unless you have written permission
&/or some other manner of consent to enter a system not owned by you, you
may not legally enter that system.  In regards to identifying the culprit
however, the wireless AP should give the IP's of the devices connected to
it.  Once the IP address of the offender is acquired, there are a number of
ways to pursue and resolve the problem.  Even law enforcement has
prerequisite requirements that must be fulfilled before entering/hacking
into someone's system.  Taking the law into your own hands, so to speak,
will net you a similar result to the UK fellow who "investigated" the
Tsunami relief website.
http://www.theregister.co.uk/2005/10/06/tsunami_hacker_convicted/
1 to 2 years ago I would have agreed w/ you Herman.  But the power of the
individual to investigate such things has decreased while the power of the
gov't to perform such activities has increased.  The war on terror, much
like the war on drugs, is really nothing more than a war on civil liberties.

G. Allen Johnson.


- - -----Original Message-----
From: Herman Frederick Ebeling, Jr. [mailto:hfebelingjr () lycos com]
Sent: Wednesday, October 12, 2005 8:25 PM
To: G. Allen Johnson
Subject: RE: Wireless Security


> > > PGP SIGNATURE VERIFICATION ***
> > > Status:   Bad Signature
> > > Alert:    Signature did not verify. Message has been altered.
> > > Signer:   Herman Frederick Ebeling Jr. <hfebelingjr () lycos com>
(0xDB13DBD3)
> > > Signed:   12-Oct-05 11:00:43 PM
> > > Verified: 13-Oct-05 10:57:20 PM
> > > BEGIN PGP VERIFIED MESSAGE ***

G. Allen,

        On A) I have to agree with ya.  I would also have to agree with ya
on B).  As
for C) I'd think that it is possibly a
gray area.  I would think that IF a person discovers that they uninvited
guest(s) and s/he is trying to find out who
they are, and where they are I would think that lawyer would argue that the
person who setup the Wi-Fi network was just
investigating those who were illegally accessing his/her system.

        As for d) I'd have to agree with ya again, IF a person is dumb
enough these
days NOT to be running some kind of
anti-virus PRG on their system, they are the one who is to blame for any and
all
virus' that they get.  As far as e) I
would agree that a person's E-Mails/files are the property of the owner.
However I would have to think that the
packets being sent illegally over another person's WLAN are the property of
the
owner of the network.

Herman

- - -----Original Message-----
From: G. Allen Johnson [mailto:gallenjohnson () sbcglobal net]
Sent: Wednesday, 12 October, 2005 22:15
To: hfebelingjr () lycos com
Subject: RE: Wireless Security


        Assuming the person in question is setting up a wireless AP for
his/her own personal use:
A)      None.  Establishing a wireless network does not automatically add
every wireless device in the area to its network.  The neighbors have to opt
in to use it, and they have to have the SSID and pass key to do so.
Assuming a default SSID and no pass key present, the neighbors in question
still have to choose to join the unsecured wireless network and have to take
responsibility for what nasty things may happen to their computer for
connecting to someone's personal wireless network w/out that person's
consent.
B)      No.  The person who set up the Wi-Fi isn't responsible, the person
who deleted the files is.
C)      No.  That would be considered hacking into someone else's system and
last I checked, that's against the law.  Just because someone accesses your
wireless network, that doesn't give you the right to illegally enter another
person's system.
D)      No.  See A).
E)      The privacy I know they can expect is that which is attached to the
system; i.e. the files on the hard drive.  As far as the privacy of what
packets their system is sending out or the privacy of their e-mails, I'm a
little fuzzier on that.  On one side, it is their e-mail, and it's against
the law for some third party to intercept that e-mail.  However, they are
sending it through an unauthorized connection.  So I'm not real solid on
this one Herman.

Hope that helps,

G. Allen Johnson.

- - -----Original Message-----
From: Herman Frederick Ebeling, Jr. [mailto:hfebelingjr () lycos com]
Sent: Wednesday, October 12, 2005 12:17 PM
To: security-basics () securityfocus com
Subject: Wireless Security


> > > PGP SIGNATURE VERIFICATION ***
> > > Status:   Bad Signature
> > > Alert:    Signature did not verify. Message has been altered.
> > > Signer:   Herman Frederick Ebeling Jr. <hfebelingjr () lycos com>
(0xDB13DBD3)
> > > Signed:   12-Oct-05 1:56:23 PM
> > > Verified: 12-Oct-05 10:31:52 PM
> > > BEGIN PGP VERIFIED MESSAGE ***

I've got a question (actually a few) along these lines.  Let's say that a
person
has a Wi-Fi network setup at home.
And they find out that some of their neighbors have accessed it.

A)      What if any obligation to the neighbors does the person who
initially setup
the Wi-Fi network have?
B)      What happens IF one neighbor goes in and reads/deletes msgs/files
from
another neighbor's computer is the person who
initially setup the Wi-Fi network for their own use liable?
C)      Can the person who initially setup the Wi-Fi network legally go in
and look
around his/her neighbors computers?
D)      What if one the neighbors get a virus, is the person who initially
setup the
Wi-Fi network liable?
E)      What if any expectations to privacy do the unauthorized users have?

Herman

- - -----Original Message-----
From: Daryl Davis [mailto:daryl () ultbingo com]
Sent: Tuesday, 04 October, 2005 12:56
To: security-basics () securityfocus com
Subject: Wireless blocking


I believe I have an unauthorized wireless router on my network.  I have been
unable to physically find it as of yet.

Does anyone know how to find the hidden SSID and then Jam it?

Thank you.

Daryl R Davis
Digital Game Media, Inc.


> > > END PGP VERIFIED MESSAGE ***






> > > END PGP VERIFIED MESSAGE ***






> > > END PGP VERIFIED MESSAGE ***






*** END PGP VERIFIED MESSAGE ***

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQ1CPWx/i52nbE9vTEQJ3uACgxZ42W7aGojTZpIgvJkl4NpYzP38AoIrh
D4Wyzh9SCiF+BqZN8eDkpCbt
=Tq/A
-----END PGP SIGNATURE-----