Re: Drive-by spam hits wireless LANs
blitz wrote: And you think the terresterial sources are hard to shut down Drive-by spam hits wireless LANs By Graeme Wearden Special to CNET News.com September 6, 2002, 10:14 AM PT http://news.com.com/2100-1033-956911.html LONDON--The proliferation of insecure corporate wireless networks is fueling the growth of drive-by spamming, a security expert warned on Thursday. I must be honest, I havn't heard of any reports here in Sweden (or anywhere else) that this is a real problem, are there any true incidents that this has happend? /J
Re: Drive-by spam hits wireless LANs
Neil J. McRae wrote: I must be honest, I havn't heard of any reports here in Sweden (or anywhere else) that this is a real problem, are there any true incidents that this has happend? Yes. If you sit with your laptop in the park across from our office you can see 3 unprotected wireless domains. There was an article [although I can't remember what publication] featuring a few people driving through the City of London [London's financial community area] they found serveral unprotected LANs. Regards, Neil. Just cause there are unprotected WLANs dosn't imply that spammers use them (perhaps its to hard for the spammers ;)). Corporations should protect ther WLANs but saying that spamming is a great threat is to overdo it. Regards John
Re: Drive-by spam hits wireless LANs
Neil J. McRae wrote: Just cause there are unprotected WLANs dosn't imply that spammers use them (perhaps its to hard for the spammers ;)). Corporations should protect ther WLANs but saying that spamming is a great threat is to overdo it. I agree, but people said that the spammers wouldn't be able to deal with BGP route advertisement but there was cases of spammers injecting routes sending out spam then removing those routes. Wlan is easy. Neil. Yes you are right, but I think that the article on news.com dosn't contain any valuable information but are just there to scare ppl. It isn't so hard to make admins secure the open hotspots, the problem is how to handle ppl who buy hour access at a café. (IMHO) /John
Re: Drive-by spam hits wireless LANs
Jared Mauch wrote: Imagine a few of the following scenarios: 1) You wok for an ISP and have access through them. One large enough that they apply their AUP to their own people. You have ISDN/DSL or some other connection w/ reverse-dns for your personal domain home. Someone drives by your place, finds your unprotected lan, sends spam, hacks, etc.. complaints come in, you lose job because you were a spammer and your employer needs to stop, etc. 2) You are a small company, someone does this, and you get blacklisted as a spamhaus. you are unable to get internet access. 3) you have a cable modem as your only high-speed connectivity. you have one of the linksys/whatever nat+802.11a/b boxen. you get used, you get blacklisted and can not get high-speed pr0n again. While these seem like minor annoyances in some cases, they can be quite dramatic to the person on the receiving end. I wish the wireless vendors would use a somewhat more inteligent approach and turn WEP on by default when shipping their units and at the cost of a few cents more they can print a sticker on the box that can be removed later that has the uniqe WEP key for that unit. Similar to the way when you go to the hardware store you can play match-up to get the same key for multiple locks. Hi In some way you are right, but still I think it's even worse to use WEP cause then the admins might think it's safe, it takes about 15 minutes to crack a wepkey, so instead of drive-by spamming you could call it drive-by, have a bagle, start spamming. The most hardware/software indipendent solution I have seen so far is the use of VPN, simply place the WLAN outside your own LAN. /John
