NetStumbler is good for "War Driving" and finding potential customers. And
you don't have to hack or access someones network to do it. When you
approach a potential customer that has an open access point, all that needs
to be said is that you were doing a site survey for another customer in the
a
ing you would win
>>the legal battle...but there would most likely be a legal battle over
>>it.
>>
>>I am interested to know the outcome if anybody does actually try this
>>and approaches the company about it.
>>
>>Dan
>>
>>-Original Messag
rections always accepted ...
Thanks!
TJ
-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 26, 2002 4:02 PM
To: [EMAIL PROTECTED]
Subject: RE: Rogue Wireless LANs [7:47287]
At 2:26 PM -0400 6/26/02, Dan Penn wrote:
>I think the take the company
battle...but there would most likely be a legal battle over
>it.
>
>I am interested to know the outcome if anybody does actually try this
>and approaches the company about it.
>
>Dan
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
actually try this
and approaches the company about it.
Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Ken Diliberto
Sent: Wednesday, June 26, 2002 11:04 AM
To: [EMAIL PROTECTED]
Subject: Re: Rogue Wireless LANs [7:47287]
Agreed. This could be a
Agreed. This could be a big legal trap.
If you use something like Network Stumbler, you're not actually using
their network. You're just seeing the broadcasts from it. Maybe that
would be a good approach.
Ken
>>> "Thomas E. Lawrence" 06/25/02 11:09AM >>>
I realize you are speaking in jest,
At 3:21 PM -0400 6/25/02, Stephen Manuel wrote:
>Tom,
>
>I'm not speaking jest, I have used netstumbler to find wireless networks
>that are wide open, some
>are in major companies.
>
>However, I turn off my client manager before I go wardriving, that way I
>don't accidentially connect
>to someone'
t; without hiring me to do it for them.
>
> I was simply amazed at the shear number of AP's out there and how many
were
> in businesses wide open.
>
> Stephen Manuel
>
>
>
>
>
>
> - Original Message -
> From: "Thomas E. Lawrence"
> To:
> Sent: Tuesday
Lawrence"
To:
Sent: Tuesday, June 25, 2002 2:09 PM
Subject: Re: Rogue Wireless LANs [7:47287]
> I realize you are speaking in jest, but for those who might consider this
> approach as a means of drumming up business, you may want to give some
> thought.
>
> Connecting to
> Question: Is Cisco's LEAP better than WEP? Does it have the same purpose
> but without some of the issues? I should know this, but I don't use Cisco
> for wireless (shame, shame).
It's not that it's better than WEP, it just provides reasonably secure
authentication and a bandaid for WEP's secur
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Dan Penn
Sent: Tuesday, June 25, 2002 11:33 AM
To: [EMAIL PROTECTED]
Subject: RE: Rogue Wireless LANs [7:47287]
You have given me an idea. All I need is a laptop now =) I would go
war driving in the area
o:[EMAIL PROTECTED]] On Behalf Of
>Stephen Manuel
>Sent: Tuesday, June 25, 2002 10:02 AM
>To: [EMAIL PROTECTED]
>Subject: Re: Rogue Wireless LANs [7:47287]
>
>Neil and others,
>
>Recently I installed in my home a linksys wireless router/switch/ap, it
>works great, yes I
I bet I would find some businesses that didn't even
> know they were running wireless such as this thread started out.
>
> Dan
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Stephen Manuel
> Sent: Tuesday, June 25, 2002
I attended a Cisco Wireless update last month and came
out of it with this information.
Their updated WEP provides dynamic keys now. It is
still crackable, but by the time it is cracked the key
has regenerated.
Also the keys are no longer hard coded into the
device, since they are dynamic.
_
ginal Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Stephen Manuel
Sent: Tuesday, June 25, 2002 10:02 AM
To: [EMAIL PROTECTED]
Subject: Re: Rogue Wireless LANs [7:47287]
Neil and others,
Recently I installed in my home a linksys wireless router/switch/ap, it
works great,
ce the AP outside of the firewall
>
>Create VPN access for those wireless clients needing access to internal
>servers.
>
>I'm sure others have done work in this area and can add to the discussion.
>
>BTW, interesting enough the first 3 companies I approached about the
>
Pat,
The "8th layer" policy idea is good. I would take that one step
further, after checking with your legal department to make sure they
don't have a problem with it and that it's airtight:
In addition to the "disciplinary action up to and including termination"
clause, incorporate in company
3 companies I approached about the
unsecure AP's, 1 denies having wireless networking installed, 2 ignored me.
HTH,
Stephen Manuel
- Original Message -
From: "Neil Borne"
To:
Sent: Tuesday, June 25, 2002 8:52 AM
Subject: Re: Rogue Wireless LANs [7:47287]
> The pro
heard it works with only some wireless cards...
>From: "Patrick Donlon"
>Reply-To: "Patrick Donlon"
>To: [EMAIL PROTECTED]
>Subject: Rogue Wireless LANs [7:47287]
>Date: Mon, 24 Jun 2002 11:48:48 -0400
>
>I've just found a wireless LAN set up by so
- Original Message -
From: "Priscilla Oppenheimer"
To:
Sent: 24 June 2002 2:26 pm
Subject: Re: Rogue Wireless LANs [7:47287]
> At 11:54 AM 6/24/02, chris wrote:
> >WEP for starters, then you can set the acccess point to only accept
> >connections from spec
AIL PROTECTED]
Subject: Re: Rogue Wireless LANs [7:47287]
At 11:54 AM 6/24/02, chris wrote:
>WEP for starters, then you can set the acccess point to only accept
>connections from specific MAC addresses.
I don't think he was asking how to secure a wireless network. He was asking
how to contr
Sorry misread the question, best option is to disable unused swithcports and
resric them to mac, like you were mentioning.
Chris
""Patrick Donlon"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks Chris, I was thinking more about securing the switch ports by
> authenticati
At 11:54 AM 6/24/02, chris wrote:
>WEP for starters, then you can set the acccess point to only accept
>connections from specific MAC addresses.
I don't think he was asking how to secure a wireless network. He was asking
how to control non-IS user types from installing new equipment on the
netw
When we find access points like that, we disable the switch port they
connect to.
We are using Network Stumbler to find rogue access points. Works well
and it's free.
Ken
>>> "Patrick Donlon" 06/24/02 08:48AM >>>
I've just found a wireless LAN set up by someone in the building, I
found it
by
Don't know if you know about this or not, but NetStumbler is a good freeware
(begware) app for finding those rogue wireless apps that you might not know
about. Check them out at:
http://www.netstumbler.org/
> What about restricting DHCP based on MAC Address.
> Problem is a lot more administra
Thanks Chris, I was thinking more about securing the switch ports by
authenticating mac's (probably a bit OTT) or using SNMP to check for new
devices, any other ideas? I've already set up a wireless LAN here with WEP
with authentication on an ACS server, which is a waste of time when you have
peo
What about restricting DHCP based on MAC Address.
Problem is a lot more administration.
--- Patrick Donlon wrote:
> I've just found a wireless LAN set up by someone in
> the building, I found it
> by chance when I was checking something with a
> colleague from another dept.
> The WLAN has zero
It's only a matter of time. It's bad enough they can buy their own servers
and switches down at CompUSA and set up situations that can bring your
network down while spanning tree runs..
1) does your employer have a written security policy in place? Will your
management enforce such a policy if it
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses. You can implement LEAP on the
cisco AP, radius/tacacs+ requiring user/pass. Then you could place the AP
outside the LAN/Firewall and require VPN to access the LAN resources.
Cisco has go
I've just found a wireless LAN set up by someone in the building, I found it
by chance when I was checking something with a colleague from another dept.
The WLAN has zero security which is not a surprise and lets the user into
the main LAN in the site with a DHCP address served up too! Does anyone
30 matches
Mail list logo