Brent Saner on 11 Dec 2007 02:02:17 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wireless access - from a security expert

  • From: "Brent Saner" <brent.saner@gmail.com>
  • To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
  • Subject: Re: [PLUG] Wireless access - from a security expert
  • Date: Mon, 10 Dec 2007 21:01:36 -0500
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=Gwl+i5CxB1ZEzSVilT3VrgRdnci/P/j+FjdozZj2xlA=; b=gDovfootMM9JMRw4vku1FHGZjA31P3CxImi4Jz4B13Cu4byRZQM6n8p1fVBckpi3sBg/z9ytta+Y9FavBGkGsbInfr3WhUO/yCSUJcrMRjxsk2S7x1O7c1jWOWkCQX8ftC/sJt0xQ1x7cnnKMUbxF3vyxgUJtfS60cD9drg5Fpc=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org
(aherm)
not to CONTINUE TO BEAT A DEAD HORSE

but it's important to remember that packet filtering can work both ways. ;) you can carve traffic flow so that things such as torrenting/P2P, et. al. are not allowed. if it's something you're concerned about anyways.


hell, you could even set up the line to be sniffed and based on the sniffed packets, direct their connection to some little site that says saying "i know what you did last summer"
...wait.
i mean "stop pirating"
i mean, it's not too trivial to have connections bound to some proxy in which case they would have to sign some sort of disclaimer/waiver saying they know their actions are being logged and that you are not responsible for what they download, and they need to provide a name, e-mail address, and snail mail address to continue.

have all this logged- grab the mac id, ip, times, sites visited (sniff for logins? hello?) etc. and make sure you put a clause in the waiver that says you won't use this data to cause harm, it's strictly as a deterrent against unlawful behaviour.

yes, it's dirty. but if you're concerned about it, there's no excuse, is my point.
(and as long as they accept the waiver, then there isn't a problem- it is YOUR network. it's like this- IIRC, if you have a surveillance camera- in your house, for instance, federal law requires you to post a sign saying that you do. but it's still your property.)

in short, can this thread PLEASE DIE. again. please.

if it can't, i'd at least suggest we just have an entire PLUG meeting dedicated to some sort of "open AP symposium debate" thing because then at least it'd either end in laughter or tears and not a drawn out discussion that really gets nowhere.

On Dec 10, 2007 8:39 PM, Aaron Mulder <ammulder@alumni.princeton.edu> wrote:
Still, I'd think the real thing to be concerned about is not so much
network security, but when the RIAA thugs look into the ISP's records
and find out that the offending IP address is assigned to YOU.  I
haven't been following their cases too closely, but my impression is
that the "I swear it wasn't ME" defense isn't going so well.

Thanks,
     Aaron


--
Brent Saner
215.264.0112(cell)
215.362.7696(residence)

http://www.thenotebookarmy.org

Bill Gates is to hacking as Sid Vicious was to the Sex Pistols: no talent, everyone hates him, and he's just in it for the fame and money. 
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug