Re: [PLUG] Wireless access - from a security expert

Jon Nelson on 12 Dec 2007 15:51:56 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wireless access - from a security expert

From: Jon Nelson <lists@linuxnotes.net>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Wireless access - from a security expert

Date: Wed, 12 Dec 2007 10:51:34 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

On Mon, 2007-12-10 at 02:55 +0000, Stephen Gran wrote: > On Sun, Dec 09, 2007 at 09:36:32PM -0500, Brian Vagnoni said: > > Also, though a "legal technicality", leaving an AP open without > > properly labeling it as Free Public WiFi people could accidentally > > violate the law. Once having connected to a open access point that is > > not clearly labeled as free and public and having obtained an IP > > address on the local network that said person is in violation of the > > law. The general rule for wardriving is to disable your TCP/IP stack > > so you aren't able to obtain an address accidentally. > > > > Some states don't need the victims consent to prosecute depending on > > the crime and severity. Though I'm certain that it would die in the > > courts without a conviction it could lead to someone being arrested > > which is never a fun experience. Even if you are arrested and not > > convicted in PA you name ends up on a State Police arrest record DB. > > A pointer to the relevant statute that makes connection to such an AP a > crime of sufficient importance that it warrants prosecution without the > victims consent would be nice. Even though this horse is a bloody pulp I would like to add a couple of things... >From a Pa. law enforcement perspective generally speaking if there is no victim there is no crime. With that said, if the owner of the AP wanted to prosecute, obtaining an IP from his AP without his consent is a violation of 18 Pa.CS 7611(2) which is a felony of the 3rd degree. http://www.legis.state.pa.us/CFDOCS/Legis/PN/Public/btCheck.cfm?txtType=HTM&sessYr=2001&sessInd=0&billBody=S&billTyp=B&billNbr=1402&pn=2429 Yes, it is trivial to break into wireless networks, but if there is a wide open network next to a "secured" one the attacker will usually follow the path of least resistance. For those of you ambivalent about unknown persons connecting to your network here is a scenario that might make you think twice. What if someone connected to your network and was using P2P to augment his child porn collection? Yes, there is no way you would be convicted of possessing or distributing it, but do you really want the police serving a search warrant on your residence? Anyone who was at home at the time would get a copy of the warrant, which would describe why the police were there. Search warrants are also public records so any of your neighbors or the press could get a copy of it as well. Would you really want to go through the embarrassment and inconvenience of this possibility? Jon ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

Re: [PLUG] Wireless access - from a security expert
From: "Brian Vagnoni" <bvagnoni@v-system.net>

Re: [PLUG] Wireless access - from a security expert
From: Stephen Gran <steve@lobefin.net>

Prev by Date: Re: [PLUG] FYI: Secure BIND Template

Next by Date: RE: [PLUG] FYI: Secure BIND Template

Previous by thread: Re: [PLUG] Wireless access - from a security expert

Next by thread: Re: [PLUG] Wireless access - from a security expert

Index(es):

Date

Thread