Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: WPA Network with hidden sister

  1. #11
    Junior Member
    Join Date
    Jan 2010
    Location
    Canada
    Posts
    84

    Default

    Quote Originally Posted by lupin View Post
    It can be illegal, yes. As archangel.amael said "wiretapping laws". In Australia that would be the Telecommunications Interception and Access (TIA) Act, which covers copying or otherwise "reading" communications between other parties, including electronic communications (phone, email, etc) at a point between the normal termination points of each end of the conversation. Similar laws apply in other jurisdictions.
    Except Boradcast packets have no termination points, they are simply being thrown around in order to tell people you are there. If he were to connect, (or use other means to get into the network) then it would be wiretapping. But that is like.... me sending out flyers to all my friends houses and cars and such. Then getting pissed off when someone I didnt know got one because it happened to blow his way.

    It would ultimatly fall down to whomever was judging him. But as far as I personally amconcerned, he is not doing anything bad (since he is not connecting) so at least dont ban the poor guy

  2. #12
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by HitThemLow View Post
    Except Boradcast packets have no termination points, they are simply being thrown around in order to tell people you are there.
    By termination point I mean the termination point of the communication covered by the TIA act, e.g. a VOIP phone for a VOIP call or an email server for an email, Im not talking about packet types. This is the term that the AG lawyers used when I was querying them about this law.

    Quote Originally Posted by HitThemLow View Post
    If he were to connect, (or use other means to get into the network) then it would be wiretapping. But that is like.... me sending out flyers to all my friends houses and cars and such. Then getting pissed off when someone I didnt know got one because it happened to blow his way.
    Under the TIA act taking a copy of or "reading" a covered electronic communication is considered to be prohibited under the act. So if a covered communication happens to be transferred over a wireless network, and your tool either took a copy of it, or you "read" it onscren somehow that would be illegal under the Act. Obviously this will involve grabbing data packets. If you didnt access data packets, then it wouldnt be illegal under this particular Act - but it might be illegal under some other Act Im not aware of.

    If the beacons were the only thing you were capturing, then under this particular Act, you would probably be fine.

    This is why I said "It can be illegal" in my post, because it depends on how you are monitoring those wireless networks.

    Quote Originally Posted by HitThemLow View Post
    It would ultimatly fall down to whomever was judging him. But as far as I personally amconcerned, he is not doing anything bad (since he is not connecting) so at least dont ban the poor guy
    The decision would likely be based on case law and interpretation by the judge. Who knows how that would go. I wouldnt expect the judge to have a decent understanding of IT so they may not interpret it as you do.

    Quote Originally Posted by Gitsnik View Post
    Don't we have something in place along the lines of "It's being broadcast onto my property" going though? Obviously a big cantenna is not within these parameters, but as I sit right here I can see at least 8 networks, many of which are close to drowning out my dev network (which has the RX/TX rates turned right down).
    IANAL, but I dont think notions of whether its transferred over your property is a consideration under this law. Otherwise you could probably tap phone calls if the line went over your property. Anyway, as long as you dont sniff data packets you should be fine regards this Act though. Use of something like Kismet for example would probably be OK, because it doesnt take a copy of the traffic and it doesnt let you (as in a human in front of the keyboard) make sense of the contents of any communications transacted over the link. Also, dont forget this law is only applicable in Australia, laws in other jurisdictions may be enforced slightly differently.

    Quote Originally Posted by Gitsnik View Post
    If someone threw their open letters onto my lawn I'd probably be able to see what is going on there as well, it's not like I'm activly touching these letters, nor am I seeking them out, they are just there.
    You would have to take some action to read those letters on your lawn, just as you would have to take action to violate the TIA Act on a wireless network by reading or copying data packets.

    Quote Originally Posted by Gitsnik View Post
    A more accurate example would be getting arrested for wiretapping because someone was talking on their mobile phone in the middle of a crowd.
    Well, that wouldnt be covered under the TIA Act, because in that example you wouldnt be "reading" the communication from between the two termination points of the communication, you're listening in from outside the communication channel.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #13
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by elewton View Post
    I've been trying to get all the SSIDs and their strengths in my area with a directional antenna and then move my computer over to my friend's house and do the same and then compare them to triangulate approximate positions of businesses and compare them to a map of the area.
    Is this a) legal and b) ethical?
    Question A can be answered, but only if you specify a legal jurisdiction. In my own legal jurisdiction, the existence of computers isn't even acknowledged, let alone the existence of networks or wireless networks.

    It's funny that you should ask Question B. C'mon really, why do you need to ask us if something is ethical? You can't define whether something is ethical or not. Different people have different opinions, emotions, philosophies, all that stuff inside your head. Only you can decide whether something is ethical, and you have free will to do what you want.

    Your own philosophy is up to you. Of course, you can't discuss any illegal activity here (and you will get banned if you do).
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  4. #14
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Since there is such a buzz in this thread, and there are people who may be confused about what is legal or not. Here are some more links which help to define what may land one in front of a judge or worse.
    At least as far as the U.S. is concerned.
    There are several threads on this very subject here on the forums one just needs to do a bit of searching.

    10 laws you may not know you are breaking. Especially number four applies.
    10 ways you might be breaking the law with your computer | 10 Things | TechRepublic.com
    State laws on hacking/ computer security.
    State Hacking/Computer Security Laws
    Thanks to Thorin for the links.
    He has more as well.
    Laws for those living in Germany
    Achtung! New German Laws on Cybercrime
    Matter of fact read the entire site at
    SecurityFocus
    They have tons of information and articles in the legality and ethics arena.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #15
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  6. #16
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by Virchanza View Post
    Talk about sticking to the letter of the law:
    I call that a police officer doing what the tax-payers pay him to do.
    They guy should probably get a medal or something.
    Now as for the state's penalty ( $10,000 and or 5 years in prison) is probably not the best idea for a penalty since jails are overcrowded now, but the law is the law and ignorance of the law is no excuse.
    How hard would it have been to walk into the cafe and asked to use the service from the parking lot.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  7. #17
    Senior Member
    Join Date
    Jan 2009
    Posts
    114

    Default

    Quote Originally Posted by elewton View Post
    Network A
    SSID:...1332
    BSSID:...3C:80
    IP Range: 192.168.1.9 (through ARP)
    Flags: A

    Network B
    SSID:<No SSID>
    BSSID:...3C:81
    IP Range: 192.168.1.9 (through ARP)
    Flags: D4

    telsey router (fastweb) have 3 MAC (consecutive) on air.
    1st for wi-fi, 2nd for voip, 3rd ... i dont' know
    acer 5920g , 345abg , nvidia 8600m
    bt5 kde 64bit + acpi + cuda 4.0 / nvidia 270.40 / pyrit

  8. #18
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    4

    Default

    Quote Originally Posted by Virchanza View Post
    ...C'mon really, why do you need to ask us if something is ethical...
    While one couldn't tell etymologically, what is ethical is distinct from what is moral.
    "Ethics" represents a codified system of behaviour. Many groups consciously and unconsciously form conduct rules.
    "Morality" represents the right and wrong etc.

    For instance, it may be moral for a soldier to shoot a particular guy or for a doctor to sleep with his patient, but either may be a violation of their professional ethics.

    I'd be interested, some day, in being a proper penetration tester, so I have to learn the associated ethics.

    Thanks to everyone. Some sobering thoughts.

    EDIT:
    Thanks, Nemis. It's probably something like that.

  9. #19
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by elewton View Post
    For instance, it may be moral for a soldier to shoot a particular guy or for a doctor to sleep with his patient, but either may be a violation of their professional ethics.

    I'd be interested, some day, in being a proper penetration tester, so I have to learn the associated ethics.
    Or... if you're like me... you can keep your own morals and just choose not to disclose the stuff that violates the "group ethics".

    By the way, I think you'd find it hard to throw together a solid list of "group ethics" when it comes to pentesting. There's already division a division between black hats, grey hats, white hats, and probably more subdivisions there-in.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  10. #20
    Junior Member
    Join Date
    Jan 2010
    Location
    /home
    Posts
    43

    Default

    Quote Originally Posted by archangel.amael View Post
    Perception is in the eye of the beholder.

    And actually sniffing traffic is punishable since it can fall under the same laws that cover wiretapping.
    So before you go spouting off at the mouth check your facts and google.
    well, I actually already asked my lawyer about this before, and he said that its like this: you're sending data through the air, so anyone able to pick that data up may do so, since no one owns the air..or something like that.
    But I think it varies greatly depending on in which country one lives.
    In mine it isnt illegal.
    Aquillar> hey, you guys ever play kmem russian roulette?
    Agnostos> I don't believe I have. care to explain the details?
    Aquillar> dd if=/dev/urandom of=/dev/kmem bs=1 count=1 seek=$RANDOM
    Aquillar> keep executing until system crashes
    Aquillar> person that crashes system has to buy beer
    Agnostos> lol
    Agnostos> I wonder if I can sneak that into a server startup script here.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •