Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 40

Thread: Suspect a rogue acces point, how to expose?

  1. #21
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by streaker69 View Post
    I've seen those arguments of of the guy you're talking to before. The rationalization that is generally thrown out there is that they're not going after any computer on the other side, so it's not 'computer trespass'. What they seem to ignoring is that an AP is indeed a computer in the most basic form. Therefore connecting to one without permission is indeed trespass.
    Next thing you know they'll throw out listening to someone's radio through an open window, or using the light from their front porch to read a book on the sidewalk....

  2. #22
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Barry View Post
    Next thing you know they'll throw out listening to someone's radio through an open window, or using the light from their front porch to read a book on the sidewalk....
    You left out the watering the grass analogy.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #23
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by streaker69 View Post
    You left out the watering the grass analogy.
    Would that be the neighbor's sprinkler hitting your lawn, or physically grabbing their hose to water the yard?

    Oh, there's also the "Their signal is in my house" argument.

  4. #24
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default

    Quote Originally Posted by Citruspers View Post
    Indeed Thorin. In the Netherlands this is called Computer tresspassing, which describes it poorly, but hey, it's not the hackers creating the law

    Connecting to someone's unsecured wifi is dubious and unethical at least, so I don't think the mods will respond well to it.
    Yes, connecting to an unsecured AP is just like walking into a strangers house just because his/her door was open. Both is illegal if without permission.

  5. #25
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    23

    Default

    Quote Originally Posted by portal View Post
    Yes, connecting to an unsecured AP is just like walking into a strangers house just because his/her door was open. Both is illegal if without permission.
    Fully agreed: in all countries that I know this is the case.
    I am just wondering about the otherside. If that false AP is bad as suspected, TMHO it is not illegal. If it is than all honeynets would be illegal too. Of course, I am talking here about "normal" countries vs countries like Germany where the simple fact of having a tool like backtrack is illegal.

  6. #26
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by mno@8 View Post
    Fully agreed: in all countries that I know this is the case.
    I am just wondering about the otherside. If that false AP is bad as suspected, TMHO it is not illegal. If it is than all honeynets would be illegal too. Of course, I am talking here about "normal" countries vs countries like Germany where the simple fact of having a tool like backtrack is illegal.
    There are ways to identify rogue access points on your network without connecting to them. If it's not on your network, it's not a rogue access point.

  7. #27
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    What about connecting to hotspots without anyone's permission? If it's illegal, wouldn't FON (hxxp://www.fon.com/en/info/whatsFon) be a total failure?

  8. #28
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    23

    Default

    This is the reason why I was not talking about a rogue access point but about an open evil AP

  9. #29
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    If it is not you, it could well be a clueless user.

    To illustrate my point, I will note two things: There are 8 un-encrypted networks within alfa range of my house at the moment. They are always on and rarely if ever have people connect to them. They are all owned by grandparents or older people who only surf when their kids are around. (Edit: I know this because I'm right on top of the local church and do support for all of them).

    The other one is a user who brought a WAP in one day, installed it into a network plug and went wireless on their laptop because they were not permitted access to the corporate network. Their SSID was set to "linksys" by default, and no password. It was up to me (as the company sysadmin) to determine, detect and remove said device.

    So, it's PROBABLY either a rogue AP (like the second instance) or it's a clueless user. The odds of you getting an evil AP individual with *only* the linksys SSID are phenomenally high - any attacker worth his wifi cards will be going for at least the top 20 to try and catch as many automatic-logons as possible.

    My point here is it's either a rogue AP on a company network, and thus not your problem or concern (it is that of the admin's, regardless of how stupid they are), or it is someone who genuinely needs that (because their kids didn't fix it and they don't know). And even if it is an evil ap, it's not your concern because you shouldn't be breaking the law by connecting to it.

    So, in the words of so many children of this and prior generations:

    "Mind your own business"
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  10. #30
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by Snayler View Post
    What about connecting to hotspots without anyone's permission? If it's illegal, wouldn't FON (hxxp://www.fon.com/en/info/whatsFon) be a total failure?
    The FON networks are set up to be connected to, there's a difference. Though to be honest, most FON users are most likely breaking their ISP's TOS. Also I highly doubt a FON network is going to be called "linksys", or "netgear" or "2WireXXXX".... Now if you find an access point called "Free internets" then I'd say that's okay, but I wouldn't touch it.

Page 3 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •