Re: Re: RE: Re: broadband availibility

From: Bill Knight (wknight40@comcast.net)
Date: Fri Dec 10 2004 - 06:52:09 EST


True "Wardriving" is not illegal as long as you do not log on to the
network. "Packet sniffing" is illegal if you do not have permission to be
on the network. I may be wrong but in order to "sniff packets you have to
log on to the network. If using at work, you have permission to be on the
network. Packet sniffing at college campuses is used to find illegal use is
used by people that have permission on the network. The reason I believe
this to be illegal is if a person has "WEP" turned on enough packets can be
sniffed to break the "WEP" encryption. This is why WEP is not considered to
be secure. Yet at the same time unless you have a lot of info traveling it
has been said that it could take up to 3 days to get enough packets to break
128 bit encryption WEP. As for proving somebody is on the network illegally
"IP Scanner" will check for all IP addresses on the network. It will also
show the unique MAC address/encoded number of the NIC card along with the
computer name. Granted as stated it does take a little "Tech Savy" to get
this info. The software is free and easy to use, but alot of people do not
know about it. But I prefer the European way of thinking and the New
Hampshire way. If you have a wireless network and it is not secured and
somebody uses it. Your fault. If secured and you catch them you can sue
the pants off of them.

Dak content: I miss mine.
"Bill Pitz" <dakota@billpitz.com> wrote in message
news:cpbe0i$l6u$1@bent.twistedbits.net...
>
> Bill Knight wrote:
>> One thing I did not see mentioned is that it is illegal to access another
>> person's router/access point without there permission. I cannot find my
>> link I had, but it is considered a federal offense. Not saying I do not
>> partake in this, but be careful you do not access the wrong person's AP
>> and get into a heap of trouble. Check out www.wardriving.com and check
>> out some the stories there. Also check www.michiganwireless.com .
>
> Yup, that's definitely the case. It is not, however, against any law to
> "wardrive" (i.e. just detect networks and their status). As far as I
> know, it is also not illegal to monitor networks (i.e. running a card in
> RF monitor mode and looking at the packets that it picks up, so long as
> you are not breaking anyone else's encryption). I can't see any way for
> that to be illegal, because I actually use tools that do that for
> legitimate purposes at work. They are also frequently used on college
> campuses and even in offices to make sure that
> students/residents/employees are not running any "rogue" access points
> that violate the company's network policy.
>
> Obviously, though, the biggest mistake you could make would be sending
> personally identifiable information over someone else's link. I suspect
> it would also be difficult for them to prove in court that you did not
> "accidentally" enroll in someone else's access point if it was configured
> with all of the defaults that might have matched your own network. (i.e.
> if my neighbor has a Linksys access point, configured with factory
> defaults [ssid linksys, no encryption, no filtering] and I also have a
> device with the same configuration, I would have no easy way of telling
> which network is mine and which is my neighbor's, and I may inadvertently
> use his network connection. In fact, that would happen if I had an AP in
> default configuration at my house, which of course I don't.
>
> On the other hand, if someone has taken *any* steps to make sure people
> don't stumble onto their network (I'm thinking along the lines of
> something as simple as changing the ssid), it would be much easier to
> prove in court.
>
> Of course, they would also have to be able to identify you (not easy if
> you are not sending any personal data over the connection) and then trace
> (wirelessly, mind you) the signal back to your location. This would be
> easy for the FCC or a tech-savvy individual to do, but not so easy for the
> average dummy who has an insecure access point. I highly doubt that the
> FCC has the time, resources, or inclination to respond to complaints
> people have about someone else latching onto their AP. I suspect their
> first response would be to tell the people to secure their network. I
> know there have been some cases -- and I suspect that they were primarily
> intended to make examples out of a small number of people to discourage a
> larger number of people (like the whole music sharing thing).
>
> -Bill



This archive was generated by hypermail 2b29 : Sat Jan 01 2005 - 11:48:08 EST