Unconfigured Wireless AP Ethics
Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Unconfigured Wireless AP Ethics

  1. #1
    Senior Member
    Join Date
    Nov 2005
    Posts
    115

    Unconfigured Wireless AP Ethics

    Originally posted here by JonnyFrond
    I pick up 2 other networks where I live and just using simple commands in dos and seeing what info could be gleaned was quite scary. I was able to log straight into their wireless router, and I am sure with a little bit of googling, I could have found the default admin password, and caused some havok.
    This brings up an issue I have had in the past: Is there any possible way to notify Mr Bloggs with the open wireless AP that he hasn't configured it correctly and to do so or they may be at risk? Without imposing or being deemed illegal?

    The sort of thing I'm thinking of is a virtual PostIt on their system... I have thought about literally posting Pos**** on the nearby houses/apartment doors with the SSID, but I didn't want to cause a ruckous.

    I have seen a number of open wireless routers with changed SSIDS... but I would say this was a little beyond what I want to do.

    Anyone have any good ways?

    Cheers,

    aL

  2. #2
    Banned
    Join Date
    Jul 2004
    Posts
    119
    isnt there a program that can make a map and find the wireless users house? a friend of mine has a program that does it but i dont know the name of it, but he uses it to find people who are tapping into his wireless. but that would be the safest way, find his house and knock on the door:P

    otherwise id just go in and leave a text file on his desktop named READ ME NOW.txt saying "fix your xxx xxx before some bad kid with too much time hurts your box" anonymously

  3. #3
    Senior Member JonnyFrond's Avatar
    Join Date
    Jan 2006
    Posts
    238
    I was talking to my flatmate last night about this, and was saying that I quite liked the idea of leaving free internet hotspots for others to link into, and I believe that there has been a trend of chalking up an "infinity symbol" that sideways 8 at places for others to identify. Then my flat mate pointed out that it is a problem if some naughty man parks outside your house and surfs for kiddie porn through your internet access, it can be traced back to you. Even if nothing comes of it the whole idea of that gives me a bad taste in my mouth

    But even so, I would still maintain that it is their problem. There is enough information out there and enough media coverage to know that internet security is important these days. If you were really concerned you could always contact their ISP and let them know. Would that work, or would they tell you to mind yer own business? I think the later and they might even know how you found out even that. And quite frankly, if that is the case, then it certainly isn't worth putting your pants on over your tights.

    otherwise id just go in and leave a text file on his desktop named READ ME NOW.txt saying "fix your xxx xxx before some bad kid with too much time hurts your box" anonymously
    Nice idea except how many untechy people do you know that actually read text files that say "read me" or techy peeps for that matter.

    A Spade's a spade in Fronny's world
    Sarcasm is a way of life

  4. #4
    Banned
    Join Date
    Jul 2004
    Posts
    119
    im just stating that a person that finds a new file especially one that says readme now etc...or name it "you have been hacked.txt", something eye catching. especially on the desktop, i know my desktop the best. i consider it a good deed, points for the afterlife......

  5. #5
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I used to run an open AP, for anyone who wanted to use it. My own computers were firewalled and had all sharing disabled. I don't believe that anyone could have done any damage to my systems as even the router was password protected (by a good password).

    I ceased this practice when someone started using my internet connection to download massively, and I don't really want the RIAA to come after me.

    Now I use WPA and MAC filtering to limit the connections to my router and have not had anyone else connect to me in a very long time.

    During the time I was running an open AP, I was very vigilant about my logs and possible connections to my systems, checking them a couple of times per day. The downloading took place less than a day before I put a stop to it, and it was more than just downloading updates would account for, so I assumed it was music or program downloads that the other person was going for.

    I would have continued to supply an open AP untill someone decided to use it for downloads of that sort.

    edit> there is no way you could have reached my computer to leave any kind of message, that I am aware of....without some hard cracking of my systems.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  6. #6
    Banned
    Join Date
    Jun 2005
    Posts
    445
    Generally... people with completely open and unsecured AP's also run the Windows Messenger service.


    You can do a NET SEND to leave them a note.

    Net command guide

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I am sorry to appear cynical, but so many people get very upset when you point out that they are doing something the wrong way. You frequently end up by causing more trouble than it is worth.

    I would be inclined to ignore it, unless they are hijacking your system.

    For example, supposing some bozo has used their system for illegal purposes, you will now be the prime suspect, illogical though that might seem.


  8. #8
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    Interesting topic. As I speak, there are 8 wifi networks that I can see that are close to my apartment (I live in a complex). Only 2 of them are secured, including mine. This just goes to show that people refuse to take computer security seriously until they are subject to some nasty virus and/or trojan. Hell, even when I find viruses/trojans on other people's computers and point them out...I get a blank stare and they go back to business as usual.
    I see 3 ways of handling open, unsecured wifi networks:
    1) The good samaritan way - Let them know they have an unsecured network and hope they don't freak out on you.
    2) The wrong way - Log on to their router (most likely using the default admin password) and block them out of their own router, then change the password.
    3) The realistic way - do nothing.
    Yes, I said do nothing. Why? You'd be lucky if even 1/4 of the people you notified did anything about it. People just don't care enough to educate themselves. In most cases, it takes something drastic to convince people to secure their computer(s)/network(s). We (meaning people who pay attention to computer security) all know what proper ethics are regarding unsecure wifi networks. Whether we practice them or not is another story.
    In any event, I'm reminded of an old saying:
    "If all people were angels, we wouldn't need a government"
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  9. #9
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    I noticed that one of the wireless computers at work was connected to the router of the bowling alley next door... not encrypted... I found a laser printer and printed out instructions on how to set up encryption, and change the password of the router (which I am guessing was still the default). Not sure how ethical it was, but the next day, WEP was enabled, and the SSID was changed (although it was still being broadcasted). I figure that some good came out of the incident.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  10. #10
    Senior Member JonnyFrond's Avatar
    Join Date
    Jan 2006
    Posts
    238
    I love it when everyone has an opinion, it makes me realise two things;

    1. I was right and
    2. It's all about me, me me me me me.

    Good, now I've got that off my chest....

    I have a very dear friend who knows really only what I tell him about security, and he really sits and listens and thinks, and then once a year when I go to visit him, I spend 6 hours doing his acumulated patches and updates for virus and stuff over a 56k modem.

    You can't tell anyone anything, they will only listen if they have asked for advice, and even then...How many times have you given directions to a stranger only for them to walk off in a totally different direction?

    I figure that some good came out of the incident.
    Well if it works and you didn't get caught, you can have some feel good points. I find it is better to leave criminal activity to the criminals, they know how to get away with it, and they don't have a conscience that way people beef up their security others make money which if users are savvy the banks will pay, and we can all go to hell in a little row boat for cutting down the trees.


    And before you ask, it is all about me


    ME ME ME ME ME ME ME JF ME ME ME
    Sarcasm is a way of life

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •