Wartrapping? 266
netphilter writes "This article on ZDNet writes: "A "honeypot" trap consisting of a Wi-Fi-equipped laptop is the latest weapon against drive-by hackers." Although I'm sure that I've heard of this somewhere before, it appears that the latest twist is that this company is looking to sell them to corporations. Hmm...I wonder what the warchalking symbol for a honeypot really would look like?"
How the heck (Score:5, Insightful)
Hackers? (Score:5, Insightful)
I wound't call em hackers, just opportunists.
Good (Score:3, Insightful)
Well, I for one am glad that we are going to see a crackdown on today's tech-obsessed miscreant.
There are better ways to do this (Score:5, Insightful)
Since even a secured wireless network can be broken into in about 30 minutes,
it makes more sense to treat the wireless network as an external network.
All accesses to the 'real' internal network then go through the firewall as if they came from the Internet.
Doing anything less than this seems to be courting danger.
Idiots... (Score:5, Insightful)
It is quite possible to do wireless without opening up your entire company network. Just like it's possible to NT networking securely.
The problem is for the most part there are idiots in control of the corporate IT that have impressive MS certifications after their names but don't know diddly squat. This quote:
proves it and let's us know who they plan on selling to.And just what is it they plan to do when they get people logged into their honey pot? Call the police? Oh man please.
This is ridiculous (Score:5, Insightful)
OT, does anyone know of a Netstumbler-like tool that works with the Toshiba e740's built in Prism wireless card?
Hahah (Score:5, Insightful)
Not all people accessing wireless networks drive up to the front door.
Will someone explain what the "threat" is? (Score:2, Insightful)
A Much Better Idea (Score:5, Insightful)
If you want wireless security, take your WAP and plug it into a spare interface on your firewall, or whatever hardware you're using to do your VPN. Now send out a memo saying 'We now have wireless access. In order to use the wireless access you'll need to use that VPN software that we gave you so you could work from home'.
Only accepting authenticated IPSec connections is going to do a hell of a lot more good than getting useless statistics on how many people wanted to hit google while sitting in that park half a block down the street from your office.
Re:How the heck (Score:5, Insightful)
In this way I think that Wi-Fi honeypots could be VERY effective. Given the inherent insecurity of the protocols being used, any data that could be used to develop better standards is definitely welcome.
New name? (Score:2, Insightful)
Re:Idiots... (Score:3, Insightful)
Why? Why on earth would wanting a good user interface make you an idiot? You'd prefer a bad user interface?
Cheers,
Ian
I do not get it. (Score:5, Insightful)
Evolution (Score:2, Insightful)
True technology evolves -- and this is how these 'environmental' networks will become secure, finally -- not through laws and threats against "hacking"....
Re:Huh? (Score:2, Insightful)
If I'm a malicious cracker and I'm out wardriving around, I find an unprotected network. Sure, I may not care about the corporate resources on _that_ network I'd have to IPSEC to, but what about other networks? I've gained access to Corporation XYZ's WLAN, why don't I start rooting boxen on other networks? They're going to trace it back to XYZ's netblock, and potentially pursue legal action. As the security architect for XYZ, I would have no option to view my deployment as criminal negligence. Sure, my internal net is protected, but crackers are sullying my good name by using my network to attack others. What if the cracker decides to use my WLAN to attack my strongest competitor? Do I drop an IDS on the WLAN? Now I've spent more time/money/resources in babysitting my open WLAN than properly introducing (be it weak) WEP and (be it also weak) registered MAC addresses.
Re:Huh? (Score:2, Insightful)
Re:Good (Score:5, Insightful)
Additionally, taking someone's car is stealing -- you deprive them of the car. Using someone's bandwidth is likely not, unless you use so much that they can't get their work done.
Re:Huh? (Score:3, Insightful)
Man, don't be such a bread head. You use technology that I invented and gave away for free every day of your life and you don't even know you are doing it.
Seriously, I have a WiFi connection in my house. If someone passing by wants to download their email that is fine with me.
If someone comes to our corporate offices and wants to download their email or send a presentation or whatever that is also fine.
Of course you get people who abuse the hospitality on offer which is why I propose use caps.
Funny thing is that I have done a lot better not worrying too much about money than the folks who think of nothing else. Thing that most disappoints me about having my stock price in the crapper at the moment is not the fact that I can't afford to buy Blandings Castle [apleyhall.com] at the moment, I am much more concerned that I can't just write a check to build a hospital or school in Afghanistan. Still in five years from now I'll be doing fine and you will still be a breadhead loser who thinks only about what you shoulf receive and not about what you might give.
Re:Huh? (Score:2, Insightful)
So? They use port 8080 or 1080 or whatever to talk to an open proxy in a Korean school, to an open relay in France...
And if they had self-respecting admins, would they have open access in the first place? I wonder what the warchalking symbol for "clueless, playing in traffic" is? :^)
I can't wait until the first warspammed company shows up in NANAE whining/threatening to be let out of SPEWS.
Re:Wardriving is not illegal (Score:3, Insightful)
You walk into a large public restroom. Is it illegal to bend down to see which stalls you can see people's feet in?
Is it illegal to look at pretty girls (or boys) on the beach? It would be illegal to try to look at them in a dressing room or in their bedrooms, but if they're in public, is it illegal?
If I'm walking down the hall in a hotel, is it illegal for me to look into a room where the door is open? If the door's open, there must not be much of an expectation of privacy at the moment. I don't have the right to walk into that room or to open any closed ones, but I can look to see which ones are open, can't I? And if it's open, I can see inside, right?
The way I see it, it's all just electromagnetic radiation. If you don't want people to see you naked, wear clothes, close the door, whatever. If you don't want people to access your wireless network, use access controls.
The trouble with it all is that some people DO put up public wireless networks. How will you find them if it's illegal to search for them? It's pretty friggin' easy to turn on the basic WEP encryption and not allow people in. The fact that it's insecure and can be easily broken is beside the point here. If there's even rudimentary safeguards against public use, you assume it's private. Otherwise, it's public.
The world you live in would have no wireless access for the masses (because, evidently, you're not allowed to find the access points.) That's a world I don't want to live in, unless you've come up with another way to get fast net access on the go.
"Crooks", houses, and wireless (Score:5, Insightful)
Using weak metaphors to argue about computer security gets really old. A closed door, locked or not, is an indication that you're not supposed to go in unless the owner wants you there. Likewise, a WEP-protected network may be easy to get into, but the use of WEP is a sign that you're not wanted there. And just like a house with an Open House sign on the front, my wireless network has no such "go away" signal because I want people to use it. (Of course, just like an Open House sign does not mean "please burn my house down", my 802.11b base station is not an invitation to abuse my network, just an opportunity.)
Re:Wardriving is not illegal (Score:4, Insightful)
I'm getting really damn tired of the obtuseness of so many people that bend over backward to justify network intrusions. I don't get this fetish over the fact that it's broadcast over EM. So what? You don't need a freaking wire to connect. Otherwise, it's the same as any other network. And, on any other network, you are not presumed to have a right to access network assets you have not explicitly been explicitly been granted, regarldess of whether it's been secured. If someone has their permissions screwed-up on their shell account on some machine, you still don't have a right to go accessing their files. If, as once was common, you find that with your spiffy new cable modem there are suddenly thirty machines in your "Network Neighborhood", you still don't have a right to access those shares, if any. Permission has to be explicitly granted. If you haven't been explicitly given permission to use a WAP, then you are breaking the law by using it.
This isn't about "worlds". I, too, want to live in a world where there are public access wireless networks, just like I want to live in a world where there are public restrooms. The answer isn't to proclaim that all unlocked restrooms are (or should be) presumed "public", but to presume that all restrooms are private unless explicitly labeled as "public". A more thoughtful technology would use a protocol that can explicitly mark a WAP as being public. Until then, it's invasive, self-serving, unethical, and illegal to use a WAP that you don't have explicit permission to use. It just doesn't matter whether it's secured or not. Under the rule of law, the responsibility isn't on the potential victim of an injury to protect themselves from it (such as locking your doors), it's on the perpetrator to not inflict the injury. This marks the difference between the sort of society where the strong are encouraged to prey upon the weak and a society where every human being is presumed capable of moral choice--the onus is on them to choose correctly.
Your restroom analogy is very poor because the whole of it is in the context of a public place. A public restroom is explicitly public. Any random unsecured WAP is not. It's merely unsecured. So, you can "look" under the door, but it doesn't matter because, no matter what, you don't have a right to go in.
Re:Honeypot Symbol (Score:2, Insightful)
Additionally, while using the bathroom, (s)he would be depriving you of your use of that room. Likewise, you are depriving that network of one of its dhcp/bootp allotments. Its a bad comparison, though.
If you're out searching for networks you can connect to, thats quite different from accidentally connecting to one when you meant to be connecting to one to which you are an authorized user. Looking around for open networks is closer to going and trying the front and back doors of every house on your block, than to walking in an open door. You are taking action to locate insecurities. There is no reasonable analogy to stumbling into an insecure network, though.
Either way, you're an asshole if you're intentionally trying to gain access to networks to which you're not authorized. Same as you're an asshole if you try to break into my house. I don't care if I did leave the front door open, that isn't an invitation or authorization for you to be there.
Re:Huh? (Score:4, Insightful)
Or they could just secure the thing with ACLs, secure transactions, etc. - in short everything else that can be done that doesn't involve a pair of sneakers. Sure beats jogging through the building every so many hours with a preciously configured laptop.