Re: Re: Legality of WEP Cracking

To:	pen-test@securityfocus.com
Subject:	Re: Re: Legality of WEP Cracking
From:	Matthew Webster <awakenings@mindspring.com>
Date:	Sat, 19 May 2007 08:26:27 -0400 (GMT-04:00)
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=mindspring.com; b=jbHYiIo5gAVdgjJY3gPA7f0XTBb8v+2SJI9XMoXziTGxAmAq4aFMoHvSHQ+x09s3; h=Message-ID:Date:From:Reply-To:To:Subject:Mime-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:X-ELNK-Trace:X-Originating-IP;
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
Reply-to:	Matthew Webster <awakenings@mindspring.com>
Resent-date:	Sat, 19 May 2007 13:34:05 -0600 (MDT)
Resent-from:	pen-test-return-1078484202@securityfocus.com
Resent-message-id:	<20070519193405.1A37F236F45@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Craig,

    Thanks for that information.  I have an additional question that is purely 
hypothetical
which also tangentially related to the WEP cracking in airports.  In the space 
around
where I work, there are approximately 200 different access points that are 
visible
from within the space I work that are not owned by us.  Presently I only use 
netstumbler
/ kismet to ensure that the devices are not present in our environment.  If we 
had
a device that was in ad hoc mode, then it could potentially indicate a breach.  
If I wanted to capture packers to investigate our network further, there would 
be
a high degree of probability that I would inadvertently capture packets from one
of the other 200 different networks invading our space.  It sounds like, because
those wireless networks invade our space, that I would not be permitted to do so
because I would be in awareness that I would also pick up other wireless 
networks.
Luckily, even with the audit follow-ups, I've never needed to do so, but I could
imagine an incident occurring where I may need to capture traffic (authorized 
relating
to our own network), but  I may even inadvertently capture plain-text passwords.
This may be a good opportunity to update my forensic procedures to include 
wireless
breaches and update incident response surrounding wireless networks.  Any 
thoughts?

Matt

-----Original Message-----
>From: cwright@bdosyd.com.au
>Sent: May 18, 2007 11:46 PM
>To: pen-test@securityfocus.com
>Subject: Re: Re: Legality of WEP Cracking
>
>>"sniffing the air" is legal
>
>Well actually, if this is sniffing as in intentially capturing an electronic 
>transmission, than this is illegal and also criminal.
>
>Interecption + telcomunications - permission = criminal act 
>this is true in the US, CA, UK, AU etc
>
>So actually even capturing packets is illegal, proof is difficult though.
>
>Regards
>Craig
>
>------------------------------------------------------------------------
>This List Sponsored by: Cenzic
>
>Are you using SPI, Watchfire or WhiteHat?
>Consider getting clear vision with Cenzic
>See HOW Now with our 20/20 program!
>
>http://www.cenzic.com/c/2020
>------------------------------------------------------------------------
>




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Legality of WEP Cracking, (continued) Re: Legality of WEP Cracking, Nick Selby Re: Legality of WEP Cracking, Nicholas Chapel Re: RE: Legality of WEP Cracking, ebk_lists RE: RE: Legality of WEP Cracking, Erin Carroll RE:Legality of WEP cracking, scott Re: Legality of WEP Cracking, Matthew Webster Re: Re: Legality of WEP Cracking, cwright Re: Legality of WEP Cracking, Chris Travers Re: Legality of WEP Cracking, Bob Radvanovsky Re: Legality of WEP Cracking, Justin Ferguson Re: Re: Legality of WEP Cracking, Matthew Webster <= Re: Re: Re: Legality of WEP Cracking, ebk_lists Re: Re: Re: Legality of WEP Cracking, Justin Ferguson Re: Legality of WEP Cracking, cwright Re: Legality of WEP Cracking, Justin Ferguson Re: Legality of WEP Cracking, Larry Offley Re: Legality of WEP Cracking, Justin Ferguson Re: Re: Legality of WEP Cracking, ebk_lists RE: Re: Legality of WEP Cracking, John Babio Re: RE: Re: Legality of WEP Cracking, ebk_lists Re: Re: Legality of WEP Cracking, cwright

Previous by Date:	Re: Legality of WEP Cracking, Bob Radvanovsky
Next by Date:	Re: Consulting License Offer, David M. Zendzian
Previous by Thread:	Re: Legality of WEP Cracking, Justin Ferguson
Next by Thread:	Re: Re: Re: Legality of WEP Cracking, ebk_lists
Indexes:	[Date] [Thread] [Top] [All Lists]