The Subaru SVX World Network   SVX Network Forums
Live Chat!
SVX or Subaru Links
Old Lockers
Photo Post
How-To Documents
Message Archive
SVX Shop Search
IRC users:

Go Back   The Subaru SVX World Network > SVX Main Forums > Not Exactly SVX

Reply
 
Thread Tools Rate Thread Display Modes
  #1  
Old 04-26-2004, 01:28 PM
RSVX RSVX is offline
Network Design Administrator
 
Join Date: Feb 2002
Location: Boiling Springs, SC
Posts: 4,344
Question Wardriving

Have you?

Would you?

Dont know what it is?

Discuss.
__________________
Chris
SVX World Network Administrator
-1993 Subaru SVX LS-L, Barcelona Red, #46, 160,000+ Miles (Sold to SomethingElse)
-2011 Toyota Sienna SE, Black, 30,000+ Miles (Swagger Wagon )
-2002 BMW R 1150R ABS, Black, 26,000+ Miles (Daily Driver )
SVX Owner from February 1997 to March 2008
SVX Online Community Member since February 1998
SVX World Network Member since February 2002, Member #520

Life is a game. Play to win.
The world belongs to those who can laugh at it.
Reply With Quote
  #2  
Old 04-26-2004, 01:42 PM
Mr. Pockets's Avatar
Mr. Pockets Mr. Pockets is offline
Moderator
 
Join Date: Apr 2001
Location: Champaign, IL
Posts: 6,916
Send a message via ICQ to Mr. Pockets
Registered SVX
Assuming your definition is the same as the one I know, my answer is this:

No (other hobbies)

No (it's fun enough for me to know that you can)

Yes

Okay, I'll discuss it this way: Just because the register is open doesn't mean you should fill your pockets with the contents.
__________________


2005 RX-8 Grand Touring
2005 Outback
2002 Mercedes-Benz E320 wagon

END OF LINE
Reply With Quote
  #3  
Old 04-26-2004, 01:42 PM
nordique14's Avatar
nordique14 nordique14 is offline
Who watches the watchmen?
 
Join Date: Aug 2001
Location: Santa Clara, CA
Posts: 642
Thought about it.

Got NetStumbler. Was going to run Airsnort on a bootable copy of Linux (Knoppix), but my WiFi card doesn't come with a driver for Linux. I have to pay another $30 for the driver. I tried a Windows version of Airsnort, but I couldn't get it to recoginze my card. Couldn't get it to work with my gf's Wifi either. Oh well.

Know any good MAC spoofer programs?

Matt
Reply With Quote
  #4  
Old 04-26-2004, 01:49 PM
RSVX RSVX is offline
Network Design Administrator
 
Join Date: Feb 2002
Location: Boiling Springs, SC
Posts: 4,344
Quote:
Originally posted by Mr. Pockets
Okay, I'll discuss it this way: Just because the register is open doesn't mean you should fill your pockets with the contents.
Its one thing to track and map, its another to rape someones bandwidth.

That, and you would be amazed at how many people out there dont "RTFM" and secure their networks. OK, maybe you wouldnt be amazed. Its still fun to see how many open networks there are out there. Some intended for free use, and others, well... unsecure to say the least.

A friend of mine once told me how he found a open AP and the owner had an unsecured share to his c: drive... thats just plain WRONG.

P.S. NO, my friend is not in fact me.
__________________
Chris
SVX World Network Administrator
-1993 Subaru SVX LS-L, Barcelona Red, #46, 160,000+ Miles (Sold to SomethingElse)
-2011 Toyota Sienna SE, Black, 30,000+ Miles (Swagger Wagon )
-2002 BMW R 1150R ABS, Black, 26,000+ Miles (Daily Driver )
SVX Owner from February 1997 to March 2008
SVX Online Community Member since February 1998
SVX World Network Member since February 2002, Member #520

Life is a game. Play to win.
The world belongs to those who can laugh at it.
Reply With Quote
  #5  
Old 04-26-2004, 02:18 PM
shelfy's Avatar
shelfy shelfy is offline
I have a problem. :(
 
Join Date: Oct 2002
Location: Littleton, CO USA
Posts: 8,485
Send a message via AIM to shelfy Send a message via Yahoo to shelfy
Registered SVX
Quote:
Originally posted by RSVX
A friend of mine once told me how he found a open AP and the owner had an unsecured share to his c: drive... thats just plain WRONG.
bad deal.
__________________
Kenneth

1997 Subaru SVX LSi "Svetlana" #185 of 640 - 09/1996 - Polo Green Pearl - 34k miles

1992 Subaru SVX LS-L "Everett" #8738 - 01/1992 - Ebony Pearl - 139k miles - 5MT shifty - Sold 07/31/2011

1992 Subaru SVX LS-L "Sven" #1599 - 05/1991 - Claret - 168k miles - Traded 05/11/2005


2023 Subaru Crosstrek Limited CVT - Crystal White Pearl - 2.8k miles
2021 Subaru Forester 2.5i Limited CVT - Horizon Blue Pearl - 17k miles
2023 Volkswagen Jetta S 6MT - Pure White - 2.6k miles
2020 Hyundai Ioniq Limited EV - Ceramic White - 30k miles
Reply With Quote
  #6  
Old 04-26-2004, 02:44 PM
mohrds's Avatar
mohrds mohrds is offline
Fight Eminent Domain Abuse!
 
Join Date: Mar 2001
Location: Milwaukee, WI
Posts: 3,175
Send a message via AIM to mohrds Send a message via Yahoo to mohrds
Quote:
Originally posted by RSVX

A friend of mine once told me how he found a open AP and the owner had an unsecured share to his c: drive... thats just plain WRONG.
I've seen legal offices with that same setup

Its damn scary out there...

Me, I have IPSEC with X.509 authentication over static WEP and no SSID broadcasting. That's just at my house!

Doug
__________________
1992 LS Touring (6/91) - Currently undergoing a five speed swap
Black over Claret with spoiler; 235,000 miles; Mods: 2002 Legacy 5 speed, ACT Pressure Plate, Excedy Clutch, Short Throw Shifter, Aussie Powerchip
1992 LS Touring (6/91)
Black over Claret with 2.5" setback spoiler; 202,000 miles; Mods: B&M Cooler
1994 LSi (4/93)
Bordeaux Pearl; 198,000 miles; Mods: Weight reduction.

1969 Mustang GT Convertible
1970 Mustang Convertible
2000 Ford Excursion
Sola lingua bona est lingua mortua.

My Locker
Reply With Quote
  #7  
Old 04-26-2004, 02:49 PM
RSVX RSVX is offline
Network Design Administrator
 
Join Date: Feb 2002
Location: Boiling Springs, SC
Posts: 4,344
Quote:
Originally posted by mohrds


I've seen legal offices with that same setup

Its damn scary out there...

Me, I have IPSEC with X.509 authentication over static WEP and no SSID broadcasting. That's just at my house!

Doug
I have WEP, no SSID Broadcast and a MAC address access list, at HOME.
__________________
Chris
SVX World Network Administrator
-1993 Subaru SVX LS-L, Barcelona Red, #46, 160,000+ Miles (Sold to SomethingElse)
-2011 Toyota Sienna SE, Black, 30,000+ Miles (Swagger Wagon )
-2002 BMW R 1150R ABS, Black, 26,000+ Miles (Daily Driver )
SVX Owner from February 1997 to March 2008
SVX Online Community Member since February 1998
SVX World Network Member since February 2002, Member #520

Life is a game. Play to win.
The world belongs to those who can laugh at it.
Reply With Quote
  #8  
Old 04-26-2004, 03:37 PM
Landshark's Avatar
Landshark Landshark is offline
Hater
 
Join Date: Mar 2002
Location: The Burgh
Posts: 10,807
i have a MAC card, an authentic street address, and an alarm clock.
__________________
Alan

1987 928 S4 (Black) SOLD!
1997 SVX LSi (Ebony) SOLD!
2005 Legacy GT (Silver) [Cobb Stg 2+] SOLD!
1987 928 S4 (Black) SOLD!
2005 Forester XT Premium (Crystal Gray Metallic) SOLD!
2008 Lancer Evolution X MR (Apex Silver) [Cobb Stg 1+]
2015 Outlander Sport 2.4GT AWD (Mercury Gray)
2013 G37xS (Obsidian Black)
Reply With Quote
  #9  
Old 04-27-2004, 04:13 AM
b3lha's Avatar
b3lha b3lha is offline
Phil & Belha
 
Join Date: Aug 2001
Location: Alcyone Limited, Buckinghamshire UK
Posts: 2,671
I haven't but I would if I had the time.

I know people who have, and I find their stories rather scary (as a professional sysadmin).

I don't think the blame is entirely on the end-users. The guys who designed WEP made an almighty mess of it. Even in it's most secure configuration it can be cracked, and some of the security features actually make it LESS secure.

The manufacturers generally play down the security issues in their documentation. But that doesn't excuse users who have all the security turned off - particularly if those users are IT professionals.

I did a LOT of research before allowing WiFi access points on our network. I believe that it's sufficiently secure against the average wardriver: open,64bit encryption,hidden SSID,MAC filtering. Plus it's on a separate subnet firewalled from our LAN and only VPN connections can get through.

Phil.
Reply With Quote
  #10  
Old 04-27-2004, 03:57 PM
Sonar's Avatar
Sonar Sonar is offline
Registered User
 
Join Date: Aug 2003
Location: Sweden
Posts: 634
....And I have 3-DES, 2048 bit RSA, AES tunneled over IPSec with RADIUS and ...... naa just kidding

Here's my net Sel_Net



/Sonny
__________________
Internal name: "SuperSonic"

-92 ebony black with 170k KM

*** -Stress is when you wake up screaming & you realize you haven't fallen asleep yet. ***
Reply With Quote
  #11  
Old 04-27-2004, 06:49 PM
immortal_suby's Avatar
immortal_suby immortal_suby is offline
Thread Killah
Alcyone Gold Contributor
 
Join Date: Feb 2001
Location: Greenville, SC
Posts: 5,835
Registered SVX
I have no idea

.......but this sounds very bad for my unprotected wireless network.
__________________
Matt
Locker Link
2015 BRZ Limited 6MT
92 Ebony LS-L ECUtune Stage2av1, Z32 MAF, 370cc injectors, TomsSVX intake, BontragerWorks 22mm RSB #003, HID Hi and Lo beams, OT endlink and bushing mods, PWR Aluminum radiator, Harvey's QC shift kit, 2.5" flowmaster 80 exhaust, 17" Michelin Pilot Sport A/S, Poly sway bar bushings, Slotted Bradi rotors, AFBeefcake powdercoated calipers, 97 grill, and a huge set of air horns. 300,000 miles and counting
92 Ebony LS-L. ecutune stage1v4, motorsport 1pc pulley. Garage Queen - sold to Dad in upstate NY 155,000 miles
19 Subaru Ascent Premium - -Hers !.
89 DL 4x4 little red wagon - a.k.a. The immortal suby. 275k R.I.P.
Reply With Quote
  #12  
Old 04-27-2004, 07:19 PM
deruvian
Guest
 
Posts: n/a
Quote:
Originally posted by RSVX

A friend of mine once told me how he found a open AP and the owner had an unsecured share to his c: drive... thats just plain WRONG.
For something like that, I would only be truly concerned if writing was allowed. Reading and executing may allow you the possibility to read private info (especially at a law office), but for true security reasons, writing is the only thing to be concerned of.

Reading could possibly allow you to access private info like credit card numbers, but hardly any of that info is ever stored locally. That type of info is usually held privately by web servers (where people most often use their number on the net). Executing will hardly ever get you very far.

But, then again... This is the opinion of a network moderator and web server administrator (as well as a web and graphic designer). Allowing people to read but not write is mah thang!
Reply With Quote
  #13  
Old 04-27-2004, 07:26 PM
deruvian
Guest
 
Posts: n/a
Quote:
Originally posted by RSVX


I have WEP, no SSID Broadcast and a MAC address access list, at HOME.
*Secure* broadcasting over wireless isn't technically possible. Their is no industry standard for encryption at this point.

"But, deruvian, what about WEP???" WEP is essentially pointless. It is a bandaid to make you think that your passwords are secure. Let's say my password is "dogpoo". If I don't use WEP, my password is broadcast as "dogpoo". If I use WEP, my password is broadcast as "646F67706F6F".

"646F67706F6F" is the hex equivalent of "dogpoo". They are both sent via plain-text. While all other things are sent via hex over wireless, if I watched your network long enough, I would see a recurring pattern of "646F67706F6F" being broadcast (most likely at equivalent time intervals, with a null packet being sent before and after). So, if I really really liked that law office, I'm sure I could get the WEP password eventually.

If you've a home wireless, don't be concerned. No one cares. If you've a business wireless, try using 4-way random WEP.

Anyway, I'm just about done now.
Reply With Quote
  #14  
Old 04-28-2004, 03:30 AM
b3lha's Avatar
b3lha b3lha is offline
Phil & Belha
 
Join Date: Aug 2001
Location: Alcyone Limited, Buckinghamshire UK
Posts: 2,671
Quote:
Originally posted by deruvian


*Secure* broadcasting over wireless isn't technically possible. Their is no industry standard for encryption at this point.
<snip>
They are both sent via plain-text. While all other things are sent via hex over wireless, if I watched your network long enough, I would see a recurring pattern of "646F67706F6F" being broadcast (most likely at equivalent time intervals, with a null packet being sent before and after). So, if I really really liked that law office, I'm sure I could get the WEP password eventually.
<snip>
Are you absolutely sure about this?

The WEP standard is a 40bit implementation of the RC4 encryption algorithm (although they call it 64bit). There is no doubt that it is severely flawed, but it should be a little more complex than you are describing.

Phil.
Reply With Quote
  #15  
Old 04-28-2004, 07:06 AM
CigarJohnny's Avatar
CigarJohnny CigarJohnny is offline
Registered User
 
Join Date: Oct 2002
Location: Allentown, PA
Posts: 2,922
Send a message via Skype™ to CigarJohnny
I use 128bit encryption on my WEP key and a custom SSI (though I hear that SSIs are easily cracked) and I filter for MAC address as well. I might add that my WEP key is also not the standard 1a1b 2a2b...crap WEP that most people use since it is the general standard format. By Randomising the WEP key, using 128 bit encryption, and filtering by MAC address, running a firewall, and using non-standard NAT addresses, I feel my network is as secure as I can make it (as long as packets are transmitted over the airwaves you are not truly secure).

With a 3meg cable connection and a 1meg upstream, I am not all that concerned about someone using up my bandwidth, but since my main box is still running Win9X based OS (don't ask why, it's frustrating) I am more concerned with someone accessing my drives that are shared for internal access.

Have I gone war driving? Not yet though I certainly do not exclude that from possibly happening. I really have no need to look elsewhere for highspeed access, nor do I ever plan on hacking anything and need a traceless jumping point to do so from. I have accidentally encountered unsecured networks while visiting my one office location (industrial park) and I think it might be a good business move to find some of these places run by clueless network monkeys, and offer to secure them for a small fee. I think there could be a whole market out there for such a consulting specialty.

Johnny
__________________
Pearl '92 LS-L 179K (Historic 1st 5-speed SVX)
Mods: 5-speed, 4.11's, Group-N motor mounts, dual Magnaflows, cone air filter, Kenwood MP-228 CD/Receiver, white-faced gauges, '97 grill, custom window tinting.

Ebony Mica '92 LS 80K Oct 2002 - Dec 2004: Victim of theft. She served me well.

You can tell the lack of craftsmanship by the wrinkles in the duct tape.
Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:04 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
© 2001-2015 SVX World Network
(208)-906-1122