Re: Wireless "piggybacking" *IS* illegal


"Alex Heney" <me8@xxxxxxxxxxx> wrote in message
news:10knkuyzlwd53.mwoc9tqkntp1$.dlg@xxxxxxxxxxxxx
> Finally, a case has been decided on the issue of piggybacking on somebody
> else's wireless internet connection.

Interesting story, but the fact of the matter is that this guy had been
doing it for 3 months!!!! I think I would be suspicious of someone parked
up out side my house with a laptop regularly for 3 months, wouldn't you?
I'd question any car that parked outside my property, and regularly do just
that. Whoever the network belonged to must have been either *very* slow to
realise that this chap was using their network to access the internet, or
they were very cunning and planned to snare him into the situation he ended
up in. Either way, the hacker was playing a dodgy game doing it so openly
for such a long period of time. He was almost asking to be caught, wasn't
he?

In contrast to the above, I'm sure there are plenty of other instances where
WiFi hacking goes on, but not for anywhere near the time that the above case
experienced. Short hacking periods, are less likely to result in a court
appearance, as they are much more difficult to prove in the first place. And
what about a genuine WiFi user who is travelling down the road and
inadvertantly connects to a WiFi network by mistake? He may well be as
unaware of the fact that he has connected (unlawfully to someone network),
just as much as the owner of a WiFi access point may be unware that he's in
there!.This makes for a very difficult case, and who is to blame? The
network owner for not locking the door, or the unaware traveller for not
realising his computer has logged in. I would square the blame clearly on
the network owner, but it seems the law does not follow suit (no surprise
there then).

I think its probably time for the manufacturers of WiFi equpment to start
pushing the security side of things *much* more! Perhaps enabling security
as a default and sticking a label on each unit with the pre-set encryption
key in use, and clearly explaining in the manual, the consequences of
leaving the network 'open' without encryption and security. If people are
not aware of the consequences, then they are not likely to worry about them.
It is also likely that if a key was installed by the manufacturer, then the
WiFi point would remain secure in use. Its not likely that someone would
remove the key if the paperwork explained its importance to security.

I have, from the day I approached the WiFi scene, been very security
conscious. I run a wireless network, and I also keep logs of all
connections and all attempted connections, I also have a system in place
that alerts me by email and SMS, if an unauthorised user tries to connect to
my network. I run WPA-PSK as standard security with a very long random key.
And if that's not enough, I then force any authorised users who have got in
this far to connect via a proxy server (which is the only way onto the
internet) which requests that they can only connect with a unique fixed IP
address, a matching MAC address and matching username and password. If all
these criteria are not matched, they get an UNAUTHORISED message, and they
are OUT! Further to this, I also log *all* internet and email activity of
every user, DHCP is disabled, my network uses a less than common IP address
range, SSID broadcasts are off and I have blocked the use of any other IP
addresses except the ones reserved for genuine users. I have also disabled
windows file and printer sharing on the network, and use a specific software
package to gain access to files on other computers on the network, which
again requires a password and username to log in. Now if that isn't secure,
I don't know what is! Its certainly going to stop any casual hacker from
dropping in for a browse around the net without my permission!

Security is very important in my book, and I still think 'in my opinion'
that the network owner should be responsible *entirely* for the security of
their network. If the door is wide open, then its obvious that someone might
just walk in.

Bim


.