RE: RE: Wireless Security (Part 2)

[Murad Talukdar <talukdar_m () subway com>]

Sorry Mike, I don't understand whether you're agreeing with me or
disagreeing with me here. Are you saying that I was suggesting that Herman
SHOULDN'T investigate? I wasn't saying that and I apologies if I wasn't
clear. I was saying that securing is as important as monitoring.

What does this mean?
> > It is reasons like yours that democracy exists.
As for being 'responsible' for someone who has tapped your connection there
have been cases which leant in both directions as to the legal outcome. I
don't have the link to the story but the Register did run a story about a
guy who was cleared of child pr0n charges as he
he had spyware on his machine. That downloaded some dialer I believe which
downloaded stuff he had no idea about. Forensics helped in this case.
Obviously if one could show that there had been some tapping then that would
count in one's favour if a charge did arise.
I don't actually remember telling Herman he couldn't check to see who it was
and even work out where he was if he had the right tools. I do remember
saying that he can't access the intruder's computer by law. As Craig pointed
out, two wrongs and all that. If someone breaks into my house I can't break
into their house for revenge or to find evidence.
I don't remember suggesting that he shouldn't 'cut him off' (the intruder).
In fact by suggesting WPA as a conf/authentication mechanism I think that
was exactly what I was doing.
Your suggestion about weakening the signal strength is a good start and no,
I don't think you're being paranoid. 





Regards
Murad Talukdar

-----Original Message-----
From: mikem () mentges org [mailto:mikem () mentges org] 
Sent: Thursday, May 18, 2006 5:08 AM
To: security-basics () securityfocus com
Subject: Re: RE: Wireless Security (Part 2)

Murad Talukdar -

It is reasons like yours that democracy exists.
It is your right in the USA (if so you live here) and several other
countries to evaluate anything you want on any system attaching to something
you own. (I am not very knowledgeable about other countries IT policies.) 
I feel as the owner of any network system that one must take it upon
themselves to monitor/maintain/evaluate your network constantly for possible
threats or rogue devices. If the proper steps are taken to ensure proper
client registration/authentication/verification then all unknown devices
should be identified in any way possible to prevent unauthorized/malicious
content. If your wireless is seeing too many users try reducing your signal
strength, and if it is for a neighbors benefit I suggest cutting them off. 
As security moves forward it is a matter of time before "IP tapping" begins
(It already is beginning for some of you I know). With that said every time
you call tech support and give them your name, address or even in some cases
your SS# they place that information in to a database that accesses all
information they need to identify you and the hardware they installed or you
registered at your house. Somewhere in your agreement you signed (digitally
or physical) it states you are responsible for anything connected to the
device. So I ask you, is it still an issue to find out who is using your
internet access at all times? What would happen if your guest grabbed some
child pornography, yes you would have some definite issues that is for
certain. Or with the laws on "National Security" you have someone jump on
your network, download plans for a nuclear attack all the while spoofing
your machine just because they need to hide. It is not very hard and could
happen more than you o
 r I would want to know. Now I know this might sound paranoid or obsessive
compulsive but what happens when you get raided and they take everything and
scare the hell out of your family/friends. No they don't give you your stuff
back and you might get off without any issues. That is if you can prove you
don't know who is on your system.              
Please do what you can to secure your information; convenience is not always
a good thing!