Penetration Testing mailing list archives

Re: Re: Legality of WEP Cracking

From: Matthew Webster <awakenings () mindspring com>
Date: Sat, 19 May 2007 08:26:27 -0400 (GMT-04:00)

Craig,

    Thanks for that information.  I have an additional question that is purely hypothetical
which also tangentially related to the WEP cracking in airports.  In the space around
where I work, there are approximately 200 different access points that are visible
from within the space I work that are not owned by us.  Presently I only use netstumbler
/ kismet to ensure that the devices are not present in our environment.  If we had
a device that was in ad hoc mode, then it could potentially indicate a breach.  
If I wanted to capture packers to investigate our network further, there would be
a high degree of probability that I would inadvertently capture packets from one
of the other 200 different networks invading our space.  It sounds like, because
those wireless networks invade our space, that I would not be permitted to do so
because I would be in awareness that I would also pick up other wireless networks.
Luckily, even with the audit follow-ups, I've never needed to do so, but I could
imagine an incident occurring where I may need to capture traffic (authorized relating
to our own network), but  I may even inadvertently capture plain-text passwords.
This may be a good opportunity to update my forensic procedures to include wireless
breaches and update incident response surrounding wireless networks.  Any thoughts?

Matt

-----Original Message-----

From: cwright () bdosyd com au
Sent: May 18, 2007 11:46 PM
To: pen-test () securityfocus com
Subject: Re: Re: Legality of WEP Cracking

"sniffing the air" is legal


Well actually, if this is sniffing as in intentially capturing an electronic transmission, than this is illegal and 
also criminal.

Interecption + telcomunications - permission = criminal act 
this is true in the US, CA, UK, AU etc

So actually even capturing packets is illegal, proof is difficult though.

Regards
Craig

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

Re: Legality of WEP Cracking, (continued)
- - - Re: Legality of WEP Cracking Nick Selby (May 27)
  - Re: Legality of WEP Cracking Nicholas Chapel (May 23)
- Re: RE: Legality of WEP Cracking ebk_lists (May 18)
  - RE: RE: Legality of WEP Cracking Erin Carroll (May 18)
- RE:Legality of WEP cracking scott (May 18)
- Re: Legality of WEP Cracking Matthew Webster (May 18)
- Re: Re: Legality of WEP Cracking cwright (May 18)
  - Re: Legality of WEP Cracking Chris Travers (May 19)
- Re: Legality of WEP Cracking Bob Radvanovsky (May 19)
  - Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Re: Legality of WEP Cracking Matthew Webster (May 19)
- Re: Re: Re: Legality of WEP Cracking ebk_lists (May 19)
  - Re: Re: Re: Legality of WEP Cracking Justin Ferguson (May 20)
- Re: Legality of WEP Cracking cwright (May 20)
  - Re: Legality of WEP Cracking Justin Ferguson (May 21)
  - Re: Legality of WEP Cracking Larry Offley (May 21)
    - Re: Legality of WEP Cracking Justin Ferguson (May 21)
- Re: Re: Legality of WEP Cracking ebk_lists (May 21)
  - RE: Re: Legality of WEP Cracking John Babio (May 21)
- Re: RE: Re: Legality of WEP Cracking ebk_lists (May 22)
- Re: Re: Legality of WEP Cracking cwright (May 27)

(Thread continues...)