Vulnerability Development mailing list archives
Re: wireless security cameras revisited
From: Ron DuFresne <dufresne () winternet com>
Date: Wed, 10 Jul 2002 08:33:12 -0500 (CDT)
We made mention of this in our paper now available at http://sysinfo.com/wire1.html <Wireless Vendor Woes and Shame, (c) Ron DuFresne 2002>. And it was discussed in various lists at that time. Within that discussion, these links came up: From: Conrad Heiney <conrad () fringehead org> Subject: Re: SECURITY CAMERA WAR DRIVING Cc: vuln-dev () securityfocus com Date: Wed, 1 May 2002 13:36:24 -0700 Sure, just get one of these: http://www.icomamerica.com/receivers/handheld/icr3main.html From: Steve Maks <smaks () verisign com> Subject: RE: SECURITY CAMERA WAR DRIVING Date: Wed, 1 May 2002 15:40:59 -0500 To: vuln-dev () securityfocus com The NY Times had an article on this a bit ago: http://www.nytimes.com/2002/04/14/technology/14SPY.html ... There is a group of us on the NetStumbler (www.netstumbler.com) forums board who are looking into this, you might want to stop by if you are interested. As mentioned, these wireless camera devices are being avidly marketed, as 'security' devices. In fact we regularly recieve their spam sales spews: From: X10.com <contact-xt061102_6-58530009 () b04 x0z net> Subject: SALE --> Video Surveillance, UNDER $80 BUCKS Date: Wed, 12 Jun 2002 18:49:29 -0500 <these messages are filled with html crap, so we won't push all that onto the list here. Their information is located under http://ads.x10.com/, browse at your lesiure>. I'm sure, besides the bits of information and the few links we included here, there are various other tools available to take advantage of these wireless toys if one does an adequate google search. Thanks, Ron DuFresne On Tue, 9 Jul 2002 warchild () spoofed org wrote:
Greetings, This is a follow up to the URL below (sorry, I don't have the original email) -- http://online.securityfocus.com/archive/82/270492/2002-04-29/2002-05-05/1 I know of at least one company/vendor deploying security camera "devices" that operate on their own private RFC1918 networks. Unfortunately, I have yet to physically see the device -- my only encounter(s) with it have been on "war rides" (riding on the train -- another play on "war dialing"), and at that, I can only assume it is a camera because of the following: -- its ssid is "camera2lotd" (camera number 2, in lot d) -- when I pass the device on the train, the train is passing a bunch of commuter pay parking lots in a shady part of town I don't know who owns these parking lots, or who manufactures these camera systems, so I have been unable to contact anyone else about this. Should the opportunity present itself, I'll investigate this particular location further to see what, exactly, this device is. The only clue I have so far is the MAC address from the camera which appears to originate from Agere based cards. My question is, does anyone happen to know of any camera installations that operate like this? For all I know, it could very well be a custom "solution" which includes a PC and a Logitech Quick-cam, but I don't think that is the case here. Thanks in advance, -jon (PS. Yes, this method of wireless investigation is rather interesting. You cover large areas of land quite quickly. In addition to the wireless devices of other people on the train, you get traffic from all sorts of interesting locations including CVS, City Hall (2 Cisco 340's), APs in the middle of the woods, large office complexes, and bizarre traffic in the middle of the train yard.)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Current thread:
- wireless security cameras revisited warchild (Jul 09)
- Re: wireless security cameras revisited Ron DuFresne (Jul 10)
- <Possible follow-ups>
- RE: wireless security cameras revisited Timo_Silvan (Jul 10)