Re: wireless security cameras revisited

[Ron DuFresne <dufresne () winternet com>]

We made mention of this in our paper now available at
http://sysinfo.com/wire1.html <Wireless Vendor Woes and Shame, (c) Ron
DuFresne 2002>.  And it was discussed in various lists at that time.
Within that discussion, these links came up:

From: Conrad Heiney <conrad () fringehead org>
Subject: Re: SECURITY CAMERA WAR DRIVING
Cc: vuln-dev () securityfocus com
Date: Wed, 1 May 2002 13:36:24 -0700

Sure, just get one of these:

http://www.icomamerica.com/receivers/handheld/icr3main.html

From: Steve Maks <smaks () verisign com>
Subject: RE: SECURITY CAMERA WAR DRIVING
Date: Wed, 1 May 2002 15:40:59 -0500
To: vuln-dev () securityfocus com

The NY Times had an article on this a bit ago:
http://www.nytimes.com/2002/04/14/technology/14SPY.html
...

There is a group of us on the NetStumbler (www.netstumbler.com) forums
board who are looking into this, you might want to stop by if you are
interested.


As mentioned, these wireless camera devices are being avidly marketed, as
'security' devices.  In fact we regularly recieve their spam sales spews:

From: X10.com <contact-xt061102_6-58530009 () b04 x0z net>
Subject: SALE --> Video Surveillance, UNDER $80 BUCKS
Date: Wed, 12 Jun 2002 18:49:29 -0500

<these messages are filled with html crap, so we won't push all that onto
the list here.  Their information is located under http://ads.x10.com/,
browse at your lesiure>.

I'm sure, besides the bits of information and the few links we included
here, there are various other tools available to take advantage of these
wireless toys if one does an adequate google search.

Thanks,

Ron DuFresne



On Tue, 9 Jul 2002 warchild () spoofed org wrote:

> Greetings,
>
> This is a follow up to the URL below (sorry, I don't have the original
> email) --
>
> http://online.securityfocus.com/archive/82/270492/2002-04-29/2002-05-05/1
>
> I know of at least one company/vendor deploying security camera "devices"
> that operate on their own private RFC1918 networks.  Unfortunately, I have
> yet to physically see the device -- my only encounter(s) with it have been
> on "war rides" (riding on the train -- another play on "war dialing"), and
> at that, I can only assume it is a camera because of the following:
>
>       -- its ssid is "camera2lotd"  (camera number 2, in lot d)
>       -- when I pass the device on the train, the train is passing a bunch of
>               commuter pay parking lots in a shady part of town
>
>
> I don't know who owns these parking lots, or who manufactures these camera
> systems, so I have been unable to contact anyone else about this.  Should
> the opportunity present itself, I'll investigate this particular location
> further to see what, exactly, this device is.  The only clue I have so far
> is the MAC address from the camera which appears to originate from Agere
> based cards.
>
> My question is, does anyone happen to know of any camera installations that
> operate like this?  For all I know, it could very well be a custom
> "solution" which includes a PC and a Logitech Quick-cam, but I don't think
> that is the case here.
>
> Thanks in advance,
>
> -jon
>
> (PS.  Yes, this method of wireless investigation is rather interesting.
> You cover large areas of land quite quickly.  In addition to the wireless
> devices of other people on the train, you get traffic from all sorts of
> interesting locations including CVS, City Hall (2 Cisco 340's), APs in the
> middle of the woods, large office complexes, and bizarre traffic in the
> middle of the train yard.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.