North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Drive-by spam hits wireless LANs
Jared Mauch wrote:
HiImagine a few of the following scenarios: 1) You wok for an ISP and have access through them. One large enough that they apply their AUP to their own people. You have ISDN/DSL or some other connection w/ reverse-dns for your personal domain @ home. Someone drives by your place, finds your unprotected lan, sends spam, hacks, etc.. complaints come in, you lose job because you were a spammer and your employer needs to stop, etc. 2) You are a small company, someone does this, and you get blacklisted as a spamhaus. you are unable to get internet access. 3) you have a cable modem as your only high-speed connectivity. you have one of the linksys/whatever nat+802.11a/b boxen. you get used, you get blacklisted and can not get high-speed pr0n again. While these seem like minor annoyances in some cases, they can be quite dramatic to the person on the receiving end. I wish the wireless vendors would use a somewhat more inteligent approach and turn WEP on by default when shipping their units and at the cost of a few cents more they can print a sticker on the box that can be removed later that has the uniqe WEP key for that unit. Similar to the way when you go to the hardware store you can play match-up to get the same key for multiple locks.
In some way you are right, but still I think it's even worse to use WEP cause then the admins might think it's safe, it takes about 15 minutes to crack a wepkey, so instead of drive-by spamming you could call it drive-by, have a bagle, start spamming.
The most hardware/software indipendent solution I have seen so far is the use of VPN, simply place the WLAN outside your own LAN.