[Dshield] WireLess Home Config testimony and question ?

Mrcorp mrcorp at yahoo.com
Tue Jun 8 14:08:57 GMT 2004


a little off topic, but on the same lines...

I just moved last week, and ordered cable service for Internet connectivity.  The cable service
will be started this weekend.  So last night I went home and set up my home network, honeynet and
so on.  I setup my wireless access at home as well and decided to test it out.  So I turned on my
computer and my computer immediatly identified a linksys wireless AP.  Not mine.  So I clicke don
it and it warned that the connection is not secure (Windows XP) and connected me.  I had the
ability to browse the Internet and the signal strength was strong.

So I performed an IPCONFIG and saw that the gateway was 192.168.1.1.  I opened a browser and put
that in hoping to connect to the wireless AP.  It then prompted me for a user name and password. 
I took a guess as I do not know what Linksys uses as its administrative name or default password. 
On my first guess, I had complete administrative access to the AP.  I checked to see if logging
was enabled, it was not, the AP was set to allow 50 connections, no MAC filtering, no firewall
enabled and so on.

SO let this be a lesson to those who dont know, if you live in my neighborhood, you better secure
it.

Now the question... If all I did was turn on my laptop, and the AP advertised itself to me, and I
connect, and use the connection, am I liable for any damages that may occur?  Sure I should not
attempt to connect to the AP administrative screen, but if I did not do that, and did not seek out
the AP, what am I liable for if I get caught using it?  What if I had no knowledge of technology,
and I bought a new laptop and turned it on and joined their network without knowing, am I liable?

Mrcorp


	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ 



More information about the list mailing list