09-08-2004, 05:30 AM
|
|
Editor Emeritus
Join Date: Aug 2006
Posts: 15,171
|
|
Open Wi-Fi Networks Being Used For Spammers?
"A Los Angeles man accused of using other people's wi-fi networks to send thousands of unsolicited adult-themed e-mails has entered into a plea agreement with prosecutors in a case filed under the criminal provisions of the federal CAN SPAM Act, officials confirmed Friday...Tombros was charged last month with a single felony under the criminal provisions of the CAN SPAM Act. He allegedly drove around the Los Angeles beachfront suburb of Venice with a laptop and a wi-fi antenna sniffing out unsecured residential access points, which he then used to send thousands of untraceable spam messages advertising pornography sites. An FBI spokesperson said Tombros obtained the e-mail addresses from a credit card aggregation company where he used to work."
8O If you haven't locked down your access point at home yet, now is a good time to do so. Too bad the people who keep their routers open as "linksys" probably don't read PPCT. :|
|
| |
|
|
|
09-08-2004, 05:37 AM
|
|
Ponderer
Join Date: Aug 2004
Posts: 114
|
|
my wifi is unencrypted. when i put 128bit on it(havent tried 64) it would keep cutting off an disconecting, turning it off fixed that, so i just keep an eye on the usage to make sure noone starts taking advantage of it.
|
| |
|
|
|
09-08-2004, 05:58 AM
|
|
Theorist
Join Date: Jul 2003
Posts: 298
|
|
Why worry about encryption? Just turn the MAC filter on, and only allow the base station to talk to YOUR WiFi devices. Yes, MAC addresses can be spoofed, but it's much easier to just find an open base station than to go to the trouble of spoofing a MAC address.
|
| |
|
|
|
09-08-2004, 06:04 AM
|
|
Editor Emeritus
Join Date: Sep 2006
Posts: 3,060
|
|
I guess we really shouldn't be surprised that these kinds of things are happening. Any time that one person's vulnerability can be exploited by unscrupelous jerks, the jerks will do their best to do so. I don't want to sound too pessimistic, but I try not to underestimate how greedy and goofy people can be.
That said, I think it is safe to say that the weakest link in these security issues is not the technology, it's the people. Hackers don't usually get into networks through "brute force" attackes, they get in via a human's shortsightedness or refusal to implement security tools and policies.
|
| |
|
|
|
09-08-2004, 06:06 AM
|
|
Sage
Join Date: Mar 2004
Posts: 717
|
|
yes but then how are you supposed to know what your neighbours are up to if you can't go \\192.168.x.x\C$ :wink:
Yeah people lock them up, and if you are not going to at least move them closer to the window. :twisted: some of us need lan speed connection at home.
|
| |
|
|
|
09-08-2004, 06:35 AM
|
|
Pupil
Join Date: Jul 2003
Posts: 19
|
|
But how was the guy caught? That isn't mentioned in the article.
TD
|
| |
|
|
|
09-08-2004, 07:06 AM
|
|
Intellectual
Join Date: Apr 2004
Posts: 164
|
|
Quote:
|
Originally Posted by Brad Adrian
I guess we really shouldn't be surprised that these kinds of things are happening. Any time that one person's vulnerability can be exploited by unscrupelous jerks, the jerks will do their best to do so. I don't want to sound too pessimistic, but I try not to underestimate how greedy and goofy people can be.
That said, I think it is safe to say that the weakest link in these security issues is not the technology, it's the people. Hackers don't usually get into networks through "brute force" attackes, they get in via a human's shortsightedness or refusal to implement security tools and policies.
|
Totally agree... the best hackers who've spilled the beans always cite human behavior as the main hack. It's too easy to get information that way...
I'm a nerd, though, so I walked around my neighborhood and found three open access points from the road. Talked to all the owners, they wanted to fix it, but don't care enough to actually do it. :? So, no worries.
I turned off my SSID broadcast and use WEP. My company is pouring $$ into researching the most economical, safest security measures. When they decide, I'm gonna do what they decide on. 
*Phil
|
| |
|
|
|
09-08-2004, 10:01 AM
|
|
Pontificator
Join Date: Jul 2002
Posts: 1,049
|
|
Howdy,
People really should be more careful what they are broadcasting.
I recently was visiting my mother in Houston since she is dying of cancer. I stayed at a friends place. He works for T-Mobile and was testing out the Ipaq 6300 for the weekend. I was driving in his neighborhood and he was testing it out. He picked up at least 8 other wi fi connections in the neighborhood while I was driving. None with security, and all available for usage.
It goes to show more people need to becareful what they are broadcasting.
Oh, and Linksys was on there more than once! 8O
__________________
"Do not try. Do or Do Not. There is no try"Yoda, Empire Strikes Back
|
| |
|
|
|
09-08-2004, 11:02 AM
|
|
Philosopher
Join Date: May 2004
Posts: 597
|
|
I keep mine "hidden" so you can't see it w/o entering the network name (using an Apple Airport base station). Of course I can see a "linksys" from my iBook though!
These threads are interesting, usually by now there are folks who say to leave your router open to "share the wealth" so to speak.
|
| |
|
|
|
09-08-2004, 12:47 PM
|
|
Pupil
Join Date: Jun 2002
Posts: 48
|
|
A few (obvious) steps to secure your wireless router:
1. Change the default password of the router's administrator account to a 'strong' password.
2. Change the name of the router from the default 'linksys' etc. to something meaningless.
3. Turn off SSID broadcasting.
4. Change the router IP address and the scope of the DHCP server from the default 192.168.*.* to something less obvious like 202.167.*.*. Or disable the DHCP server altogether and use fixed IP addresses, also in another range than the default 192.168.*.*.
5. Use MAC address filtering.
6. Use WPA encryption if your router supports it or else WEP, use 'strong' keys and change keys regularly.
I think the above steps are appropriate to the average home user. Yes I know, all these measures can't prevent your router/network from being hacked. But they probably are the best you can do with the average home router, and they surely are a lot better than doing nothing.
Try not to let the paranoia get to you. Attackers which are capable of circumventing the above measures are fairly sophisticated, and therefore comparatively rare, and generally target victims which are more interesting than the average home user.
See also my last post.
|
| |
|
|
|
|
|
Linear Mode
