Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Warns Companies About Wireless Warchalking

Posted by timothy on from the in-their-off-hours-i-hope dept.

nobilid writes: "Well-meaning wireless activists have caught the attention of the U.S. Federal Bureau of Investigation. One of its agents has issued a warning about the popular practice of using chalk marks to show the location of wireless networks."

12 of 188 comments (clear)

  1. actual letter by martissimo · · Score: 5, Informative

    link to the actual Pittshburgh FBI email

    better read than the linked article which is kinda light on detail. interesting to note that the FBI states in it that using a 802.11 access point without "explicit authorization" may be a federal crime

    1. Re:actual letter by mgkimsal2 · · Score: 3, Informative


      "Identifying the presence of a wireless network may not be a
      criminal violation, however, there may be criminal violations if the
      network is actually accessed including theft of services, interception
      of communications, misuse of computing resources, up to and including
      violations of the Federal Computer Fraud and Abuse Statute, Theft of
      Trade Secrets, and other federal violations."

      If they wanted to press harder, essentially anyone who even 'wardrives' (what a stupid term!) looking around for open networks could be violating some federal law. You wouldn't be able to know if a network is open or not until you tried to access it, and you're attempt doesn't have explicit authorization. It'd be like tuning into a radio station (which plays just fine on your radio) that you didn't have authorization to listen to. You would be breaking the law just by checking if you get the station, because that's 'accessing' it.

      It's a bit of a stretch, I know, but damn it, this kind of stuff just gets my goat. With all the money people spend on wireless networks and subsequent 'consultants' why the hell can't they lock these things down too? Is it because the bulk of these people really shouldn't be adminning or setting up any sort of network in the first place? Probably.

      --
      creation science book
  2. Re:Warchalk sightings by Peale · · Score: 2, Informative

    Yep! See here:

    http://www.blackbeltjones.com/warchalking/big_kyna nce.jpg

  3. Re:Kinda Misleading by Myco · · Score: 3, Informative

    I don't see what you're talking about. The headline starts "FBI Warns Companies." It states clearly what they're doing. It doesn't say "FBI Goes after Warchalk[ers,ing]" or anything like that.

    --
    My deviantArt site
  4. description of the marks and thier uses by 10+Speed · · Score: 4, Informative

    Warchalking PDF

    A handy businesscard sized description of the marks and thier uses...

  5. Re:They can't... by Sheetrock · · Score: 2, Informative
    I wouldn't make a blanket statement like this right now unless you have done some conclusive research into federal, state, and local laws or have some knowledge the rest of us aren't privy to. It strikes me as being very plausible that the laws on the books could be interpreted as making something as simple as turning on a laptop running Windows with a wireless LAN card in the area of somebody else's wireless network a crime, particularly if it is argued that warchalkers are doing this with the specific purpose of determining whether or not it is possible to use a network that doesn't belong to them. Just as, say, buying pills from the suspicious man on the corner to turn over to the authorities as proof of drug dealing or randomly turning handles on doors in a neighborhood to determine whether or not they're locked might be misinterpreted, warchalking too is something that people shouldn't bother with unless they're fully cognizant of how bad it's going to look if they get caught.

    Personally, I'd say screw it; security consultants get paid better than warchalkers, they're better appreciated, and they don't do jail time. There are plenty of better ways to be a good samaritan without having to second-guess the law.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




  6. Protect yourself by wazzzup · · Score: 5, Informative

    There's a great article at Extreme Tech that discusses 802.11b insecurity and what you can do to make it secure enough to make it uninteresting to the casual bandwidth thief - particularly if there are enough wide open networks in the vicinity.

    In a nutshell:

    1. Enable WEP. Yes it can be hacked but it does add a barrier to entry that the casual wardriver won't bother with if there are other wide open networks around.

    2. Change the default SSID. Don't change it to your company's name or your street address as it makes it easier to zero in on your location.

    3. Disable "broadcast SSID" if your access point allows it. That way the SSID of the client must match the SSID of the access point. Having it enabled allows any SSID to be accepted.

    4. Change the default password of your access point. Programs like NetStumbler display your access point MAC address which can then be used to determine what make and model your access point is. Once it's known what you've got, the default password may be easily known.

    5. Control access via MAC addresses. Yes, MAC addresses can be spoofed but it requires an extra level of sophistication for the would-be bandwidth thief to get in.

    6. Disable DHCP in your wireless router. Allow access via static IP's from your NIC's MAC addresses. Yes, IP addresses can be sniffed out but it's another barrier put up for the casual "drive by".

    7. Change your IP subnet. If you're using a wireless router and you've disabled DHCP, change the default subnet addresses as well, otherwise it's easy to guess a valid IP address.

    8. Move your access point away from windows. Move it to the center of your building to make the signal to the street that much weaker.

    9. Buy access points with flashable firmware. Helps you keep up with changing security protocols rather than being stuck with the ones that came with the access point.

    10. Some access point manufacturer's have non-standard security features. Orinoco access points are able to "close" thier networks by not broadcasting thier SSID. They also have additional (not 802.11b standard) authentication features such as RADIUS servers.

    11. Use VPN. Virtual Private Networks add a level of encrytion and authentication to your network

    Yes, these methods can all be easily circumvented to somebody that really wants to get in. As long as you try to make it a pain in the arse to get in, then the crushing masses of 802.11b networks out there that have zero barriers to entry make your little bubble a waste of time.

  7. Re:well meaning?? by BenHmm · · Score: 4, Informative

    You may have been reading articles written by the clue-lacking. The NYT piece is good. BusinessWeek isn't bad either.

    Meanwhile, I totally agree about the name. It is misleading: but it, and the use of chalk for that matter, were just chosen because, well, they sound cool.

    As for why an icon and not a flyer - well, because iconography is inherently more understandable. Why have roadsigns that are symbols and not words? Because they're easy to understand, and to see.

    Have a look at Warchalking.org - Matt Jone's site, for better examples.

  8. Re:well meaning?? by Pfhor · · Score: 3, Informative

    If you take a look at the war chalking card, which includes the 3 different symbols used. One of which is a Wep Node , where you can list the SSID and the contact email address of the person running the node (to ask for permission to get on).

    So war chalking is again a tool used to identify wireless access points. ones that are open, closed, and ones that require permission to access. How people use this tool is up to them.

  9. Re:we should extend this principle by Anonymous Coward · · Score: 1, Informative

    Warchalking is a modern form of an old communication method. Read more about hobo signs. These signs were actually used for the kinds of things you jokingly suggest.

  10. Know Your Enemy by Anonymous Coward · · Score: 4, Informative
    Yes, these methods can all be easily circumvented to somebody that really wants to get in.

    1. Enable WEP...and enjoy the 20% bandwidth loss. Airsnort.

    2. Change the default SSID. SSIDs are not needed to zero down on the AP. Triangulation and GPS are effective enough.

    3. Disable "broadcast SSID". The beacon frames can easily be captured otherwise. Attack by enabling your cards monitor mode (not to be confused with promiscious mode which only captures packets on the current network), sniffing all air traffic.

    4. Change the default password of your access point. However, I'd like to point out even changing ones password can be insecure. My access point, and I'm sure others as well, send the admin password in a urlencoded form, unencrypted, in plaintext for anyone with a monitor-mode NIC to sniff.

    5. Control access via MAC addresses. Spoofing as trivial as ifconfig eth0 down; ifconfig eth0 hw ether 00:00:00:00:00:01; ifconfig eth0 up. On OpenBSD use sea.c. Use arping to sniff MACs.

    6. Disable DHCP in your wireless router. Static IP addressing, subnet range determined from arping. Private addressing:

    • 10.0.0.0 - 10.255.255.255 (10/8 prefix)
    • 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    • 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    7. Change your IP subnet. See above.

    8. Move your access point away from windows. No match for high-gain antennae.

    Hope this helps an aspiring black hat! Remember, no network is completely secure. WaReZ anyone?

  11. Re:misleading by Sauron23 · · Score: 2, Informative

    I'd have to say people like Adam Shand, Nigel Ballard and the other core members at PTP have stayed fairly involved. Involved enough to be filing for non-profit status for PTP. With a fair chunk of the Portland metro are covered, for free. Portland's Pioneer Courthouse Square (city center) is covered, for free.
    essid: www.personaltelco.net

    At the same time the Starbucks in the same block is charging $$ for wireless access.