Slashdot Mirror

← Back to Stories (view on slashdot.org)

How to Take Over a Train Station

Posted by timothy on from the just-add-colons dept.

ThinkComp writes "Everyone knows that home wireless networks are insecure, but who would expect a major transportation hub to be vulnerable to the same problems? Well, waiting for my friend's train at South Station in Boston, MA, I happened to notice that it was possible to take control of the entire station's wireless network, including its home page and authorization method (free wireless, anyone?)--and those of thirty other businesses throughout Massachusetts, thanks to a few coding errors on the part of the wireless company with which South Station contracted."

4 of 356 comments (clear)

  1. guestBox by Fudge.Org · · Score: 4, Interesting
    Ok.

    Well, this is the product:

    guestBOX

    And... this is the company:

    Atlantis Technology Corporation

    So, all that research... and it never occured to you to contact the vendor? Granted, maybe these are so plentiful some re-seller or VAR put in in there... but you didn't make mention of that line of thinking (or was this not the whole PDF?) so.... sorry, that's just sounding a little on the lame side.

    Now, if they scoffed or blew you off at that point, okay maybe... but still. You knew the company from just looking at it. Did you try to contact them? I think that would be more telling than surfing through open Indexing on a web server like a kid curl'ing porn images.

    --
    http://fudge.org
  2. Re:Not just wireless by utlemming · · Score: 5, Interesting
    With a Laptop, and Knoppix and a tad bit of skill (or some really good scripts) you can really have some illicit fun. Knoppix makes it a whole lot harder to find forensic evidence in case you're caught. All you have to do is drop out the battery and then all the evidence is wiped away (save some circumstantial evidence in the form of a Knoppix cd, and a rebooting computer). If you have the scripts stored in a remote location, ie ftp, then your in for business. Since you don't have any of the stuff stored on disk, and the MAC is so easily changed, it can pretty tough to prove -- they would have to essentially follow you and collect evidence on the signal your sending out. As a previous post said, a good administrator will allow open access that is routed through a proxy server to authenticate. But then you still have problems with keeping the authentication. All I can say is that I hope that I never have to maintain a wirless network and make sure that it is secure. The headache of maintaining a 5 person WPA "protected" WiFi is enough of a headache to make my life difficult enough.

    I just got a Wireless router the other day. What my room mates couldn't understand is why I locked down the router so hard. They were amazed that I had to put the WPA key on all the computers, and why I also did MAC and IP filtering. They just couldn't understand. Although it is not totally secure, hopefully it is enough to keep the dorks out and at the same time allow for wireless inconvience. The last thing that I want to worry about is some dork running around with a laptop and deciding that my internet is his internet and then doing something stupid.

    --
    The views expressed are mine own and do not express the views of my employer.
  3. DecNet requires the ability tonchange your MAC by bluGill · · Score: 4, Interesting

    The old DecNet required that all ethernet cards have the ability to change their mac address. Part of the protocol, and you couldn't connect to DecNet unless you had the right mac address. (which was changed as part of the network protocol, you normally didn't change this manually)

    Just in case a customer ever tries to use their chipset with DecNet nearly all cards allow, software to change the mac address. Since all current chips have the ability, when designing a modification to the old chip it is easier to leave that ability in than take it out.

    I don't know if anyone in the world still runs DecNet, but it isn't a chance network vendors are willing to take.

  4. Hmm by patryn20 · · Score: 5, Interesting

    Well, it is nice that this guy actually bothered to write this up, but he seems to simply be using a lot of common mistakes and guesswork. On top of that, his knoweledge of some basic concepts in hardware administration and business processes is somewhat lacking.

    First, MAC address are not unique. There is no universal table of MAC's that hardware manufacturers report to. I have installed ethernet cards from the SAME manufacturer that have had the SAME MAC address while setting up machines for a client.

    Second, many of these errors are not necessarily the programmers fault. They are more than likely the responsibility of management being cheap and forcing programmers to do the jobs of multiple people. IT is seperate from software development. The fact that the network and server are insecure is the IT department/person's fault. In small companies this may be the same person, but in most large corporations that is not the case. Directory listing and permissions are generally the responsibility of the server administrator.

    Now, the username issues are definitely scary. Leaving test accounts open with simple passwords is just plain stupid. The company I develop software for has over fifty million dollars worth of data on their servers. We also store credit card info for clients, etc. If we used common passwords like that, we would be fired. The admin would go through the database, see the passwords, and report them to our supervisor. Say goodbye! Not to mention, test accounts on production servers are bad practice anyway. If you are making any money, you are extremely stupid not to have a seperate development environment.

    In my opionion, these problems seem to be more management and implementation problems, and not so much development problems as the author seems to suggest. They are still real problems though. That customer listing one for the phone company really scares me. ::shiver:: I hope SBC in Texas doesn't have problems like that.