[TriLUG] Wireless at Lowes

[Greg Brown]

>>
>
> Interesting!  I assume he did crack one of the keys and then you 
> detected
> him using your network?  How did you determine where the attack was 
> coming
> from?
>
> --Brian
>
I found out the way most crimes end up being solved: the kid bragged 
too much.  Eventually the story went from him to a neighbors daughter 
who's father I am friends with then back to me.

I was aware that SOMEONE was accessing my network but outside of a mac 
address.  I was ready to hit the intruder with a nessus scan to get 
some more information but I never had the need to.  I was also getting 
ready to order a highly directional parabolic dish so I could try to 
better pinpoint the location but that's when the news came back from my 
neighbor.  I was in the process of changing my ESSID again and my wep 
keys (again) and I had locked down the firewall rules everything (Macs 
and Linux boxes) and forced tunnels for almost everything so felt sorta 
safe, just ticked off.  I was also thinking of installing that 
"netstumble me and I slam you with 50k bogus ESSIDs for you to wade 
through" program but I never really needed to, so I haven't.

When I confronted him, and his parents, and told them I had a mac 
address the kid more or less caved.  He could have changed the mac on 
his card but apparently he didn't bother so I guess he thought I had 
him.

Tomorrow night I'm going to reattempt an installation of OpenBSD so I 
can create a roadwarrior IPSec server with the Macs as clients over 
802.11 (IF time allows, that is).  I would like to be done with this 
once and for all.

Greg