[TriLUG] gpsmap experience

Glenn Meyer glenn at glennmeyer.com
Mon May 9 10:23:13 EDT 2005 

Yes, this is a concern!  However, I read in the article (thank you for 
sending the link...)

After Dillard accessed the information, he contacted patients and 
insurance companies. He also wrote WRAL a letter, stating, "These guys 
are a bunch of bozos." He also mailed WRAL copies of checks and 
insurance forms with patient names and procedures.

I have to be very careful to be sure my laptop doesn't accidentally even 
pull a DHCP address by having my ip statically configured and the 
adapter down (ifconfig wlan0 down) so that TCP/IP is not active and 
iptables set to block any/all traffic both ways.

Although I have not yet received my new Orinoco card, (still working 
with a less than adequate card in ndiswrappers), my understanding and 
initial testing shows that I can still detect and gather enough 
information as a completely passive listener to find open wireless sources.

I would absolutely not ever want to connect to any network (leaving any 
finger prints) that I wanted as a customer (for the very reason in the 
article).  Besides that, I don't care about whatever may be exposed on 
the network.  I don't have time or interest to seek out or exploit 
anything like that.

My interest is only in trying to make a few extra buck by doing the very 
easy configuration of their access point and adapters.  Perhaps it will 
open the door to additional work with that customer.

I am VERY open to suggestions as to how to stay out of trouble and how 
to make the sale!



Mike Johnson wrote:

> Glenn Meyer wrote:
>
>> Yep, you gotta play on their fears a little to get the to fork over 
>> the cash.
>>
>> You bring up a good point that I haven't yet worked out a complete 
>> solution for....  How to successfully sell without scaring them or 
>> making them feel threatened.   However, it is a potential danger - 
>> especially business (my main interest as customers).  They need to 
>> know and get it locked down to a reasonable level.
>
>
> It should be noted that a guy went to jail not too long ago by 
> approaching an area hospital with an offer to help secure their 
> wireless network that he had found was wide open.  Not sure if he was 
> convicted, but he was brought up on charges:
> http://www.wral.com/news/2465963/detail.html
>
> The security industry does not need to be all about fear, uncertainty, 
> and doubt.
>
> Mike

More information about the TriLUG mailing list