NetStumbler.org Forums - View Single Post

Sh00t3r · 07-16-2002

A big technological city here in Michigan went wireless about 8 months ago, connecting the city hall, fire departments, police departments, and other municipal buildings. They didn't announce it publicly but I knew right away, as I stumble the area on a weekly basis. I knew it was serious when I was picking up the ap at about 5.5 Mbps for what i thought was miles driving down the road with my pringles shooting out the front windshield.

Anyways...you would think that a city that implements such a network so "mission critical" to the city, would also take the necessary security measures. "So you would think". NO encryption, DHCP handing you out an ip like it's candy, and a quick ip scan of the network shows computers such as..."CITYHALL, FIRESTA1, FIRESTA2, PREC1, WEB, VPN, DESCARTES, TESLA, KEPLER" (all the explorers were servers running 2k

). I was in such utter dismay that I had to place a call to the IT manager. After discussing the issue with her and telling her I am willingly able to show her the exploits and fixes, she decided she would take care of any "issues" herself and thanked me. To the day the network is still the same.

I'm not sure the actual communication methods that fire and police use to relay info such as fire calls, EMT etc., but someone could simply apply a DoS attack or UDP flood to criple their network. I dunno, i'm just flabergasted at the lack of security on such a large, technological driven city.

07-16-2002	#5 (permalink)
Sh00t3r Registered Member Join Date: Apr 2002 Location: Michigan Posts: 199	yup yup A big technological city here in Michigan went wireless about 8 months ago, connecting the city hall, fire departments, police departments, and other municipal buildings. They didn't announce it publicly but I knew right away, as I stumble the area on a weekly basis. I knew it was serious when I was picking up the ap at about 5.5 Mbps for what i thought was miles driving down the road with my pringles shooting out the front windshield. Anyways...you would think that a city that implements such a network so "mission critical" to the city, would also take the necessary security measures. "So you would think". NO encryption, DHCP handing you out an ip like it's candy, and a quick ip scan of the network shows computers such as..."CITYHALL, FIRESTA1, FIRESTA2, PREC1, WEB, VPN, DESCARTES, TESLA, KEPLER" (all the explorers were servers running 2k ). I was in such utter dismay that I had to place a call to the IT manager. After discussing the issue with her and telling her I am willingly able to show her the exploits and fixes, she decided she would take care of any "issues" herself and thanked me. To the day the network is still the same. I'm not sure the actual communication methods that fire and police use to relay info such as fire calls, EMT etc., but someone could simply apply a DoS attack or UDP flood to criple their network. I dunno, i'm just flabergasted at the lack of security on such a large, technological driven city.