NetStumbler.org Forums - View Single Post

08-10-2001

As a legitimate network security professional, Netstumbler has been a golden tool to detect and remove several rogue access points in the company.

I am concerned with the legal aspects of performing wireless audits. I may know know if a LAN belongs to my company or another (think tall building with multiple tenants) until I actually connect, and monitor traffic or snag an IP address and look around.

One access point was "residential class" and DHCPd a 192.168.x.x address. I could not be sure that I was on one of my network or someone else's. After pingingin a few known internal hosts, I did realize that this was my network.

This could have been someone else's network......so what exposure do I have???? It's a bad situation where the act of being vigilant may expose the company to liability.

Any thoughts?

08-10-2001	#6 (permalink)
Posts: n/a	Legitimate Network Auditing As a legitimate network security professional, Netstumbler has been a golden tool to detect and remove several rogue access points in the company. I am concerned with the legal aspects of performing wireless audits. I may know know if a LAN belongs to my company or another (think tall building with multiple tenants) until I actually connect, and monitor traffic or snag an IP address and look around. One access point was "residential class" and DHCPd a 192.168.x.x address. I could not be sure that I was on one of my network or someone else's. After pingingin a few known internal hosts, I did realize that this was my network. This could have been someone else's network......so what exposure do I have???? It's a bad situation where the act of being vigilant may expose the company to liability. Any thoughts?