I've connected to two networks so far...but i'm not sure what to do then...some packets are being transmitted back and forth and i have a decent signal...any programs or just advice for the next step???

Advice? Yes. Unless you are authorized by the owner of the network to be using their resources, disconnect your system. Otherwise, you run the risk of being convicted of computer trespass (assuming you are in the US). See the "Legal implications..." thread here for more information on that subject.

-Toomer

And if John Ashcroft has his way, you could potentially get life in prison for this...

Historically, simply demonstrating that the system in question did not declare itself as a private system, combined with a *convincing* claim of lack of knowledge that the system in question was not "public access" has been a very successful defense.

If you're wardriving, you're probably in the street, not on the target's property, so you're not trespassing. If you are not given notice that you're attempting to access a private system, you've got a very plausible defense. What would serve as a "keep out" sign for a WLAN? No clear definition. Possibly the presence of WEP on the WLAN in question, or perhaps the lack of an accessible DHCP server may be reasonable "warning signs". This stuff has yet to be played out of course, so we'll just have to wait and see...

As a general rule, I set netstumbler to NOT automatically reconfigure my card to match the target's network parameters (channel and SSID).

I'm not sure I'd be willing to test out your theory in court - that if a network owner doesn't take measures to make it obvious their network is private, you won't be held liable if you enter.

This is all speculation and conjecture, but working in the ISP industry, I have some experience with this and I can tell you that the law always favors the network owners first and foremost. I've read the laws on computer tresspass, and - boring as they are - they give preference to the owner of a network over the rights of a user. The law must protect the network owners, because sometimes the people running those networks are idiots and can't secure anything. The law protects their rights - not other's rights. Heck, even a ping scan of a foreign network can be considered illegal depending on how you interpret the law.

You'd have a better leg to stand on (legally) with the "I didn't know I was connected to his wireless network" defense rather than the "They didn't indicate their wireless network was private" defense.

Then again, if you are 20 miles away from home with your laptop, neither defense will work for you.

Delta Farce, in another thread (http://www.netstumbler.com/vb/showthread.php?threadid=98) had a good analogy given to him by an attorney. It goes something like this:

You walk down a street with two houses on it. The first house has all the doors and windows wide open. There's no one in the house, but there's a six pack of beer and snacks visible in the living room. There's no fence between the house and the street.

The second house has all its doors and windows shut and locked. There are armored bars on all the windows and doors, and around the perimiter of the property.

Would it be legal to enter either house? The answer is no. The law protects homeowners even if they are stupid and forget to lock their doors.

-Toomer

I hear you, and I've been in the security industry for about 10 years now. I maintain that a *large* number of perps have gotten off scott-free by demonstrating there were no "go away" signs.

The analogy with the unlocked houses does not hold up. You're not physically trespassing. You're in the street, which the victim presumably does not own (unless the victim is the local government!). You are messing around with your wireless gear, which by the way is perfectly usable outside (as evidenced by vendor marketing materials!).

Detecting the presence of APs != Intrusion. What I'm doing is the former. If I associate with an AP and attempt to get an address (outside of the context of a pen-test I've been contracted for), I'm intruding, and thus committing a crime. Not being a criminal, I don't do that.

--lart

Iart, problem is you and stummmmmblr aren't drawing the line at same place. stummmmmblr wants to know "what next". At this point I'd agree that no one is going to try to convict him for anything, but if he does proceed to "what next" he is setting himself up for some seriously nasty legal problems, depending very much on just what "what next" is.

By the way, you all may want to cruise on over to http://www.eff.org and take a look at what the Anit Terrorism Act of 2001 thinks of people who deface websites and do other nasty things computers. How does life in prison without parole sound?

The legal points in this thread are well taken and should no doubt be heeded. Nobody should trespass without permission. Granted.

OK, so I am sitting in the backyard at a friend's house and
have stumbled his simple little WLAN with his permission. In fact, he's right at my shoulder......This is the first time either of us has used Network Stumbler and we are new to networking in general as well.

We are looking at the screen just as stummmmmblr was no doubt doing, watching the various pretty readouts and stuff and we still have the same question:

Now What?

How do we enter his network and walk about?

Lets start easy. Given the above trespass arguments, what is spam considered?

It is obviously unauthorised network traffic, or is it? By you authorising your POP account, are you not the one bringing the traffic across the network?

But then again, the mail had to make it to your server so I would consider it trespass traffic. The lack of prosecutions for spam may lend his hand to simple 'stumbling' defenses but not obvious network intrusion (sp?).


Now for the brain scratcher:
Lets say I stumble across a network named "overlord" and a packet capture shows a server named "Frodo" and some various workstations. WEP is not enabled and their AP is not running closed.

What if I decide to also name my network "overlord" and my server "Frodo" and their users pull an IP from my DHCP and connect to my network? Can I prosecute? Just imagine the fun one could have doing this - "There is another computer with the same machine name!" Hell, you can even spoof "Frodo"'s MAC (although this would probably work against you in court).

What if I give my DHCP server a single IP to hand out and one of their workstations pull it? That would deny my workstation from pulling that single available IP and thus would deny me services on my own network. Under Florida law (as it was a few years ago), this is/was a major offense. To illistrate how strict the interprutation (sp?)can be, if I were to casually dial a number and tie up a dial-up that someone needed, that could be considered a DOS.

Tron of Borg, esq. <--- LMAO ;p

Here, let me make it easy for you to understand. I read the lawyers analogy of the two houses and thought to myself this lawyer should stick to things he knows about and stay as far away from anything related to networking as possible. Why, just because the comaprison of homes to networks is the most rediculous thing in the world.

Here, let me give you a better example. Land.

If you come across a lush green meadow, with lovely scenery, a nice brook, a perfect place for a picnic, look around, and see that there are no fences and no signs, just a beautiful area, so you decide to have a picnic. You cause no trouble, clean up, enjoy the beauty before you, and use that beauty, 99.9% of the time, no one is going to care. Otherwise, they would have put up fences and posted signs warning you that you are evil scum if you even think about looking at that field again. Yes, mean people suck.

Homes are private and personal, where land is also, yet most people do not care if you tresspass as long as you don't harm anything or do anything stupid. Once again, unless they are jerks.

Same with networks. If you don't want someone to use your network, then take the steps to let them know. If you patch into a wired network, well, you actually had to do something to get there. Wireless on the other hand, is NOT a protected frequency, nor is it bannered by default. If you are too stupid to know how to operate your network, then you should respect those who do and either ask questions and learn or get the hell out of the way. Your stupidity does not equate to others being illegal.

NOW, if they are doing malicious things, or stealing from your network, or using your line to do malicious things, then hell yeah, they need to be beaten with a soggy leather strap. But if someone is using your wireless network that you didn't have the smarts to secure, to surf, then what the heck should you care?

If you use WEP (which we all know sucks) then it still takes a malicious effort to break it and sniff. Likewise, any other intentional access to your network would also fall into the jerk line.

But face it, the internet should be free, and there are many who do hang APs out the window for anyone to use. Should they advertise? NO, I think those who don't want to be used should take some responsibility and learn to secure their network before they start yelling foul.

Anyone broadcasting and handing out IPs have no room to bitch about anything. Ignorance is not a defense.

I do, however, think that anyone who gets an IP and just looks to see what they can get off the network, other than internet access, is just up to no good, and need to be cautious. So far, I have had no problems when I tell businesses and others that they are open to anything, but then again, I do it from afar. And I DON'T look at anything on their network. I don't even want to take a chance.

Just a thought

Axe

... out of someone for my post. Instead, I get to read a serious post. Dammit!

Tron of Borg
(keeping my day job)

Nah, yours was funny, and actually pretty right on.

I am thinking of doing just what you said just to see what kind of reaction it will get, but I am going to have an elaborate schema drawn out so I can say, "See, I have had this for years, who are you to take my naming conventions!!!"

LOL That should get some exec bawling thinking he is going to have to settle....

Just joking

Axe

winslow: If your goal is simply to convince your neighbor that he needs to better secure his network, point an attack at http://www.nsa.gov. Just be sure to NOT launch it!

Assuming you want to show your neighbor what someone can do to his the computers on his network go to http://www.foundstone.com/rdlabs/tools.php and grab some tools.

Axe: Nice to see you posting. Hows the stumbling been going?

In regards to the lawyer, She is very knowledgeable about computers and networks from a legal point of view. She’s presented a DefCon many times, defended numerous people who were accused of computer crimes, and is now working at Stanford Law School. Her name is Jennifer Grannick

Fact is, if you are surfing the Internet over a link paid for by someone else you are stealing a service for which they have paid. You are also trespassing on the network for which they have paid. Admittedly, you can do these things without harming them or adversely affecting the performance of their network but it doesn’t make it right. Of course the men in black wouldn’t give a hoot if all you were doing was surfing the net from someone else’s link, but I still doesn’t make it right.

While it may not be a popular opinion here, I also take exception to the assertion that the Internet should be free. Have you looked at the cost of core switches and beefy routers lately? How are those going to be paid for if the Internet is free? How are those of us who make our living working for companies that make or support that equipment, or provide Internet access going to pull down our salaries and pay our rent if the Internet is free?

I realize a lot of the folks who are Stumbling and surfing are doing no harm, but they need to know what risk they are exposing themselves to by doing this. The odds of getting caught are small, and the odds of a conviction for anything (unless they’ve been accessing or attacking computers) are tiny, but is it really worth it? Stumbling is fine, but think about before you go beyond that.

where have you been? Too long no read...

Yeah, I have been quiet for some time now, and thanks to Tron I have found a new toy to play with. Thanks Tron.

But, I have talked to several, and if the govt continues on it's present course, I may go underground again. I have not done rants or commentary on the newsgroups for a while but you know about that already. I am steering clear of that, for now. But I see a dark cloud looming, and I hope it clears.

If you still have my number, call me, if not, e-mail me, good things are happening, and I also need some help with something else.

Everyone - If you are not yet a member of a wireless community, I suggest everyone get in one quick. There is a move to utilize these communities as efforts to push our hopes that internet access through wireless will win over the lazy mean people who don't secure their networks and use the excuse that they shouldn't have to.

May be worth a shot, and there is safety in numbers.

Axe

Actually, you've given me neither a phone number nor an email address. Surely an oversight on your part.

Here's my address: <A HREF="mailto:%73%64%5F%77%69%72%65%6C%65%73%73%40% 79%61%68%6F%6F%2E%63%6F%6D>hope_this_worked@hidden .com</A>

Don't know if this forum permits html, but I will find out shortly.