Re: [fw-wiz] Interlopers on the WLAN

From: Dave Piscitello (dave@corecom.com)
Date: 11/06/02


From: Dave Piscitello <dave@corecom.com>
To: firewall-wizards@honor.icsalabs.com
Date: Wed Nov  6 13:30:02 2002

According to the FBI field agents who spoke at a seminar series I recently
participated in, if you "stumble upon" an ESSID, actively attempt to obtain
an address by scanning or using one helpfully provided via DHCP, you are
engaged in an unauthorized access and can be prosecuted under

USC TITLE 18 > PART I > CHAPTER 47 > Sec. 1030,
Fraud and related activity in connection with computers

One of several URLs: http://www4.law.cornell.edu/uscode/18/1030.html

If you're curious how it's being enforced w/r/t WLANs, contact the FBI
through your local Infragard chapter?

I don't think people will be able to make a case about "secured" or not.
I'm not an attorney, but I think the same logic that dictates that "I leave
my doors unlocked - it's my home and if you enter while I'm not there it's
unauthorized entry" applies here. My opinion as well is that once you
obtain or use an IP address/mask/gateway that you clearly know belongs to
someone else, you have attacked a network:

- unauthorized use of resources
- denial of service to others who might wish to use the address
- disruption of service of a host that is normally assigned the IP address used
- unauthorized receipt of transmissions over the WLAN
- etc.

It's not "clever" any more...
Considerably more clever people than those who are war-driving proved a
point, now it's cracker chic

At 12:23 AM 11/5/2002 -0800, Philip J Koenig wrote:
>Please forgive if this has been covered before, I'm not reading the
>group daily these days.
>
>Is it reasonable to assume that those who access WLANs without the
>permission of the owner are violating the same cybercrime laws that
>apply to any unauthorized access of a computer network?
>
>Some have recently argued this is not the case if someone doesn't
>"enable the security features", but personally I don't see the
>distinction between this kind of activity and anything normally
>prohibited by laws such as California Penal Code section 502a and
>various other cybercrime laws. It doesn't seem to me that the law
>makes a distinction about whether the network in question was secured
>or not. (what does 'secured' mean anyway?)
>
>TIA,
>
>Phil
>
>--
>Philip J. Koenig
>pjklist@ekahuna.com
>Electric Kahuna Systems -- Computers & Communications for the New
>Millenium
>
>
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards@honor.icsalabs.com
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

David M. Piscitello
Core Competence, Inc. &
3 Myrtle Bank Lane
Hilton Head, SC 29926
dave@corecom.com
843.689.5595
www.corecom.com



Relevant Pages

  • RE: [fw-wiz] Interlopers on the WLAN
    ... insecure mechanisms, like WEP, to stop access to the network? ... > various other cybercrime laws. ... are not the intended recipient, you are hereby notified that any use, ... If you have received this communication in error, ...
    (Firewall-Wizards)
  • RE: [fw-wiz] Interlopers on the WLAN
    ... saves the owners of the truly open WLAN's from liability if the access they ... > as to whether you intend the network to be private or not. ... >> various other cybercrime laws. ...
    (Firewall-Wizards)
  • RE: [fw-wiz] Interlopers on the WLAN
    ... as to whether you intend the network to be private or not. ... (rather than "this system is private property and unauthorised access is ... > various other cybercrime laws. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Interlopers on the WLAN
    ... secure the network. ... as to whether you intend the network to be private or not. ... (rather than "this system is private property and unauthorised access is ... > various other cybercrime laws. ...
    (Firewall-Wizards)