Mon 5 Aug 2002
The following email came to me via a number of sources. If you're familiar with wireless, nothing here will surprise you. However, for the folks that go to Fry's to buy a cheap AP and unwittingly blow holes in their company's LAN security, this should be required reading (as should the article at extremetech).
In other news, someone on the pho list posted this:
From: Bill Shore [mailto:billshore@fbi.gov]
Sent: Monday, July 08, 2002 9:56 AM
To: billshore@fbi.gov
Subject: Wireless networks - Warchalking/Wardriving
It has recently been brought to my attention that
individuals/groups have been actively working in the Pittsburgh area as
well as other areas of the United States including Philadelphia, and
Boston, and the rest of the world for that matter, to identify locations
where wireless networks are implemented. This is done by a technique
identified as "Wardriving." Wardriving is accomplished by driving around
in a vehicle using a laptop computer equipped with appropriate hardware
and software http://www.netstumbler.com/ to identify wireless networks
used in commercial and/or residential areas. Upon identifying a wireless
network, the access point can be marked with a coded symbol, or
"warchalked." This symbol will alert others of the presence of a wireless
network. The network can then be accessed with the proper equipment and
utilized by the individual(s) to access the Internet, download email, and
potentially compromise your systems. In Pittsburgh, the individuals are
essentially attempting to map the entire city to identify the wireless
access points, see here,
http://mapserver.zhrodague.net/cgi-bin/mapserv?mode=browse&layer=all&layer=q
uadsheets&layer=borough&layer=roads&layer=ap&zoomdir=1&zoomsize=2&imgxy=458+
165&imgext=-80.175489+40.268422+-79.733217+40.621536&map=%2Fmnt%2Fhog%2Fwebs
ites%2Fmapserver%2Fpublic_html%2Fpa%2Fpgh.map&savequery=true&program=%2Fcgi-
bin%2Fmapserv&map_web_imagepath=%2Fmnt%2Fhog%2Fwebsites%2Fmapserver%2Fpublic
_html%2Ftmp%2F&map_web_imageurl=%2Ftmp%2F&img.x=250&img.y=197.
Also, check this article from pghwireless.com,
http://www.pghwireless.com/modules.php?name=News&file=article&sid=19
Identifying the presence of a wireless network may not be a
criminal violation, however, there may be criminal violations if the
network is actually accessed including theft of services, interception of
communications, misuse of computing resources, up to and including
violations of the Federal Computer Fraud and Abuse Statute, Theft of Trade
Secrets, and other federal violations. At this point, I am not aware of
any malicious activity that has been reported to the FBI here in
Pittsburgh, however, you are cautioned regarding this activity if you have
implemented a wireless network in your business. You are also highly
encouraged to implement appropriate wireless security practices to protect
your information assets,
http://www.cert.org/research/isw/isw2001/papers/Kabara-31-08.pdf
There are several articles available with additional details
including http://www.warchalking.org as well as
http://www.pghwireless.com. A copy of the coding symbols is
attached in .pdf format. If you notice these symbols at your place of
business, it is likely your network has been identified publicly.
If you believe you may have been compromised or if you have any
questions regarding this activity, you are encouraged to contact the
appropriate law enforcement agency. The FBI office in Pittsburgh and High
Tech Crimes Task Force can be contacted at 412-432-4000.
<<warchalk.pdf>>
Bill Shore
Special Agent
FBI-Pittsburgh
3311 East Carson Street
Pittsburgh, PA 15203
412-432-4395
billshore@fbi.gov
In other news, someone on the pho list posted this:
Oyez! Oyez!
Special Agent John Scott of His Majesty's secret police today issued a
notice observing that many of His Majesty's subjects have begun the
practice of hiring so-called "glaziers" to install "clear walls" or
"windows" in their dwellings. Agent Scott went on to note that while
more convenient and hygeinic than the traditional masonry or straw
openings heretofore employed, these so-called "win-dohs" or "glass
openings" are also vulnerable to miscreants who may employ special
apparati (i.e., bricks, rocks) to violate the sovereignty of house and
home. While S.A. Scott could not cite any examples of crimes perpetrated
in connection with these "win-dohs" he warns that in these tumultuous
times, it is beholden on all of His Majesty's subjects to exercise the
utmost care in defending their homes against the imprecations of the
wily Norman and his sinister allies.
For God and King,
Rbt. K. Allen, H.M. Criers and Newsagents.