Drive-by spam hits wireless LANs
John Angelmo
john at veidit.net
Wed Sep 11 17:08:53 UTC 2002
Jared Mauch wrote:
> Imagine a few of the following scenarios:
>
> 1) You wok for an ISP and have access through them. One large
> enough that they apply their AUP to their own people. You have ISDN/DSL
> or some other connection w/ reverse-dns for your personal domain @ home.
> Someone drives by your place, finds your unprotected lan, sends spam, hacks,
> etc.. complaints come in, you lose job because you were a spammer and
> your employer needs to stop, etc.
> 2) You are a small company, someone does this, and you get
> blacklisted as a spamhaus. you are unable to get internet access.
> 3) you have a cable modem as your only high-speed connectivity.
> you have one of the linksys/whatever nat+802.11a/b boxen. you
> get used, you get blacklisted and can not get high-speed pr0n again.
>
> While these seem like minor annoyances in some cases, they
> can be quite dramatic to the person on the receiving end. I wish
> the wireless vendors would use a somewhat more inteligent approach and
> turn WEP on by default when shipping their units and at the cost of
> a few cents more they can print a sticker on the box that can be
> removed later that has the uniqe WEP key for that unit. Similar to
> the way when you go to the hardware store you can play match-up to get
> the same key for multiple locks.
>
Hi
In some way you are right, but still I think it's even worse to use WEP
cause then the admins might think it's safe, it takes about 15 minutes
to crack a wepkey, so instead of drive-by spamming you could call it
drive-by, have a bagle, start spamming.
The most hardware/software indipendent solution I have seen so far is
the use of VPN, simply place the WLAN outside your own LAN.
/John
More information about the NANOG
mailing list