---------- Forwarded message ---------- Date: Tue, 13 Aug 2002 15:18:17 -0400 From: Declan McCullagh <declanat_private> To: politechat_private Cc: billshoreat_private Subject: FC: FBI releases advisory about 802.11-spotting "wardriving" This letter is from last month but we haven't covered it on Politech before. Read it carefully: The FBI claims that using an open 802.11 access point without explicit authorization may be a federal crime ("theft of services"). -Declan --- From: Bill Shore [mailto:billshoreat_private] Sent: Monday, July 08, 2002 9:56 AM To: billshoreat_private Subject: Wireless networks - Warchalking/Wardriving It has recently been brought to my attention that individuals/groups have been actively working in the Pittsburgh area as well as other areas of the United States including Philadelphia, and Boston, and the rest of the world for that matter, to identify locations where wireless networks are implemented. This is done by a technique identified as "Wardriving." Wardriving is accomplished by driving around in a vehicle using a laptop computer equipped with appropriate hardware and software http://www.netstumbler.com/ to identify wireless networks used in commercial and/or residential areas. Upon identifying a wireless network, the access point can be marked with a coded symbol, or "warchalked." This symbol will alert others of the presence of a wireless network. The network can then be accessed with the proper equipment and utilized by the individual(s) to access the Internet, download email, and potentially compromise your systems. In Pittsburgh, the individuals are essentially attempting to map the entire city to identify the wireless access points, see here, http://mapserver.zhrodague.net/cgi- bin/mapserv?mode=browse&layer=all&layer=q uadsheets&layer=borough&layer=roads&layer=ap&zoomdir=1&zoomsize=2&imgxy=458+ 165&imgext=-80.175489+40.268422+-79.733217+40.621536&map=%2Fmnt%2Fhog%2Fwebs ites%2Fmapserver%2Fpublic_html%2Fpa%2Fpgh.map&savequery=true&program=%2Fcgi- bin%2Fmapserv&map_web_imagepath=%2Fmnt%2Fhog%2Fwebsites%2Fmapserver%2Fpublic _html%2Ftmp%2F&map_web_imageurl=%2Ftmp%2F&img.x=250&img.y=197. Also, check this article from pghwireless.com, http://www.pghwireless.com/modules.php?name=News&file=article&sid=19 Identifying the presence of a wireless network may not be a criminal violation, however, there may be criminal violations if the network is actually accessed including theft of services, interception of communications, misuse of computing resources, up to and including violations of the Federal Computer Fraud and Abuse Statute, Theft of Trade Secrets, and other federal violations. At this point, I am not aware of any malicious activity that has been reported to the FBI here in Pittsburgh, however, you are cautioned regarding this activity if you have implemented a wireless network in your business. You are also highly encouraged to implement appropriate wireless security practices to protect your information assets, http://www.cert.org/research/isw/isw2001/papers/Kabara-31-08.pdf There are several articles available with additional details including http://www.warchalking.org as well as http://www.pghwireless.com. A copy of the coding symbols is attached in .pdf format. If you notice these symbols at your place of business, it is likely your network has been identified publicly. If you believe you may have been compromised or if you have any questions regarding this activity, you are encouraged to contact the appropriate law enforcement agency. The FBI office in Pittsburgh and High Tech Crimes Task Force can be contacted at 412-432-4000. <<warchalk.pdf>> Bill Shore Special Agent FBI-Pittsburgh 3311 East Carson Street Pittsburgh, PA 15203 412-432-4395 billshoreat_private ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ ------------------------------------------------------------------------- Like Politech? Make a donation here: http://www.politechbot.com/donate/ Recent CNET News.com articles: http://news.search.com/search?q=declan CNET Radio 9:40 am ET weekdays: http://cnet.com/broadband/0-7227152.html ------------------------------------------------------------------------- - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Aug 14 2002 - 05:33:01 PDT