http://www.vnunet.com/News/1139931 By Emma Nash 03-04-2003 Nearly three-quarters of malicious connections to wireless networks are used for sending spam, according to new research. Security consultant Z/Yen set up two wireless local area networks (Lans) on behalf of RSA Security to monitor unauthorised connections - a so-called 'honeypot' trap. The survey found that almost a quarter of unauthorised connections to the wireless Lans were intentional, and 71 per cent of those were used to send emails. "The biggest problem for someone wanting to deliver spam is having anonymity," said Z/Yen consultant Phil Cracknell. "If there's an opportunity to deliver email through someone else's network, and there's no log of it, then this is a perfect opportunity for spammers." Last week, the government published proposals to crack down on spam, which is estimated to account for up to 40 per cent of global email. If the proposals come into force, senders of unsolicited email will require prior consent from recipients, and web users will have to be told if cookies are being used, with the option to reject them. Individuals will also be given more power to decide if they want to be listed in subscriber directories. E-commerce minister Stephen Timms warned that the spread of unsolicited email could damage the development of online business. "Spam has become the curse of the internet," he said. "It's a source of major frustration as it clogs up inboxes the world over. Spam is in danger of becoming a real deterrent to online communication." John Mawhood, head of the commercial and technology department at law firm Tarlo Lyons, said the legal issues surrounding unsolicited use of wireless Lans are cloudy, but sending unauthorised email could create problems for internet service providers (ISPs). "If it is discovered that someone is engaging in denial-of-service attacks, for example, you could end up with the provider of the network being accused of collaborating," he said. "A person who manages a wireless Lan, in the sense of owning and running it, will be responsible for the traffic on their network. The ISP will want to make sure spam is not originating from its systems." In the honeypot test, the first unauthorised connection to the wireless Lans was made in just over two-and-a-half hours. "I think this is pretty worrying," said Tim Pickard, European strategic marketing director at RSA Security. "Every fourth connection is malicious, which is quite high." The honeypots were deployed following research by RSA and Z/Yen that showed a third of wireless Lans in the City are vulnerable to attacks by hackers. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Apr 04 2003 - 01:40:49 PST