[52284] in North American Network Operators' Group
Re: Wireless insecurity at NANOG meetings
daemon@ATHENA.MIT.EDU (Richard Welty)
Mon Sep 23 10:49:42 2002
Date: Mon, 23 Sep 2002 10:47:06 -0400 (EDT)
From: Richard Welty <rwelty@averillpark.net>
To: nanog@merit.edu
In-Reply-To: <20020923135241.GF6531@rd.bbc.co.uk>
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 23 Sep 2002 14:52:41 +0100 Simon Lockhart <simonl@rd.bbc.co.uk> wrote:
> Someone sat in the hotel lobby with a powerful laptop isn't going to
> cause
> anyone to look twice, at a NANOG conference.
ok, i think we need to talk about the actual threats at a nanog conference.
1) some otherwise harmless person gets free internet access for a couple of
days. BFD.
2) some hacker uses free, untraceable access to do something nasty. hmmm.
3) some attendee gets hacked because they have security problems with their
laptop. sounds like a personal problem to me.
4) some spammer parks nearby and sends out a lot of spam. so block port 25
outbound, don't offer mail servers, anyone who wants to send email
can bloody well tunnel back to their home systems using ssh or ipsec.
are there others i've missed? do we really care about anything other than
2, as the others have remedies or are else apparently unimportant?
turning up WEP would keep the riffraff out. is that actually necessary or
important?
richard
--
Richard Welty rwelty@averillpark.net
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
