[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Wireless ISPs
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: RE: [Full-Disclosure] Wireless ISPs
- From: Michael Gargiullo <mgargiullo@xxxxxxxxxxxxx>
- Date: Tue, 11 May 2004 20:50:02 -0400
On Tue, 2004-05-11 at 17:01, amilabs wrote:
> I have been researchign the wisp industry and I am planning to start one
> also. I assure you that most use some form of authentiction and enctyption.
> I would be very bad business to leave it open not only for hacking and dos,
> but also for users gaining free access. Most WISP gear supports wep and aaa
> type systems.
We used to offer Wireless Local Loops (1.5Mbps up and Down). The
equipment was from breezenet. Radios were about $900 a piece, but they
freq hopped, and were damn near to sniff effectively. They do however
run on the same 802.11b channels. While sniffing our signal, I was
across from a local hospital. I was assigned an IP on the 10.100
network (Not ours)... Curiosity got me... I was in the Emergency Rooms
WAP. I went to their IT Dept, and showed a very red faced IT manager.
Someone got fired over that little mess. Their system was webbased
patient tracking...http not https(duh). I moved down the road to
"warehouse size home improvment store" (to make sure I wasn't receiving
the hospital garbage)... got more junk... something that looked a lot
like cash register data...over unsecured wireless.
If it's wireless... it's more then likely wide open. Do I run wireless
at home...yup... Am I too lazy to run WEP...yup. So I run my wireless
gear in the DMZ... and chalked my sidewalk.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html