Wireless security.

There are lots of ways to secure a wireless connection. One of the more popular ways with business WLAN's is to not secure the wireless connection at all, and run everything over a VPN connection. The VPN traffic is encrypted and is therefore sniffer safe. Authentication is left to the VPN.

However, all the one's I've seen have a splash screen that greets the casual hacker with threats of prosecution if they continue beyond the initial connection. You're expected to fire up your VPN software, or connect via SSL/TLS to an obscure authentication server. If you don't know the name of the server, you don't go anywhere. I guess someone is setting up a similar system but without the splash screen warning.

You can usually get a clue as to who owns the system by the SSID. If it's your local police department or government, I would tread carefully.

There are also various services that provide VPN terminations. I blundered across:

formatting link
has a Flash movie of how to setup their VPN client or XP at:
formatting link
shows roughly how it's setup. Once connected to the VPN server, all the internet traffic goes through the default route at the terminating VPN server, instead of throught the default route of the hot spot or corporate access point.

Reply to
Jeff Liebermann
Loading thread data ...

Could be network(s) which don't have Internet connection or where the Internet is restricted to select computers on the network.

Reply to
Jerry Park

How do you find out the actual owners name of a wireless account -if you have the actual ip address, how do I find out who's acct it is?

Reply to
Robert

Kinda puts a damper on getting "permission" to use a wireless system.

You probably can't do a reverse DNS lookup. Most wireless systems give you non-routeable IP addresses per RFC1918 which cannot be traced back to the owner. Specifically: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) Without knowing the routeable address, you cannot identify the ISP or the owner.

If by some unusual chance, the DHCP server gives you a routeable IP address, then you can use rDNS and whois at:

formatting link
formatting link
find the ISP and possible the business owner. For example, your posting IP address resolves back to:
formatting link
your ISP, Cablevision, is failing to do a reverse DNS lookup.
formatting link
least whois sorta works. Sigh.

You can usually get some clues from the SSID as to the owner.

If all else fails, get a directional antenna and do some direction finding.

Reply to
Jeff Liebermann

When the internet gateway is at the terminating end of the VPN, and the casual wireless tourist can't see the gateway without an authenticated VPN login, traceroute is totally useless.

True. ISP's won't supply such information. At best, one might convince the ISP to send the customer some email with ones contact info. Most of the time, a bit of direction finding will locate the owner directly.

Again, he won't be able to see the shares and machine names until he gets past the VPN. That's the beauty of using an unencrypted wireless access point and a VPN. Almost everything is hidden. Usually, splash screen identifies the owner, but that's apparently missing here.

Reply to
Jeff Liebermann

There is one thing I do not understand about the concerns regarding wireless network security. Around where I work there are plenty of open and unsecured connections. One can connect and you get an IP address, DNS IP address, etc, there is decent signal strength, no dropped connections, etc.

However, there is absolutely no way to use said networks - whilst packets are being sent and recieved, trying web, traceroute, etc, does not give any connection. Nothing happens.

So, what is the problem because just because the network can be connected to, if no user can actually use it, then why do people get agitated about it?

Of course, I guess it may be a problem with my computer, but since I can access other wireless networks, it would seem unlikely.

Sorry for my naivete here.

Reply to
Hello!

An outbound tracert may give you enough information to at least know who the ISP is, but that's not very useful, and the ISP isn't going to give you contact information based on an IP address without a court order. You really can't tell who it is unless they've set up a descriptive SSID or have computers with useful names that you can see in WinDoze...

Reply to
William P.N. Smith

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.