Homeland (WiFi) Insecurity?

Homeland security folks might be based in Washington DC, but they are not doing a good job of monitoring the government-wireless networks which are open for anyone to peruse, according to Boston-based Newbury Networks. They went on a war drive and found in-securities, literally at every corner. Amongst those were Price WaterhouseCoopers, the U.S. Senate and the Department of the Interior.

On an average, wireless devices from nearby offices abandoned their own access points every 42 seconds and associated themselves with Newbury’s temporary AP. Over the course of some three hours, a total of 213 devices sought to associate themselves with Newbury’s “honey pot” access point.

This was possible because of something called the promiscuous clients. By naming their access point, “linksys,” they suddenly had a lot of networks/devices connecting to their access point.

And using a default setting in Microsoft Windows XP, an individual using an unapproved access point could bridge his wireless device to a promiscuous client device. If that promiscuous client were plugged into an office network, the outsider’s computer could gain access to the enterprise’s computer network as if it were actually the compromised device.