From: Jason Chambers (jchambers@ucla.edu)
Date: Wed May 16 2007 - 18:58:18 EDT
Your best off forgetting about it and deleting the data if you still
have it. Insecure communications are all over the place and there are
laws to act as a deterrent to their interception. You'd be putting
yourself at risk to pursue educating this user.
At http://www.securityfocus.com/infocus/1885/2 , Read the section under
"Legal considerations".
From the link above...
"""
In general, it is illegal in both the U.S. and most European countries
to intercept wireless traffic without the consent of at least one (and
sometimes both/all) of the parties to a communication, subject to
certain exceptions provided by the applicable law, such as interception
by law enforcement with a warrant under a court order, or interception
by the network operator or service provider in order to manage its
business.
Monitoring or scanning wireless traffic simply to identify networks in
the area, due to the fact it is an activity that does not involve
capture of the message content or traffic data for specific
communications (an area where the legal restrictions become really
strict), could well be legal in most countries.
The traffic acquisition activities must be accomplished after receiving
proper authorization, typically in the form of a search warrant (or
other legal process), and are mainly regulated in the U.S. by the
Communications Assistance for Law Enforcement Act (CALEA) of 1995 [ref
22 <http://www.securityfocus.com/infocus/1885/2#ref22>] and in Europe by
the European Council Resolution of 17 January 1995 on the Lawful
Interception of Telecommunications (Official Journal C 329) [ref 23
<http://www.securityfocus.com/infocus/1885/2#ref23>].
"""
Regards,
--Jason
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On Behalf Of jasper.o.waale@kh.pwc.com
> Sent: Wednesday, May 16, 2007 1:20 AM
> To: listbounce@securityfocus.com; pen-test@securityfocus.com
> Subject: Sneaking a peek on Wlan in airports
>
> I'm sure you as I have many time been in airport with public wlan access
> and by error had some kind of sniffer running ?
>
> well I has Cain open because of a general scan I was making related to a
> test, and I picked up a Pop3 account and password,
> I did try to find the guy to tell him but did not see anybody with a
> laptop, so what now do I email him as asking him to update the password
> or do I just ignore it and let he carry on doing this to him self and his
> firm.
>
> Regards
>
> Jasper O Waale
> _________________________________________________________________
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT