charliex

Mr Mephisto : Yeah i've sen APTools, i use netstumbler, kismet, aeropeek, etc but i'm not happy with any of them, i want something that basically allows me to have a mappoint database etc updated in realtime with signal strengths so it maps out the area covered by the device, as well as all the other stuff included with stumbler etc, (and also not have it crash when WEP is enabled)

i'd like to do something like have a tool that generates what you'd expect to see from the base station, and have that overlaid with what you actually get.

I figure that'll also help pinpoint rogue AP's are you'll be able to see that the area covered has changed significantly ( more so that weather conditions or such would allow )

As well as that i want it to be able to pull in data from other machines in realtime, so a distributed stumbler (whcih would require the device to either have two network connections or one card and have it scan, switch, send, switch, scan etc

yeah i think the difference is your relationship with the company or people and how much of a hardass they would be about it, lets face it, even if you are doing some people a favour the righteous indignation can kick in even when you are secure, as for the finder having a virus, well if their network is wide open, they are volatile to getting that from anyone, and not even knowing.

I know i'd rather have some tell me my network was wide open than leave it and wait til someone malicous came along, i wouldn't get all uppity about it, ego doesn't come into it for me. if i screwed up i want to be told.

unfortunately theres no simple way of making sure its wide open.

i guess its a lot like spam lists that block ip ranges or test for open relays by sending a test message ? that is tecnically the same thing as connection to an AP, just because you have a SMTP server, doesn't mean you have given permission to use it, i had my indy on a private network for a while, then it got out on internet, i hadnt worried since i hadn't set anything up to listen, however out of the box, it had SMTP on , but it was misconfigured, so the message that was sent by an open relay checker, ended up being stuck in a loop the indy kept sending it to itself , as fast as it could, which brought the machine down, i'd been running a 3 week long simulation on that machine and had gone away for a few days, when i got back it was down, i could have gotten mad about the open relay checker just scanning me and finding that smtp port, but i think the reasons they have are valid, open relays are really bad things IMHO and although i lost three weeks of time for that , and had to run it again, i had locked down the machine safely before some spammer had used it, which would have gotten me blacklisted and possibly cut off by my provider.

to be honest, i'd be happy to allow people to use my AP for checking emaill etc, so long as i could control the bandwidth, and they couldn't access my internal network.

I'm still a believer in the difference between a wireless ap and passive things, i don't actively broadcast my door is open, or there is stuff inside, i do with my AP, its my responsibility to make sure the signal covers my house, and thats its locked down. The buck stops with me, its my fault if someone gets in. malicous or otherwise.

Of course just because WEP isn't enabled, doesnt mean the network is unprotected.

i fi get a virus coz of an open network, its my fault.
if someone walks into my house and steals sutff coz the doors open, its my fault.
if my car is pinched because i nip in for something and leave the keys in it, its my fault.