[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Wi-fi. Approaching customers

To: Gregh <chows@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Wi-fi. Approaching customers
From: "Coral J. Cook" <cjcook@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 15 Mar 2005 14:05:47 -0800

What about doing a targeted mail campaign (zip code, zip +4 , etc) with
a flyer about wireless security/insecurity in general with specific
statistics for the target area, or even a generic (not pinpoint gps
accuracy, but large area overview) map showing open access points?

Coral


Gregh wrote:
> I have asked this on another list and there has been discussion but nothing 
> that really seems like an answer so I am asking for help in here.
> 
> I did a war drive (and in MY terms that means just driving along gathering 
> SSID data showing open and closed and nothing else BUT that) and found one 
> HELL of a lot more wi-fi in my area than I had previously been aware existed. 
> Most of the SSIDs broadcasted didn't openly identify the company involved 
> though most of them were open. The idea in doing this was that I could note 
> an area where wi-fi is and approach the company (or individual) and offer my 
> services to LEGALLY lock their open wi-fi down. I realise that with open 
> wi-fi, I could be doing anything I wanted to or with their systems but that 
> isn't the point. I work in the area doing I.T. related work and so far have a 
> very good reputation for an inexpensive service and I am self employed so 
> doing the wrong thing would quickly kill all that.
> 
> My question is, then, how to approach someone to legally get work from them 
> fixing their badly installed wi-fi and ensuring it is all locked down. If I 
> turn up saying "Your wireless networking is open to hacking and I can fix it" 
> that sounds somewhat suspicious to me if you look at it from the point of 
> view of a user who knows nothing much about it all. Eg, I am telling them 
> something they don't want to hear, for a start and then telling them that if 
> they pay me, they can have it fixed on the spot. I already know how strange 
> it can sound. I happened to pick up the SSID ToysRus which was open and 
> realising they would have their own company employed I.T. people, I just rang 
> them to do them a favour and wasn't I met with suspicion? Yep! All I did was 
> say "You know you have wireless networking?" and they answered "yes...." and 
> I added "It's open and unsecured. You better fix it before someone else finds 
> it" and then got asked 100 questions including "How do YOU know?" blah blah
 by someone you would think KNOWS the game.
> 
> How do YOU approach prospective new customers to tell them their wi-fi is 
> unsecured and needs attention and that you can fix it for a fee?
> 
> Any help appreciated.
> 
> Greg.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://www.secunia.com/
> 
> 
> 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

References:
- [Full-disclosure] Wi-fi. Approaching customers
  - From: Gregh

Prev by Date: [Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
Next by Date: RE: [Full-disclosure] Wi-fi. Approaching customers
Previous by thread: Re: [Full-disclosure] Wi-fi. Approaching customers
Next by thread: Re: [Full-disclosure] Wi-fi. Approaching customers
Index(es):
- Date
- Thread