Airport Menace: The Wireless Peeping Tom----------------------------------------
As a network security consultant, I travel quite frequently. At times, it seems like
airport is my second home. I actually like to fly, it's a moment in time where no one can reach me by e-mail, or mobile phone.
It never fails that something interesting happens to me at airport. I've even met some famous people during my travels. A few months ago, I ran into Frank Bielec, from TLC show, Trading Spaces. But one of my favorite things to do at airport is browse wireless Ethernet waves. I'm never really surprised at what I find. I'm just glad I know more about wireless Ethernet than average road warrior.
The Dangers Of Ad-Hoc Wireless Networking
-----------------------------------------
Most people who have wireless Ethernet at home, or office, connect to wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. For more information on configuring your "Infrastructure Mode" wireless network take a look at "Wireless Network Security" page at Defending The Net.
However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of.
A wireless Ad-Hoc network allows you to communicate with other wireless Ethernet systems without using a wireless access point. It's kind of a peer to peer configuration and it works rather well. The problem is, most people just set it up, and forget about it. At home, it's not a huge problem, but when your on road, it could cause you a great deal of grief. The airport is probably best place to find Ad-Hoc networks. Business men and women, delayed once again, power up their laptops and get to work completing days tasks, or planning tomorrows agendas.
I can't tell you how many systems I find in airport configured this way. Not just in terminal, but on plane. About three months ago, just after we reached cruising altitude and were allowed to use our "approved electronic devices", I found that gentleman two seats up from me had a laptop configured as Ad-Hoc. He walked by me about ten minutes later and commented on how much he liked my laptop. I thanked him, and asked if his laptop was on, and configured to use wireless Ethernet, he said yes.
To make a long story short, I showed him that I could see his laptops wireless Ethernet and informed him of danger. He asked me if I could access his hard drive, and I told him that it might be possible. He asked me to see if I could, so I obliged. After configuring my laptop to use same IP address class as his, and typing "net use * hiscomputersIPAddressc$ "" /USER:administrator", I received a notice that connection was successful and drive Z: was now mapped to his computer. I performed a directory listing of his hard drive and guy almost had a heart attack!
