Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Re: Legality of WEP Cracking

from [John Babio] Network Security [Permanent Link]
Subject: RE: Re: Legality of WEP Cracking
Date: Mon, 21 May 2007 12:18:32 -0400 
Anyone have the updated Orinoco drivers for backtrack? Can't seem to get
the card in monitor mode. Thanks!

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of ebk_lists@hotmail.com
Sent: Monday, May 21, 2007 9:03 AM
To: pen-test@securityfocus.com
Subject: Re: Re: Legality of WEP Cracking

This is good information, thanks. I think this will help all of us
develop a better picture of the thin ice we skate on every day. 

It's good to know that these laws exist, but does anyone have any case
law (preferably recent) to go with them? Knowing the law is good,
knowing how it is being applied is even better.

I think alot of it will boil down to intent and purpose. If I audit one
of my company's office downtown, it is guaranteed that I will pickup
more than just my company's traffic, just because of the density of the
office building. But I don't intend to do that, nor is it my purpose. I
ignore any data that I know to _not_ belong to my company. I also carry
a signed letter from my CISO when I do these audits. 

The laws are primarily going to come into play, IMHO, when there is
criminal intent. For instance, when two kids are sitting in their car
listening to a major home improvement stores wireless traffic for the
sole purpose of stealing credit card numbers, I'd say that is criminal
intent- pretty blatant, and easy to prove. But here in the US that
burden of proof is on the prosecution. So, in cases where the intent
isn't as cut and dried, it may not make it to court, depending on the
circumstances. 

Computer law is getting better, but it still has a long way to go. A
great deal of these cases still get tried on other laws such as
trespassing, loitering and theft of service. 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Legality of WEP Cracking, John Mason Jr
Next by Date:  Re: Legality of WEP Cracking, Justin Ferguson
Previous by Thread:  Re: Re: Legality of WEP Cracking, ebk_lists
Next by Thread:  Re: RE: Re: Legality of WEP Cracking, ebk_lists
Indexes:  [Date] [Thread] [Top] [All Lists]