No, for two reasons.
1. You haven't mentioned any way to ensure that the intruder visits
that page and sees it, let alone agrees to its conditions. [Technology
exists to address this, it's called a "captive portal". So this problem,
at least, can be solved.]
2. Can you post a sign on your driveway, giving yourself the right to
search any cars that park there that you don't recognize? I don't
think so. You have the right to report them to the *police*, who in turn
might determine that a search warrant (or one of the few exceptions) is
appropriate, but simply arrogating that authority to yourself is risky
at best.
Really, it would be a whole lot simpler to (a) secure the network in
the first place, and (b) ban and/or report any intruder who gets past
that security. [If you lock access to a list of MAC addresses, the only
way an intruder can get in is to spoof one of those addresses, and so
identifying and banning him will be problematic at best.]
An awful lot of the intruders I encounter have a NetBIOS name set, so
their computer offers me clues about who they are *without* any kind of
counter-intrusion on my part. And since they're just looking for free
bandwidth, it doesn't take a lot of banning effort before they decide to
go somewhere easier.
My current "ban" list is not very long, and there's only one entry on
there for which the police *will* be called if it shows up again. But
that one wasn't just hitching a free Internet connection....
David Gillett
-----Original Message-----
From: Ebeling, Jr., Herman Frederick [mailto:hfebelingjr@lycos.com]
Sent: Monday, May 15, 2006 2:34 PM
To: security-basics@securityfocus.com
Subject: Wireless Security (Part 2)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A few months back we had a discussion going about whether or
not a person who has setup a Wi-Fi network for their and
their families use. And IF someone illegally connects to
said network if the person who setup the network has the
right to go into the other person's computer to find out who
they are. The consensus is/was that sadly no the person who
setup the Wi-Fi network doesn't have the right to go into the
intruder's computer to find out who they are.
What IF the person who sets up the Wi-Fi network has a web
page, or a dialog box that is displayed that says the
following whenever a new computer signs onto the network:
WARNING
You have connected to a PRIVATE COMPUTER NETWORK
IF you were NOT invited to join the network then leave now.
IF you continue to use the network, know that by doing so you
consent to having your computer inspected for the purpose of
finding out who you are so that the proper authorities can be
notified.
IF you leave now no actions will be taken, but IF you
continue then the appropriate actions WILL be taken, you have
been WARNED.
This is your ONLY warning, leave NOW.
Also know that along with your name your computers MAC
address will also be recorded, and blocked in the future.
If the above is setup as a web page then the
capitalized words would be in bold as well as red to catch
the person's attention. Also with the above they wouldn't be
able to say that they weren't warned, correct?
- -----
Herman
Live Long and Prosper
___________________ _-_
\==============_=_/ ____.---'---`---.____
\_ \ \----._________.----/
\ \ / / `-_-'
__,--`.`-'..'-_
/____ ||-
`--.____,-'
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Space the Final Frontier
iQA/AwUBRGjzqx/i52nbE9vTEQL2VgCfa6k5g7v+iXyLAWn8x0C4puoejFIAnA0l
pyeqL5W4eOfzDQCLuHEk31Q/
=c+u5
-----END PGP SIGNATURE-----
