Saturday, July 03, 2004


Moffittcam is up and running... If you use Yahoo IM and you want to see if you can catch me near the web cam then plug in moffittcam as a Yahoo IM id and if I am broadcasting you will see something. Currently I am at work at the PC Repair shop here at Goodwill until 5:30 pm.

Later

Tuesday, June 29, 2004

Find out my name and use it folks!!

I was at work yesterday at Goodwill and this lady called on the phone. I sold her a computer this last Saturday. She said "Is the heavy set guy there that sold me the computer Saturday?"
When I asked her to clarify who she was looking for (in what department) she apologized for describing that person (me) in that way but she did not get his name. She told me that the heavy set guy sold her a computer. I finally confessed that I was the FAT BOY that sold her the computer. LOL....

I get SO tired of people saying "Hey BIG Guy" and describing me as "Heavy Set". Sometimes when a small person says "Hey Big Guy" I sometimes respond by saying "Hey Tiny Dude". LOL. I guess they get the point when I do that.
Good grief people just call me by my name or just dont speak to me at all. Am I the only person that gets tired of being labled because I am a BIG GUY?? I get sick of shallow people who have nothing better to do than to highlight the fact that I am a FAT BOY....

When I get depressed and/or ANGRY I sometimes think "oh what is the freaking use people???" But, that emotion usually does not last that long and I just figure the truth hurts and get on with living. ;)

This FAT BOY will be getting on the Cross Trainer this morning for 25 min before I meet a friend for breakfast and some war driving with my Ipaq. Instead of being depressed and angry about the problem I am going to chose to do something about it one day at a time.

God bless

War Driving and Accessing data on a corporate LAN reviewed

A dear friend of mine sent me the following article which outlined their findings with regards to how easy it is to hack your way into a corporate network to steal data via their unsecured Wireless Access Point. Here is the article. from Red-M which is a Wireless Security Company.


According to a report from global wireless security company Red-M, most global businesses are at risk because they have not secured their wireless infrastructures.

The six-month study of 100 companies across the globe, including large multinational corporations covering a range of industry sectors, found that 80 per cent of corporate networks are accessible from outside their buildings.

Two thirds of banks, 60 per cent of financial services institutions and all education institutions leaked data, the study claimed.

Karl W Feilder, chief executive at Red-M, said in a statement: "Most businesses have not yet grasped the fact that once there is any sort of wireless device on their premises - and today you have to presume there is at least one device in your company - it acts as a point of insecurity by broadcasting company information over the airwaves.

"Sitting in your parking lot up to 300ft away from your building with a laptop and an inexpensive piece of software, an outsider could easily see the information being freely broadcast.

"They could receive network traffic, and could wreak havoc by exposing confidential and sensitive company information and manipulating data."


This is my response to that report...

I will certainly concur that a LOT of businesses and home users have not grasped the concept Network security and data integrity. The sad thing is that all they have to do is enable WEP and change the default admin ID and password on the Wireless Access Point (WAP).

From a technical point of view here are a couple of observations about the comments from the article you just sent me that was put together by Red-M. There is a difference between individuals that represent a company that deals with Network Security Threats vs some Tom Dick or Harry user who is just out war driving. People from Red-M are going to be security experts who understand how a computer network works and how to hack their way into company data. In other words they know how to try and compromise Firewalls, Switches, Routers and then the company file servers to access data. If they get through the first three devices listed above then perhaps they will be able to access the data on the file server. This is assuming that the company in question has NO security enabled whatsoever on the file server or the internal routing devices listed above. That would mean that they just plugged in these devices and left the default administrative passwords in place. I realize that Network Administrators are over worked and under paid. However, I can almost garuntee you that these same Network Administrators are painfully aware of the importance of data integrity and security and they are NOT going to put Firewalls, Routers and Switches in place without setting up security. It is just not going to happen. When it comes to their data depending on the type of network , peer to peer or client server, there is going to be authentication happening either at the SHARE level or DOMAIN level which means you will have to have a user name and password to gain access to the data. That means that if the administrator id and password are difficult enough they will have to know a valid user id on the network and the password to get access to the data. The chances of that happening from anyone just sitting out in the parking lot is going to be slim to none.

A wireless access point (WAP) acts just like a gateway to your internal network. Before wireless came along employees of companies if they wanted access to a corporate network would either have to dial in to a corporate gateway (DUN Account) or tunnel in via pptp (point to point tunneling protocol) utilizing a user name and password to get on the network. Once the user is logged onto the network you can still limit what resources they have access to on the LAN by limiting what they have access to via Share level access or Group level access on the domain. So, just because a person can actually hack their way into a network does not mean that they have full access to everything on the file server. They are still limited by the internal network security that is in place.

So, with all of that in mind I do not think that the security threat is as bad as the security industry would want us to imagine. One reason they are yelling foul so loudly is because they want the companies in question to be aware of their need to lock down their networks AND they want these same companies to use their exertise (for a cost of course) to implement these measures. Just changing the default user id and password on the WAP will make it exponentially difficult for someone to hack into the network. If you do not have the user id and password you just simply will not gain access.

I also believe that their claims that you can sit in your car within 300 feet of the establishment and gain access to a corporate LAN and compromise their data security is a bit far fetched. Just in my short experience with war driving I have found it difficult at best to even acquire and KEEP a wireless signal long enough to TRY to log on. I was standing at the front door at the Mills House the other night and I was getting a signal strength of about 20% at the very best and that was not enough for me to get an IP address from their DHCP server much less try to logon to Thinkspots network.

There is a huge difference in being able to sniff out a wireless signal via war driving vs being able to authenticate to the data source and steal information as readily as they are saying you can. In other words there is no mechanism in place where the file server is connecting to the WAP and transmitting corporate data out into the parking lot. LOL.... You have to gain access through the front door (WAP), authenticate to the file server (network security) and then grab ahold of the data and tell it to be copied back out across the LAN to the WAP over the wireless signal to your laptop.

Monday, June 28, 2004

I am currently at Just Fresh on Rivers Avenue in Charleston using their wireless network and enjoying a cup of coffee.
I was able to successfully connect to the Thinkspot network with my Ipaq and send out several emails. I was able to configure my Outlook software on the Ipaq to send and receive my Bellsouth.net emails. I am not able to chat via MSN Messenger which is built into the Microsoft Mobile OS on the Ipaq which I find puzzling. I will have to research that soon. I am using the laptop to connect and send this blog before the battery on this thing dies. :(

Well, I am happy that I FINALLY made that magical wireless connection with the Ipaq. I also learned that while you can certainly war drive and walk and find stray wireless signals you have to find one that is STRONG enough to enable you to make the network connection and keep it or you will never make the trip successfully to the Internet.
That means that you need to be atleast within 50 feet of the front door of the establishment that is broadcasting a wireless signal if not inside to get a good enough signal.

Well, that is about it folks, hope you have a good evening and a good day tomorrow!!

Sunday, June 27, 2004

USB Challenged


As usual I spent most of my day in the computer service department hiding from the retail customers tinkering on this and that. My boss finally gave me the go ahead to configure a couple of machines for us to use in the shop which means I wont have to use the laptop anymore to get on the Internet and do my job. OH YEAH!! Go Goodwill , LOL.... I had a volunteer named Dave who came in to help all day Saturday which was nice. Dave is sponsored through a program called Americorp which is the American alternative to Peace Corp which is International. Dave told me that he lives in Michigan and that he spends a period of time traveling around the US doing volunteer work. When he is finished he will have 5,000.00 put into a college fund. Dave lives in Michigan and will be going home for the first time since Christmas of last year. Dave was an EXCELLENT worker who helped me completely clean up the shop and many other things. I found myself wishing that our work experience people were half as helpful as Dave was. Oh well.....

On another unrelated note I found myself fighting with my Pocket PC , USB and MS Active Sync last night. I could not get my Pocket PC (Ipaq) to synch with my computer. They just would not connect. Grrrrrr. So, for an hour last night I kept rebooting my computer, switching USB ports, uninstalling and reinstalling the MS Active Synch software. To no avail. I finally thought "I wonder if I need to do a soft reset on my Ipaq to see if that will help". Sure enough, did a soft reset on the Ipaq, plugged it into the cradle and it was a USB marriage made for success. MS Active Synch did its thing and I am once again united with updated information from Outlook 2003. Wahooooo....