- Is Microsoft preparing us to move beyond Vista?
- Why Google wanted to lose wireless spectrum auction
- iPhone shortage fuels rumors of imminent 3G phone
- XP for cheap PCs: a second crack in the wall
- Darts into data: Leveraging random action to competitive advantage
- Most iPhone buyers are existing Apple customers
- AT&T's so-called open network principles
- Mono dev tool offered
- ActiveState upgrades IDE
- Serena plans SaaS products
July 12, 2004 | Comments: (0)
Honey pot exploit foiled
Although it happened last May, news of what looked like a classic hacker exploit at Microsoft's TechEd conference is just coming out now.
Using AirMagnet, a WiFi LAN management application, Microsoft network security people detected something interesting happening on the show floor. There was a roving outage on the WLAN.
As best they could determine someone was running a wireless DHCP [Dynamic Host Configuration Protocol] server on a laptop in a backpack walking up and down the aisles. It had the effect of sending user traffic to his laptop.
In the parlance of the day it's called a honey pot, trying to snag traffic going someplace else, and the hacker is giving you a bad address which is his.
Microsoft dispatched people using the AirMagnet software on handhelds and laptops finally cornering the perpetrator who had innocuously secreted himself in the corner of a large room off the show floor.
Sounds like a dangerous character but actually it turned out to be fairly harmless, according to the Microsoft official I spoke with who was on the scene.
It seems the fellow did indeed have a laptop but he also had a booth at the show and his corporate IT people set him up with a wireless AP and the wireless DHCP server. According to the Microsoft official, who I spoke to without his or her ubiquitous PR handler in tow and so it is best not to name him or her, his laptop had two protocols installed. When he closed it it became the wirless DHCP server.
He set his laptop up at the booth but every time he closed the lid to talk to someone he would lose his IP address. Trying to figure out what was wrong with his system, he stowed the laptop away in his backpack and went looking for a quiet spot to investigate.
Meanwhiel Microsoft people determined, by the strength of the signal, the area it was operating out of, narrowing down the location of the rogue server to one corner of a large lunch room with hundreds of people sitting at tables, most of them with laptops.
Once narrowed to one small area, they went round and politely asked individuals if they were having any trouble with their network. When the alleged perpetrator said yes, they inquired if they might look at his laptop.
Problem solved.
See, it's like my mother always told me, you catch more flies with honey, or something like that.
Posted by Ephraim. Schwartz on July 12, 2004 09:32 AM
RATE THIS ARTICLE:
-
- COMMENTS
TOP STORIES
ADDITIONAL RESOURCES
- Virtual Machines: Sun's xVM Virtualization Portfolio
- Migrating to Vista
- Turning Information Into A Competitive Advantage
- Speeding Business Innovation with Data Center Transformation
- Security and Trust: The Backbone of Doing Business over the Internet
- Forrester Data Center Automation
- Protection for Remote Sites and Branch Offices
- WAN Emulation Sponsored Solutions Guide
- Planning For A Disaster
IT JOBS
