User Tools

Site Tools


3-15-2017-all-infosec-social-infosec-roundtable

Due to a last minute speaker cancellation, we did a roundtable discussion of various topics. There were a few new people.

A lot of the discussion focused around legalese of wiretapping & what is legal or not legal about running a rogue AP, picocell, or the like. Here's some relevant copy-pasta from Eric:

So what we were talking about with Brian is covered in 18 USC § 2511(2)(a)(i)
Ref link: https://www.law.cornell.edu/uscode/text/18/2511

The summary states that you can monitor the traffic on your own network;
for the purposes of protecting rights and property. 
That activity is not a violation of the wiretap law.  

You can't, however, transmit a signal that spoofs another legitimate signal;
in order to hijack a connection.  For example, purporting yourself to be:
"Starbucks" or "CableWiFi" or "Boingo" for the purposes of diverting a legitimate connection
to one of those sites, instead to your own system is still a violation.

That's why we were talking about leasing a legitimate service or arranging to host...
a WiFi access point for another legitimate service, that you could then monitor the equipment...
under the operator/agent exception to the Wiretap Act.

Edit - Still waiting on feedback from Eric about some of the pico products he showed a few people. Waiting on input from Jim regarding the information he had on LNP & LE requests.

Additional Resources

Here are some additional resources if you want to learn more about this subject.

Link Description
IT Law Wiki Should be some useful information here in reference to wiretapping & other neat topics
ISPSupplies For … reasons
Local Number Portability About LNP
.
3-15-2017-all-infosec-social-infosec-roundtable.txt · Last modified: 2017/03/17 16:29 by darksim905