The insecurity of wireless data networks has been exposed in a sweep through the heart of Auckland.
Armed with a laptop and a wireless card, a joint Computerworld-PC World team was able to sniff out almost 30 wireless LANs, only four of which were secured.
One network, identified as "ACG Admin", not only allowed access to its network but allowed the team to log on to a remote web server.
"It gave us an IP address and from there we could connect to John's web server which is under his desk," says David Robb, senior network engineer at Ihug who, along with John Russell, operations manager for Call Plus, provided technical expertise for the exercise.
"We could have surfed the net, downloaded whatever we wanted and whoever runs ACG Admin would have footed the bill," says Robb.
Clothing chain Hallenstein's had just finished installing its new wireless LAN when we managed to log on to it. Financial controller Graeme Popplewell was not impressed. "Well I suppose you've got us there."
Popplewell was under the impression the connection was secured with the encryption package Wireless Equivalent Privacy, or WEP. "I guess I'll be taking my laptop for a stroll along Queen Street myself."
As Computerworld's deadline approached, Popplewell said the problem had been fixed. "You should try it again and see how we get on."
Hallenstein's was far from the only system unsecured, however. Two networks were still using default administrator names.
"Tsunami" is the default name for Cisco LAN products. Robb says the team found two networks called Tsunami in downtown Auckland.
SNLHSBC, WaveLAN Network, papasmurf007, NMDEMO001, WalshesCOR and Jetset House all allowed us to establish connections to their networks.
Wireless LAN security should be a concern for network managers planning wireless services as the networks run on 802.11 - the protocol which uses unlicensed spectrum over which anyone in New Zealand can run a connection.
"There were four networks that were WEP-enabled," says Robb. Although cases have been reported overseas in which WEP has been broken, Robb says it is the bare minimum a wireless network should have. "It's far from perfect but it does slow them down".
Those four networks, which included Compaq head office as well as two Datacom-run networks, demanded a user name and password and wouldn't accept any default passwords tried by our two experts. Microsoft, which also runs a wireless LAN, didn't even reveal itself on the day of the test.