[mapserver-users] Interesting Implementation of Mapserver

Hopper nathanh at broszengineering.com
Tue Aug 13 16:08:08 EDT 2002 

Here's the text of a message from the Politech mailing list, a list devoted
to electronic privacy, technology news.
The implementation of MapServer is fairly standard, so far as I can discern,
but unique because of its content. Perhaps the most interesting compontent
of the setup is that the content is user-generated. This seems to deviate
(slightly) from the general MapServer paradigm, where content generation is
fixed by a supervising party.

I'm curious what other users have had success with user-generated content,
and what pitfalls have been encountered.

The URL:
http://mapserver.zhrodague.net/

Caveat lector: there's some profanity, not egregious mind you, but it might
not be workplace safe.

The forwarded email:
---------------------------------------------------------------------
This letter is from last month but we haven't covered it on Politech
before. Read it carefully: The FBI claims that using an open 802.11
access point without explicit authorization may be a federal crime
("theft of services").

-Declan

---

From:    Bill Shore [mailto:billshore at fbi.gov]
Sent:    Monday, July 08, 2002 9:56 AM
To:      billshore at fbi.gov
Subject: Wireless networks - Warchalking/Wardriving

          It has recently been brought to my attention that
individuals/groups have been actively working in the Pittsburgh area
as well as other areas of the United States including Philadelphia,
and Boston, and the rest of the world for that matter, to identify
locations where wireless networks are implemented.  This is done by a
technique identified as "Wardriving."  Wardriving is accomplished by
driving around in a vehicle using a laptop computer equipped with
appropriate hardware and software http://www.netstumbler.com/ to
identify wireless networks used in commercial and/or residential
areas.  Upon identifying a wireless network, the access point can be
marked with a coded symbol, or "warchalked."  This symbol will alert
others of the presence of a wireless network.  The network can then be
accessed with the proper equipment and utilized by the individual(s)
to access the Internet, download email, and potentially compromise
your systems.  In Pittsburgh, the individuals are essentially
attempting to map the entire city to identify the wireless access
points, see here,


http://mapserver.zhrodague.net/cgi-
bin/mapserv?mode=browse&layer=all&layer=q
uadsheets&layer=borough&layer=roads&layer=ap&zoomdir=1&zoomsize=2&imgxy=458+
165&imgext=-80.175489+40.268422+-79.733217+40.621536&map=%2Fmnt%2Fhog%2Fwebs
ites%2Fmapserver%2Fpublic_html%2Fpa%2Fpgh.map&savequery=true&program=%2Fcgi-
bin%2Fmapserv&map_web_imagepath=%2Fmnt%2Fhog%2Fwebsites%2Fmapserver%2Fpublic
_html%2Ftmp%2F&map_web_imageurl=%2Ftmp%2F&img.x=250&img.y=197.


Also, check this article from pghwireless.com,
http://www.pghwireless.com/modules.php?name=News&file=article&sid=19

          Identifying the presence of a wireless network may not be a
criminal violation, however, there may be criminal violations if the
network is actually accessed including theft of services, interception
of communications, misuse of computing resources, up to and including
violations of the Federal Computer Fraud and Abuse Statute, Theft of
Trade Secrets, and other federal violations.  At this point, I am not
aware of any malicious activity that has been reported to the FBI here
in Pittsburgh, however, you are cautioned regarding this activity if
you have implemented a wireless network in your business.  You are
also highly encouraged to implement appropriate wireless security
practices to protect your information assets,
http://www.cert.org/research/isw/isw2001/papers/Kabara-31-08.pdf

          There are several articles available with additional details
including http://www.warchalking.org as well as
http://www.pghwireless.com.  A copy of the coding symbols is attached
in .pdf format.  If you notice these symbols at your place of
business, it is likely your network has been identified publicly.

          If you believe you may have been compromised or if you have
any questions regarding this activity, you are encouraged to contact
the appropriate law enforcement agency.  The FBI office in Pittsburgh
and High Tech Crimes Task Force can be contacted at 412-432-4000.


<<warchalk.pdf>>
Bill Shore
Special Agent
FBI-Pittsburgh
3311 East Carson Street
Pittsburgh, PA 15203
412-432-4395
billshore at fbi.gov

-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------




------
EOF

More information about the mapserver-users mailing list