Me and a friend were playing with ad hoc networking from our laptops at school on friday and we found something that might be problematic. I'll need to run a few more trials to get a clear understanding of whats going on but here's a preliminary explanation.

this is the potential attack scenario: first thing I do is trick someone into connecting to my machine ad hoc. I can do this by using the same ssid as a trusted hotspot and hope they pick mine, or if I know the ssid of one of the accesspoints they connect to automatically, like the router at there house etc, I can use that ssid and as long as we're out of range of that router (like at school or a library or something) it will connect to me (this worked with winxp home sp2) ... he wont have an internet connection, as its just an ad hoc connection, i'm going to try figuring out how to bridge two interfaces to allow for internet connectivity... but regardless... here's the weird part: lets say he turns off his machine... goes for a walk to the park... has a seat at a picnic table... there's no hotspots in range, he opens up his machine not expecting to have any connectivity... maybe he turns his firewall/antivirus off to play some game or something cause he doesn't thnik he has anything to worry about. Whats weird is that winxp will automatically start broadcasting that ad hoc network from his machine...

I can connect to it, his machine assigns me a 169.254.x.x apipa IP and I have connectivity to hist host!

Sorry if this post is a little mungy, I'm on a bus.