Yes, you can do that.  I'm just saying that if it's a company that is wide open, you are leaving 
yourself vulnerable to legal issues.  Brings to mind some adage about walking down the street and 
checking doorknobs to see if any of them are unlocked.  You may not get in trouble as long as you 
are not carrying burglary tools (crowbar, screwdriver, Kismet, John the Ripper, crack, l0phtcrack). 
  I know that police drive through neighborhoods looking for open garage doors (saw a tv news item 
on this).  A LOT of people enter the garage w/ a vehicle and forget to close the door allowing any 
burglar free access.  The police then stop and warn people of this danger.  

I'm just saying you don't have a Hacker Cop badge and you may be held suspect at least temporarily. 
 The anonymous note that can't link back to you may be the best practice.  Send them a link on how 
to change from default user/password and how to set up WEP on the brand of firewall/router they 
have.

Brian Kelsay

>>> jonathan <> 04/15/04 12:05PM >>>
I'm not saying this is a good bad thing, but if you port scan a range of
ip's, and you find half the waps, have port:8080 open....And you can
login with default login....I feel that an anonymously letter would be
just fine....I think there might need to be some way that we can try to
help ppl. and get them to change that stuff to none default username and
passwords, with WAN access off. 

dj_goku