WiFi

Post by **Saxman** » Tue Aug 28, 2007 3:59 pm

How unsafe are wireless hotspots or using random wireless signals one finds around town? I stopped in at Cosi to get a drink and use their signal but their router is down so I am using some random linksys signal. I have Norton firewall on and Webroot Spysweeper running. I am assuming a skilled hacker can get into anyone's laptop.

Post by **SCIN** » Tue Aug 28, 2007 4:16 pm

Just be sure you're not connecting to an "evil twin". It's very easy for me to sit in an airport and have my laptop act as a wireless access point. You connect to my laptop (thinking you're connecting to an access point) and all of your traffic goes through my laptop then off to the real wireless access point (my signal is stronger which is why you picked me up first). You go to your bank's site, I intercept and throw up a spoofed SSL cert. You ignore the invalid hostname warning, click next, and log on. I now have your online banking credentials.

Also, be aware that people in the UK are getting fined/sentenced for accessing "private" wifi access points now without permission. It could trickle to the US anytime soon.

Post by **Saxman** » Tue Aug 28, 2007 4:20 pm

"Turn off the ad-hoc mode (which lets other clients connect directly to you!"
I checked my settings and ICS was already disabled.

Post by **ReachHigh** » Tue Aug 28, 2007 4:21 pm

you bring up a good point and one of many reasons I vpn when ever I'm using public wifi.

Post by **SCIN** » Tue Aug 28, 2007 5:02 pm

ad-hoc mode won't prevent the evil twin. The evil twin (assuming it's my laptop) will appear as just another hotspot to you. I can set the SSID to "Cingular". You connect to me, I proxy your traffic and game over. VPN is a good defense since it's tough to do a MITM attack on an IPSEC connection. However SSL VPNs are becoming popular so soon it'll be easier to do a MITM attack on VPN connections. Always hard code the MAC address of the default gateway too if you're using a public wifi access point. That'll prevent someone from poisoning your ARP cache with the MAC address and doing the same type of MITM attack.

Post by **ScrmnPeeler** » Tue Aug 28, 2007 7:51 pm

Sometimes you computer guys scare the shit out of me.

Post by **Steve** » Tue Aug 28, 2007 8:18 pm

Interesting....if I knew what half that stuff means.

Post by **Zspider** » Tue Aug 28, 2007 9:00 pm

I use whatever wireless I can get anywhere. I just don't bank or do credit card orders that way.

ZSpiddy

Post by KD » Tue Aug 28, 2007 9:11 pm

if somebody hacked into my computer from a wireless i'd kick them in the nuts!

Post by **SCIN** » Tue Aug 28, 2007 9:52 pm

Total Fucking Muggle wrote:I use whatever wireless I can get anywhere. I just don't bank or do credit card orders that way.

Total Fucking Muggle

That's fine but be prepared to pay the price soon. Just because the door is unlocked doesn't mean you can walk in.