Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Wi-Fi concerns

  1. #1
    Join Date
    Jan 2010
    Beans
    Hidden!
    Distro
    Ubuntu

    Wi-Fi concerns

    Dear Ubuntu community,

    If I enable Wi-Fi on my laptop and use a public Wi-Fi hotspot at an airport, will a firewall such as UFW be enough to stop hackers accessing my personal files which are NOT transmitted over the Wi-Fi connection?
    Last edited by oshirowanen; January 25th, 2010 at 12:59 PM.

  2. #2
    Join Date
    Feb 2006
    Beans
    457

    Re: Wi-Fi concerns

    oshirowanen,
    If just browsing the net and not accessing personal files then a quick boot from a liveCD will allow you to browse and surf without too much fear of snooping.

    Browsing with the NoSript, BetterPrivacy and Adblock+ extensions enabled makes you safer still.

    Keeping personal data encrypted within something like a truecrypt container will keep it safe from prying eyes.

    I do believe that the default settings of the Ubuntu firewall are pretty safe but you can always amend them to suite your needs. I am sure someone with more firewall knowledge than I will be along in a moment to offer further advice.

  3. #3
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Wi-Fi concerns

    Firewall or not, there are no services installed by default which would allow anyone to retrieve your files remotely. They can only eavesdrop on the data you send/receive. If you installed some kind of server, then you may have a problem.

  4. #4
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Wi-Fi concerns

    If you are that paranoid, you could always tunnel all brower traffic over an SSH tunnel when connecting to public hotspots. That way traffic is encrypted and can't be decrypted if there is someone on the network with a packet sniffer.

    I'd do that if I used hotspots.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  5. #5
    Join Date
    Jun 2008
    Location
    Colombia
    Beans
    443

    Re: Wi-Fi concerns

    If your firewall is well configured, it will stop them from accessing your machine, however that alone won't stop them from snooping around what you do on the internet. Using https, they can tell what sites you visit, but they can't tell what you're looking at exactly, however they can see the traffic that's not encrypted, such as http sites. If you got a machine at home, I'd suggest establishing a ssh tunnel and sending all your traffic through that tunnel.

  6. #6
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Wi-Fi concerns

    Quote Originally Posted by oshirowanen View Post
    Dear Ubuntu community,

    If I enable Wi-Fi on my laptop and use a public Wi-Fi hotspot at an airport, will a firewall such as UFW be enough to stop hackers accessing my personal files which are NOT transmitted over the Wi-Fi connection?
    To add to the conversation ...

    A default installation of Ubuntu has no significant servers listening for incoming connections, so, unless you install a server of some kind, hackers crackers can not access your personal files.

    If you use wireless, your packets travel through the airwaves and can be received by anyone.

    Assume any unencrypted traffic (http, ftp) is not private.

    If you *must* connect to a bank site or other private use https (ssl).

    If you wish to encrypt all your traffic, use VPN or SSH.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  7. #7
    Join Date
    Oct 2005
    Location
    Al Ain
    Beans
    8,076

    Re: Wi-Fi concerns

    Howdy,

    Yes your files on your local system are OK, but there are other things to worry about.

    As mentioned above, all your network traffic is open to the world unless you use encryption such as HTTPS. So, what you need to worry about is your username and password when you access your email using a web browser.

    Google email is now accessible using HTTPS, but they seem to have bigger backdoor problems. The important thing is that you should never use your email password for anything else, since it is typically a totally insecure service snoped by all and sundry. Never, ever use your email password for your bank for example!

  8. #8
    Join Date
    Apr 2008
    Location
    Far, far away
    Beans
    2,148
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Wi-Fi concerns

    I would take that a step further and say "never enter any email passwords (and possibly others)" while surfing via an open connection. You have to remember that if someone snoops your email password then it's often very easy to visit other sites and request password change (forgotten password) such that the site will send you a new one or provide a form to create a new one. So getting access to your email is often as good as getting the ability to change any other passwords for accounts associated via your email. This can even be domain name control and certificate issuance. So it's a bigger threat than you would expect.

    If you use Thunderbird/Evolution then be sure to config all accounts to use tls/ssl based pop/imap. This will ensure user/password info is sent over ssl links only. Gmail has had this mandatory for a long time but many other email providers (ISPs!) still use pop3 unsecure access. Change that!

    Read up on using ssh as a secure proxy. -D option - it is very powerful and easy to use for secure surfing.

  9. #9
    Join Date
    Jul 2006
    Location
    Scotlands biggest region
    Beans
    Hidden!
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Wi-Fi concerns

    I`m certainly no network security expert but knowing how relatively simple it is to grab passwords & stuff off a network, https/ssl included, i think i`d just stick with the assumption that there could well be some little skiddie sitting with the relevant software carrying out all kinds of mitm attacks on the Wifi spot in question.
    http://ubuntuclips.org/videos/4

    For the lazy readers

  10. #10
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: Wi-Fi concerns

    Quote Originally Posted by xpod View Post
    I`m certainly no network security expert but knowing how relatively simple it is to grab passwords & stuff off a network, https/ssl included, i think i`d just stick with the assumption that there could well be some little skiddie sitting with the relevant software carrying out all kinds of mitm attacks on the Wifi spot in question.
    A MITM attack can only work with a CA-signed SSL certificate if the user is dumb enough to make a security exception when their browser gives them a very scary warning about an invalid or unsigned certificate.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •