Results 1 to 10 of 13

Thread: Connecting to unknown wireless networks

Hybrid View

  1. #1
    Join Date
    Oct 2008
    Location
    /var/log/uk :-)
    Beans
    211
    Distro
    Ubuntu 12.04 Precise Pangolin

    Connecting to unknown wireless networks

    Hi all,

    If I connected my netbook to a wireless network in some sort of event where they put on free wifi for you, what in theory could someone do to my netbook? Firewall would be on, fully updated Ubuntu 12.04.

    I realise that in a wpa/wpa2 network that is using a key, the data between me and the router/ap is encrypted. Am I missing something else that is obvious and a security risk?

    I’m interested to see what sort of answers come back, I feel I have a good handle on wireless security but this question has just popped into my head.

  2. #2
    Join Date
    Jul 2008
    Location
    Canada
    Beans
    1,969
    Distro
    Ubuntu Development Release

    Re: Connecting to unknown wireless networks

    I have used free wifi but only through a VPN with FF. I have add-ons like No Script and Better Privacy. I usually disable Java as well. I had no issues to date.
    UsingTheTerminal

    Smile today, cry tomorrow!
    ( Read this everyday )

  3. #3
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    Quote Originally Posted by mr-woof View Post
    Hi all,

    If I connected my netbook to a wireless network in some sort of event where they put on free wifi for you, what in theory could someone do to my netbook? Firewall would be on, fully updated Ubuntu 12.04.

    I realise that in a wpa/wpa2 network that is using a key, the data between me and the router/ap is encrypted. Am I missing something else that is obvious and a security risk?

    I’m interested to see what sort of answers come back, I feel I have a good handle on wireless security but this question has just popped into my head.
    WPA/WP2 can be brute force without dictionary (proof is here).

    Once the hacker associated with the wifi router, s/he can attack any computer within the subnet with Man-in-the-Middle attack (MiTM). Or, by other means.

    Meanwhile, it is also risky to use so-called "Free wifi" in the public area when you do not sure the said "Free wifi" is setup by the hacker or not.

    In additon, hackers can bypass the firewall too.

    Samiux

  4. #4
    Join Date
    Oct 2008
    Location
    /var/log/uk :-)
    Beans
    211
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    Interesting, thanks for the links. So, how would an attack bypass your firewall?

  5. #5
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    Quote Originally Posted by mr-woof View Post
    Interesting, thanks for the links. So, how would an attack bypass your firewall?
    Firewall is very easy to bypass.

    Samiux

  6. #6
    Join Date
    Oct 2008
    Location
    /var/log/uk :-)
    Beans
    211
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    So you said, how though? Web Exploit? Drive by download ?

  7. #7
    Join Date
    Apr 2008
    Location
    LOCATION=/dev/random
    Beans
    5,767
    Distro
    Ubuntu Development Release

    Re: Connecting to unknown wireless networks

    One of the main worries would be session hijacking.

    This means that anyone using the same network (whether secured or not) can gain access to any of the websites that you are currently logged into using your username without knowing your password if the sites don't use https throughout. From there it is easy enough to change your password or use your online accounts for any purpose they wish.
    Last edited by Cheesemill; October 8th, 2012 at 10:11 PM.
    Cheesemill

  8. #8
    Join Date
    Jan 2008
    Location
    USA
    Beans
    971
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    Quote Originally Posted by samiux View Post
    WPA/WP2 can be brute force without dictionary (proof is here).
    Brute-forcing only works if the AP uses a weak password. Good luck brute forcing my router, which has a random 128 bit password.

    In any case, your point is moot with public open Wifi since it is *supposed* to allow everyone to connect. No brute forcing or WPA cracking necessary.

    Once the hacker associated with the wifi router, s/he can attack any computer within the subnet with Man-in-the-Middle attack (MiTM). Or, by other means.
    This is true. That's why when on public Wifi you must take extra care when visiting sensitive sites (banks and the like). You must ensure the certificate you are seeing really is the bank's certificate. Probably the easiest way to do this is with Firefox add-ons. Certificate Patrol will store certs you trust and then alert you whenever they change. That would be one method of detecting MiTM. Another is Convergence. A third option would be to bypass the Wifi and only use it to connect to your own private VPN. You can set one of these up on your home router and then ssh into it whenever away from home. This will give you a secure tunnel.

    Meanwhile, it is also risky to use so-called "Free wifi" in the public area when you do not sure the said "Free wifi" is setup by the hacker or not.

    In additon, hackers can bypass the firewall too.

    Samiux
    Puiblic Wifi is fine. I would just be careful about doing online banking or any other private stuff unless you are connecting to a private VPN or are very careful with certificate checking.
    Occam's Razor for computers: Viruses must never be postulated without necessity -- nevius

    My Blog

  9. #9
    Join Date
    Oct 2008
    Location
    /var/log/uk :-)
    Beans
    211
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Connecting to unknown wireless networks

    Thanks for the info guys, I'll have to look into Firesheep in more depth.

    Regarding the ssh tunnel, I've got a ssh server that I can use as a secure tunnel for web browsing etc, I think I'll get that ready if I need to connect to any event wifi.

    I've not heard of ssl-strip before, this seems to clear things up a bit:

    http://security.stackexchange.com/qu...slstrip-attack

    Edit: Reading Hungry mans comments again, how would it be possible for an attacker to interact with any local services running on your system if your firewall etc is up and running?
    Last edited by mr-woof; October 9th, 2012 at 11:02 AM.

  10. #10
    Join Date
    May 2012
    Beans
    290
    Distro
    Ubuntu Development Release

    Re: Connecting to unknown wireless networks

    Quote Originally Posted by mr-woof View Post
    Edit: Reading Hungry mans comments again, how would it be possible for an attacker to interact with any local services running on your system if your firewall etc is up and running?
    By packet sniffing? I would use encryption to prevent an unauthorized user intercepting network traffic, especially on a public Wi-Fi network. As mentioned by rookcifer its safer to connect through a private VPN on a public Wi-Fi network.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •