Skip to comments.
Don't fall victim to the 'Free Wi-Fi' scam. Those wireless connections could be a trap
ComputerWorld ^
| January 19, 2007
| Preston Gralla
Posted on 01/26/2007 9:55:50 AM PST by John Jorsett
The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware -- you may end up being victimized by the latest hot-spot scam hitting airports across the country.
You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.
If you're a Windows Vista user, you're especially susceptible to this attack because of the difficulty in identifying it when using Vista. In this article, you'll learn how the attack works and how to keep yourself safe from it if you use Windows XP or Vista.
(Excerpt) Read more at computerworld.com ...
TOPICS: News/Current Events
KEYWORDS: firewall; network; networking; routers; spam; spyware; technology; wifi; wireless
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 last
To: stuck_in_new_orleans
To: CedarDave
Thanks for posting that link!
To: CedarDave
To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...
44
posted on
01/27/2007 7:32:42 AM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: John Jorsett
How about if the city offers free wi-fi?
45
posted on
01/27/2007 8:33:47 AM PST
by
Jedi Master Pikachu
( WND, NewsMax, Townhall.com, Brietbart.com, and Drudge Report are not valid news sources.)
To: John Jorsett
Bump to that. Not everybody can be computer whizzes.
46
posted on
01/27/2007 8:35:23 AM PST
by
Jedi Master Pikachu
( WND, NewsMax, Townhall.com, Brietbart.com, and Drudge Report are not valid news sources.)
To: John Jorsett
Its all over Atlanta not just in airports.
47
posted on
01/27/2007 9:34:52 AM PST
by
gondramB
(It wasn't raining when Noah built the ark.)
To: HawaiianGecko
Aren't you opening yourself up to potential problems like child pornography? If one of the guys in the boat does anything illegal with your connection, it will be traced back to you.
In a lot of instances like this, you are guilty even if you can prove your innocence.
To: stuck_in_new_orleans
HG |
All routers are different, but somewhere in your setup authentication type can be selected. If Shared Key is selected, the Access Point will not be seen on the wireless network except to the wireless clients that share the same WEP key with MAC Addresses "allowed access" as specified in a "Filter List" you determine. In other words you can tell your router specifically what MAC addresses are allowed on your network and even then they still have to have your WEP key to connect. If Open System is chosen, only the wireless clients with the same WEP key will be able to communicate on the wireless network, but the Access Point will be visible to all devices on the network. As far as I know most routers ship in Open System mode, which is still very secure. This article isn't about the security of your network, it's about how people will freely broadcast their personal information over some one else's router where your information can be captured. Of course we all broadcast over thousands of routers all of the time, but there is a certain feeling of security when it's AT&T, Sprint, Time Warner, Comcast, Charter etc. owning these routers. There are security issues surrounding the giants too, but that's another issue. Securing you home network is really the most imperative goal. If your network is secured, then someone connecting to your router isn't that big of a deal. Keep in mind that having a secured router doesn't stop outside vermin from infecting your machine. I can't explain this nearly as well as Steve Gibson: Below is the most typical security hole in computers shipping today and frankly for the last 12+ years. Gibson has a tutorial and directions for securing your computers/network at. http://www.grc.com this information is more specifically at http://www.grc.com/su-bondage.htm
Understanding Adapter, Protocol, and Service Binding
The key to taming your computer's network configuration is understanding what is meant by "binding". For example, we say that a network adapter is bound to TCP/IP or that NetBEUI is bound to File and Printer sharing.
The clearest way of visualizing these "binding" relationships is to organize the various network components into three layers:
The Network Services Layer contains client and server services which are used by the local machine's software: |
|
Client for Microsoft Networks |
|
|
|
File and Printer Sharing for Microsoft Netwk |
|
|
|
|
|
|
|
|
The Transport Protocol Layer contains protocol drivers that implement various network communication protocols: |
|
|
|
|
The Hardware Adapter Layer contains the actual peripheral adapters which connect the system to the external world: |
|
As you can see from this layered perspective, the components in each network layer are isolated and insulated from the components in other layers. The process known as "binding" bridges the layer boundaries to interconnect pairs of individual components residing in adjacent layers.
Faithful to Microsoft's typical philosophy of "we're going to turn everything on so you won't ask us how to", the default bindings for a system with the components shown above would look like this mess: In other words ... By default EVERYTHING on each layer is BOUND to EVERYTHING on the adjacent layer!Each red line above represents one "binding" between two network components on adjacent layers. This "binding" allows the two "bound" network components to communicate with each other. The diagram above shows a system with eighteen network bindings.
You don't need to be a rocket scientist to easily see why this is unsafe: The insecure Microsoft networking components the Client for Microsoft Networks and File and Printer Sharing are bound to the Internet's worldwide routable TCP/IP protocol, and the TCP/IP protocol is bound to ALL of the system adapters! Thus, anytime this system has any contact with the Internet, the machine's guts are spilling out for the whole world to access! By comparison, the following binding diagram shows a deliberately minimal binding configuration that provides all the communication required by most Internet users and no more! (Note that this "ultra-minimal" binding is not recommended due to a bug in all versions of Windows 9x ... but more about that on the next page.) As you might imagine, this configuration is much more secure. And what's amazing is that it still does everything that's needed but nothing more. As you can see, there's NO WAY for the unsafe Microsoft services to touch the Internet!
To provide for safe Internet communication, the system's TCP/IP protocol is bound to the interfaces that have contact with the Internet. Since the various Internet-using clients like web browsers, eMail and FTP clients, and so forth, do not use or need the Microsoft Networking services, there is absolutely no need to bind those Microsoft services to the Internet's world-wide routable TCP/IP protocol. (They should never have been!)
And what about that stranded IPX/SPX protocol component that's no longer hooked up? Since it's no longer connected to anything it will disappear all by itself after a reboot. |
|
49
posted on
01/27/2007 7:38:58 PM PST
by
HawaiianGecko
(Victory goes to the player who makes the next-to-last mistake.)
To: John Jorsett
To: JeffAtlanta
hg |
Aren't you opening yourself up to potential problems like child pornography? No. I'm just one hop in a series of many hops from the point of origin to a floating laptop. I have no more liability than any other node. While it is something I did inquire seriously about, you can ask yourself these simple questions and come up with a common sense answer: Do Starbucks and Denver International Airport have these same potential problems? Do you imagine they had an opinion from their counsel? And finally why would my liability be any more severe than theirs? You are guilty even if you can prove your innocence. I just had dinner with a rather scholarly judge this evening and I bounced your question off of her thinking that maybe something had changed in the law over the last few years. She responded, and I quote: "Your reasoning is correct [HG], but tell me, where in this country is a man guilty even though his innocence can be proven?" As a humorous anecdote I just directed a fellow freeper in this very thread to this site: http://www.grc.com/su-bondage.htm It's not what it sounds like, trust me. |
51
posted on
01/27/2007 7:45:04 PM PST
by
HawaiianGecko
(Victory goes to the player who makes the next-to-last mistake.)
To: John Jorsett
Use a WEPA-encrypted secure connection AND never give out your home network password to anyone. And keep your hardware firewall turned on and you should be safe from hackers and the nasties.
52
posted on
05/11/2007 6:57:22 PM PDT
by
goldstategop
(In Memory Of A Dearly Beloved Friend Who Lives In My Heart Forever)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-52 last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson