Searching \ for '[OT] free wi-fi scam' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=free+scam
Search entire site for: 'free wi-fi scam'.

Exact match. Not showing close matches.
PICList Thread
'[OT] free wi-fi scam'
2007\02\12@154854 by alan smith

picon face
Interesting article on wifi scams at public places (ala airports..free wi-fi)
 
 
 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9008399&pageNumber=1




---------------------------------
Bored stiff? Loosen up...
Download and play hundreds of games for free on Yahoo! Games.

2007\02\12@160701 by peter green

flavicon
face


> -----Original Message-----
> From: spam_OUTpiclist-bouncesTakeThisOuTspammit.edu [.....piclist-bouncesKILLspamspam@spam@mit.edu]On Behalf
> Of alan smith
> Sent: 12 February 2007 20:46
> To: Microcontroller discussion list - Public.
> Subject: [OT] free wi-fi scam
>
>
> Interesting article on wifi scams at public places (ala
> airports..free wi-fi)
it should be noted that it is perfectly feasible for an attacker to set up an infrastruture mode network too (though it is more specialist)

also someone can sit on a public infrastructure mode network and run thier own dhcp server, they won't get everyone but they will undoubtablly get some.

ultimately the real lessons are

1: don't use anything unencrypted on a wireless link if you can possiblly help it
2: don't use IE (its ssl support is broken in a way that allows man in the middle attacks iirc)
3: make sure you don't have windows filesharing availible over your wireless link unless you can possiblly help it.



2007\02\12@160909 by Peter Todd

picon face
On Mon, Feb 12, 2007 at 12:46:25PM -0800, alan smith wrote:
> Interesting article on wifi scams at public places (ala airports..free wi-fi)

Interesting, but the advice to stay away from "ad-hoc" networks is
terrible. It's every bit as easy to pull the same scam in infrastructure
mode, all you need is to use either a more advanced network card, or
simply use a wireless router like one of the Linksys ones with linux.

Basically, the advice lulls you into a false sense of security. The real
way to stay secure is to make sure to use encryption, and lots of it. If
you are really worried, setup your computer to do everything via a vpn
network.

--
http://www.petertodd.ca

2007\02\12@183438 by Philip Pemberton

face
flavicon
face
alan smith wrote:
> Interesting article on wifi scams at public places (ala airports..free wi-fi)
>   http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9008399&pageNumber=1

HAHA! Give me a pair of Ralink RT61-based WiFi cards and a Linux laptop and
I'll show you how to do it *PROPERLY*. As in, set up a compromised
infrastructure-mode AP that sniffs passwords and performs MITM attacks on SSL
connections. Go read up on the SerialMonkey Ralink drivers, HostAP mode, and
Ettercap. If you feel like it, Irongeek's Wall of Social Science Majors script
is fun to set up.

Seriously, the best plan is to tunnel everything through SSH to a known-safe
machine elsewhere. Write down the server's key fingerprint on a business card
and keep it in your wallet - every time you connect, check the signature. Send
all web traffic through the SSH tunnel to a proxy server on the other side
(read: run Tinyproxy on the SSH server) and use that to browse the web. Email?
Run Fetchmail and an IMAP or POP3 server on the SSH box.

To complete the solution, install a firewall on your machine (I'd suggest
Sygate Personal or Zone Alarm on Windows, or IPTables on Linux). Set it to
'fully locked down' mode, and only turn it off when you're on a trusted
network (i.e. at home).

--
Phil.                         |  (\_/)  This is Bunny. Copy and paste Bunny
piclistspamKILLspamphilpem.me.uk         | (='.'=) into your signature to help him gain
http://www.philpem.me.uk/     | (")_(") world domination.

2007\02\12@191150 by Danny Vacar

picon face
The easiest way to keep you computer safe in this case is to LOOK at the
icon beside the connection. Windows can recognize it as a peer-to-peer to
network so just don't connect.

Simple as that.

On 2/12/07, Philip Pemberton <.....piclistKILLspamspam.....philpem.me.uk> wrote:
{Quote hidden}

> -

2007\02\12@192057 by peter green

flavicon
face
> The easiest way to keep you computer safe in this case is to LOOK at the
> icon beside the connection. Windows can recognize it as a peer-to-peer to
> network so just don't connect.
>
> Simple as that.
sure until the bad guys figure out how to run in infrastructure mode.

your advice is basically the same as the articles, it will protect you from the less able attackers but it can also lull you into a false sense of security.




2007\02\12@192904 by Nate Duehr

face
flavicon
face
On 2/12/07, Danny Vacar <danny.vacarspamspam_OUTgmail.com> wrote:
> The easiest way to keep you computer safe in this case is to LOOK at the
> icon beside the connection. Windows can recognize it as a peer-to-peer to
> network so just don't connect.
>
> Simple as that.

A linux box running HostAP drivers on a Prism chipset will look just
like a real AP to you, then.

Good luck with that strategy.

Nate

2007\02\12@194209 by Danny Vacar

picon face
Never had a problem. The system works.

2007\02\15@132746 by alan smith

picon face
gotta remember....this article was really targeted at the normal user...not a bunch of geek computer users like those on this list  :-)

Nate Duehr <@spam@nateKILLspamspamnatetech.com> wrote:  On 2/12/07, Danny Vacar wrote:
> The easiest way to keep you computer safe in this case is to LOOK at the
> icon beside the connection. Windows can recognize it as a peer-to-peer to
> network so just don't connect.
>
> Simple as that.

A linux box running HostAP drivers on a Prism chipset will look just
like a real AP to you, then.

Good luck with that strategy.

Nate

2007\02\15@140932 by peter green

flavicon
face
> gotta remember....this article was really targeted at the normal
> user...not a bunch of geek computer users like those on this list  :-)
doesn't that make it even worse that it's misleading them into a false sense of security.



2007\02\15@141413 by Herbert Graf

flavicon
face
On Thu, 2007-02-15 at 10:27 -0800, alan smith wrote:
> gotta remember....this article was really targeted at the normal user...not a bunch of geek computer users like those on this list  :-)

Yes, it was targeted at what signs a normal user should look for to
AVOID these sorts of things. There is nothing in the article that states
the person pulling the scam has to be a normal user.

The article basically says that any ad-hoc network is suspect, and any
infrastructure network is safe. This is COMPLETELY false, and it's kinda
scary this article was published at all.

TTYL

2007\02\15@165150 by William Chops Westfield

face picon face

On Feb 15, 2007, at 11:14 AM, Herbert Graf wrote:

>
> The article basically says that any ad-hoc network is suspect, and any
> infrastructure network is safe. This is COMPLETELY false...

Isn't it more-or-less exactly half-true?  Any ad-hoc network in an
area where you expect public access IS suspect, isn't it?

BillW

2007\02\15@170505 by Herbert Graf

flavicon
face
On Thu, 2007-02-15 at 13:51 -0800, William Chops Westfield wrote:
> On Feb 15, 2007, at 11:14 AM, Herbert Graf wrote:
>
> >
> > The article basically says that any ad-hoc network is suspect, and any
> > infrastructure network is safe. This is COMPLETELY false...
>
> Isn't it more-or-less exactly half-true?  Any ad-hoc network in an
> area where you expect public access IS suspect, isn't it?

No. Many adapters used to default to an ad-hoc mode if they don't
connect to an infrastructure network. Also, it's common to see ad-hoc
networks in places with lots of computers (i.e. two friends gaming
against each other). While it won't help you by trying to connect to one
of these networks, it also isn't inherently harmful.

While it's true that you probably won't see a "public access" network
using ad-hoc (although technically there's no reason you couldn't set it
up that way), saying ad-hoc=scam is false.

The sad fact is there's very little one can do to avoid this sort of
attack. Even the most computer savy person could be caught by this. My
solution? I do everything over a VPN when using public access. They can
still sniff my packets, but all they'll see are VPN packets, not much
use to them. With the cost of VPN server routers where they are, and
even some free software options, it's not a difficult or expensive thing
to set up anymore.

TTYL

2007\02\15@183655 by Nate Duehr

face
flavicon
face
On 2/15/07, Herbert Graf <KILLspammailinglist3KILLspamspamfarcite.net> wrote:

> The sad fact is there's very little one can do to avoid this sort of
> attack. Even the most computer savy person could be caught by this. My
> solution? I do everything over a VPN when using public access. They can
> still sniff my packets, but all they'll see are VPN packets, not much
> use to them. With the cost of VPN server routers where they are, and
> even some free software options, it's not a difficult or expensive thing
> to set up anymore.

Agreed.

VPN or SSH for everything interactive, on any public network -- and
all mail clients ALWAYS set to use SSL for both send and receive, and
sometimes even SSH tunneling for HTTP.

That's really the only way to fly -- that article was complete crap.

Nate

2007\02\15@191448 by Marcel duchamp

picon face
Nate Duehr wrote:

>
> VPN or SSH for everything interactive, on any public network -- and
> all mail clients ALWAYS set to use SSL for both send and receive, and
> sometimes even SSH tunneling for HTTP.
>
> That's really the only way to fly -- that article was complete crap.
>
> Nate

I'm a VPN newby here.

Can you explain how logging in and connecting to a VPN from say, an
internet cafe over wifi, can be made safe?  How is it that if someone
(phony adhoc network, etc.) sees your packets, that they can't use the
info to get into the VPN themselves?  I'd like to learn more about this.

2007\02\15@200150 by Nate Duehr

face
flavicon
face
On 2/15/07, Marcel duchamp <RemoveMEmarcel.duchampTakeThisOuTspamsbcglobal.net> wrote:

> Can you explain how logging in and connecting to a VPN from say, an
> internet cafe over wifi, can be made safe?  How is it that if someone
> (phony adhoc network, etc.) sees your packets, that they can't use the
> info to get into the VPN themselves?  I'd like to learn more about this.

Depends on the VPN technology used-- but very few send anything
un-encrypted over the "wire"... some use pre-shared keys, some
generate one-time keys via the username/password pair, etc.

The username and password are encrypted and used to authenticate that
it's really you using the VPN, but the encryption of the VPN itself is
(in most implementations) always there... even during login.  It might
switch to a better encryption after the auth session, but the auth is
also encrypted in almost all cases -- or you'd have the problem you
mentioned above -- and it's usually done through private/public key
methods.

Some VPN's add on things like RSASecurID tags -- if you're going for a
much more secure solution... these are a pseudo-random number
generator that's time-synchronized to the VPN router that you carry
around with you in your pocket... your username, password, a PIN
number and the key are all required before you can get in.

The final level of security is bio-metrics... your laptop might have a
fingerprint reader, for example, and the image of the fingerprint is
sent to the VPN router/server in addition to the above...

Thus fulfilling various different levels of "security"...

1. Something you know (username/password)
2. Something you have (key... or one of these little "fobs" that
generates pseudo-random numbers)
3. Something you are (bio-metrics)

Nate

2007\02\16@004729 by William Chops Westfield

face picon face

On Feb 15, 2007, at 2:05 PM, Herbert Graf wrote:

> The sad fact is there's very little one can do to avoid this sort of
> attack. Even the most computer savy person could be caught by this.

I can't wait for the first coffeeshop/whatever to get caught harvesting
customer data for money.  Data privacy isn't necessarily one of the
things I trust to low-paid food service workers.  There's already a
certain reluctance to discuss certain topics "in public"; I'm not sure
why I should be willing to send data across public networks.
(reminds me of a funny story I heard regarding the heavy-duty
Stanford hacker who was waiting tables at a Chinese restaurant in
exchange for cooking lessons, and once went on to correct some
patrons about some obscure behavior of IBM mainframe IO channels...)


> My solution? I do everything over a VPN when using public access.

Hmm.  I can only access work via a VPN.  Are there "private" VPNs
services that let me access "public" web securely?  Free ones?

Perhaps the danger is a bit overstated.   It seems to me that
"financial data sites" and other sensitive connections should already
be operating across (end-end) encrypted web services that are
(hopefully) immune from man-in-the-middle attacks.  And a public
wifi network (even non-free) is inherently public, isn't it?  So if
I have file sharing turned on or aren't up-to-date WRT protections,
I'm still subject to being infected/attacked by the next guy with a
laptop if he can guess or scan or otherwise predict my ip address.
It's no better (nor worse) than plugging into a hardwired ethernet
in a campus computer room...  "infrastructure mode" doesn't mean
that I'm not allowed to send packets to other wireless users on
the same IP, does it?

BillW

2007\02\16@093455 by Larry G. Nelson Sr.

picon face
Hamachi is a free VPN that works great. I use it to connect to my home systems while out.

Larry


---- "William \"Chops\" Westfield" <spamBeGonewestfwspamBeGonespammac.com> wrote:
{Quote hidden}

> --

2007\02\16@101306 by Herbert Graf

flavicon
face
On Thu, 2007-02-15 at 21:47 -0800, William Chops Westfield wrote:
> > My solution? I do everything over a VPN when using public access.
>
> Hmm.  I can only access work via a VPN.  Are there "private" VPNs
> services that let me access "public" web securely?  Free ones?

Don't know about services, but for me I'm talking about getting a VPN
server for your home network, that way all your traffic over the public
segment is VPN, it's basically the same as sitting at home and accessing
the web.

> Perhaps the danger is a bit overstated.   It seems to me that
> "financial data sites" and other sensitive connections should already
> be operating across (end-end) encrypted web services that are
> (hopefully) immune from man-in-the-middle attacks.  

Sure, but what about email? POP3 by default is plain text for
everything, and that's the way most ISPs have things set up. Even web
mail is often plain text by default. Sure, I may not be able to sniff
your password, but if I can read your email I can easily do a "password
reset" with many less secure sites.

I'm not saying you're 100% vulnerable, but there is alot of opportunity
there for someone to steal info from you.

A little more work, but consider this: Someone sets up a WiFi AP in an
airport (either one of the pocket routers, or infrastructure drivers on
a linux machine). When a user connects they get a screen asking for
their credit card details to access the internet over this connection.
Many people will type in these details, and a good percentage of those
won't think it's weird the site also is asking for your SIN and other
details. It's the basic phishing scam, except the people falling for it
percentage is MUCH higher. After you enter your details your internet
connection works. You have NO idea you've been scammed, you entered your
details, and you've got an internet connection. Even the most advanced
and security aware person can be caught by this, and it's child's play
to set up. At the end of the day the scammer has dozens, perhaps
hundreds of known good credit card numbers, along with whatever else
they may have been able to phish out of the people.

> And a public
> wifi network (even non-free) is inherently public, isn't it?  So if
> I have file sharing turned on or aren't up-to-date WRT protections,
> I'm still subject to being infected/attacked by the next guy with a
> laptop if he can guess or scan or otherwise predict my ip address.
> It's no better (nor worse) than plugging into a hardwired ethernet
> in a campus computer room...  "infrastructure mode" doesn't mean
> that I'm not allowed to send packets to other wireless users on
> the same IP, does it?

Depends on the router. Many of the ones designed for "public" use can be
set to isolate each wireless client. The clients can talk to the router,
but can't talk to each other. Common consumer routers tend to not have
this optional restriction.

TTYL

2007\02\16@150414 by peter green

flavicon
face

> Perhaps the danger is a bit overstated.   It seems to me that
> "financial data sites" and other sensitive connections should already
> be operating across (end-end) encrypted web services that are
> (hopefully) immune from man-in-the-middle attacks.  And a public
> wifi network (even non-free) is inherently public, isn't it?  So if
> I have file sharing turned on or aren't up-to-date WRT protections,
> I'm still subject to being infected/attacked by the next guy with a
> laptop if he can guess or scan or otherwise predict my ip address.
> It's no better (nor worse) than plugging into a hardwired ethernet
> in a campus computer room...  
its worse, with modern hardwire ethernet if they want to sniff you they have to do things that a decent intrusion detetion system would notice prett quick, with wireless they can just listen in.

from the point of view of stuff open on your pc you are right though



2007\02\16@184112 by Tobias Gogolin

picon face
The article makes a wifi virus thinkable...
A program that is acquired over wifi and then makes itself accessible over
wifi to be duplicated...


On 2/16/07, peter green <TakeThisOuTplugwashEraseMEspamspam_OUTp10link.net> wrote:
{Quote hidden}

> -

2007\02\17@020431 by Nate Duehr

face
flavicon
face
On 2/16/07, Herbert Graf <RemoveMEmailinglist3spamTakeThisOuTfarcite.net> wrote:
> > in a campus computer room...  "infrastructure mode" doesn't mean
> > that I'm not allowed to send packets to other wireless users on
> > the same IP, does it?
>
> Depends on the router. Many of the ones designed for "public" use can be
> set to isolate each wireless client. The clients can talk to the router,
> but can't talk to each other. Common consumer routers tend to not have
> this optional restriction.

The Linksys WRT54G(S) and the Linux variant running alternative
firmware (DD-WRT) can do this "isolation" mode also.  They also can
integrate to authentication servers (RADIUS) and about a million other
things.. the alternative firmware (especially on pre-VxWorks versions
of the router with the larger flash and RAM) makes quite a capable
little Linux machine, complete with SSH access and a BusyBox command
line.

In fact... a Linksys router loaded with the correct "stuff" and a
laptop, and you'd have everything you need to conduct that phishing
scam someone mentioned of collecting credit card info in an airport.
Some models even have enough "drive" space via JFFS2 to store the
information collected...

Find a wall outlet, have it pre-loaded with something that looks like
a carrier's website/authentication pages (or just copy theirs) and
some creative routing through a laptop with a broadband Internet
cellular card (so the poor folks being scammed actually get their
desired internet connection)... and you'd be done.

Since you're routing through the laptop, tools like dsniff on the
laptop could grab every single non-encrypted user/password combo for
all the common protocols also... IM clients, mail, etc...

Piece of cake... and it'd look JUST like the person had logged into
the appropriate carrier's network -- but the IP's would be wrong if
they bothered to check their public IP address, and there'd be a few
other hints... but not much.

The ability available for only a few dollars (compared to what people
will trust to a web browser in a public place) to abuse 802.11
end-users who aren't using end-to-end encryption of everything they
do... is truly amazing.

Nate

More... (looser matching)
- Last day of these posts
- In 2007 , 2008 only
- Today
- New search...