Theme

Welcome · log in · join

Security → security at hotspots

uniqs
490

« Windows Security Center Popup Warning • hjt log Vundo found »

nitricacid
join:2001-07-30
Elizabeth, NJ

nitricacid

Member

2005-Dec-1 10:08 pm

security at hotspots

If im at lets say starbucks and i am using my wireless connection at there spot. Am i vulnerable to attacks or my info getting intercepted?

How could i prevent this?

· actions · 2005-Dec-1 10:08 pm ·

dbwilson
Premium Member
join:2000-06-19
Fayetteville, GA

dbwilson

Premium Member

2005-Dec-2 12:20 am

1. Use a firewall with your wireless connection set to “Internet Zone” or equivalent zone that denies file sharing and ports are “stealthed.”

2. When accessing a site that requires a password, make sure the site is encrypted with SSL 128 bit. Example: Use mail2web.com to check email.

3. Pray.

· actions · 2005-Dec-2 12:20 am ·

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger to nitricacid

MVM

2005-Dec-2 1:41 am

to nitricacid

I would also suggest NOT getting your email unless your using a VPN connection (or otherwise have a secure email logging such as https web interface) as most people forget that POP3 sends your userid and password in clear text.

Frankly I use external wireless connections for nothing more then entertainment as anything other and your begging for a smack.

Blake

· actions · 2005-Dec-2 1:41 am ·

SoonerAl
MVM
join:2002-07-23
Norman, OK

SoonerAl to nitricacid

MVM

2005-Dec-2 7:08 am

to nitricacid

Another thread concerning this very same subject...

»Hotspot security ?'s

· actions · 2005-Dec-2 7:08 am ·

MrAnonymous3
join:2005-07-25
90127

MrAnonymous3 to nitricacid

Member

2005-Dec-2 6:21 pm

to nitricacid

If your provider supports it use secure IMAP and SMTP easiest way to get mail without needing a VPN. There is an encrypted equivelent of most protocals how ever provider support for such can be limited.

· actions · 2005-Dec-2 6:21 pm ·

picoshark
join:2005-03-17
Columbia, MO

picoshark to nitricacid

Member

2005-Dec-12 10:01 am

to nitricacid

Also, remember to *NEVER* accept a certificate if your browser balks at it, at a public hotspot or anytime. An attacker can generate certificates on the fly that look exactly like the correct one except for the issuer. They can then do a man-in-the-middle attack and funnel your connection completely through themselves (even though your browser shows SSL/locked padlock). »ettercap.sourceforge.net/ Your login, password and everything sent can then be captured. I don't frequent public wifi, but I would imagine the risk there is higher. For a cracker looking for connections to break, there would probably be a higher concentration of them at Starbucks with a lot of people checking their bank balance, buying on ebay, etc.

· actions · 2005-Dec-12 10:01 am ·

Nerdtalker
Working Hard, Or Hardly Working?
MVM
join:2003-02-18
San Jose, CA

Nerdtalker to nitricacid

MVM

2005-Dec-15 6:01 pm

to nitricacid

Anything sent in plaintext (not encrypted) is up for grabs.

That includes:
•IM conversations
•Pageviews to unsecure sites
•FTP

Keep in mind that any legitimate/successful banking/retail website uses encryption, however.

What's important to note is this:
•Use a good software firewall
•If checking email with a POP/SMTP client, make sure SSL is in use. (see screenshot)
•If possible, setup a VPN at your home, and then just VPN to it and use it to secure everything. That's what I do.

· actions · 2005-Dec-15 6:01 pm ·

dspalding
join:2003-10-29
Durham, NC

dspalding to nitricacid

Member

2005-Dec-16 12:49 am

to nitricacid

Thanks for the screenshot. I'd had trouble finding what SSL port for SMTP would work with my domain server, and 465 was the ticket.

· actions · 2005-Dec-16 12:49 am ·

Forums → Software and Operating Systems → Security	« Windows Security Center Popup Warning • hjt log Vundo found »