Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Wireless Security » How it is possible to get Malware with Open Hotspot
Search Topic:
Uniqs:
479		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Forum Guidelines ·Wireless Security FAQ ·Keith's FAQ
Updated inSSIDer (v1.1; 2/24/2009) »
AuthorAll Replies

rapt0r

join:2009-03-19

 How it is possible to get Malware with Open Hotspot

I'm wondering if technically possible to get Infected when connecting to open WiFi Hotspot.
Assuming I found a rouge Open Wireless and I get connected to its network and DHCP will lease IP.
Is it possible when connected a Malware is downloaded into clients machine?
Or web browser is Hijacked?
What are the different possibilities of getting infected?
to forum · permalink · · 2009-04-26 15:51:59 · Reply to this


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest

 The greatest risk, is when you are using Windows networking and are sharing some of your files.

Another risk is a rogue DNS server. For example, when you do a google search, it could give you the IP address of a fake google page.

If you are taking reasonable precautions, and having your browser warn you before running any executable, then the risk should be something you can handle. Just be more cautious and less trusting when at an untrusted hotspot.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.8
to forum · permalink · · 2009-04-26 18:10:05 · Reply to this

docrice

join:2008-03-31
Fremont, CA

reply to rapt0r
There are many vectors in getting malicious code onto your machine, regardless of whether it's at an open hotspot or not. Since your question is framed within that context, I'm assuming you're referring to direct network attacks instead of tricking the user into going into a webpage that automatically downloads code through XSS, "friendly" ActiveX install prompts, etc..

If the hotspot has a captive portal which serves a web page that's compromised, that's one place. DNS redirection is certainly a possibility. Even layer 2 redirection can cause you to chain your traffic through an unknown entity. How about an unpatched exploit that your machine may have that somehow allows remote SMB / RPC / etc. access into your OS perimeter?

In other words, there's a lot. You just have to reduce your risk profile by running with least-privilege, blocking everything inbound that isn't return traffic of your initiation, using something like NoScript in Firefox, etc..
to forum · permalink · · 2009-04-28 04:32:41 · Reply to this
-
Forums » Up and Running » Security » Wireless SecurityUpdated inSSIDer (v1.1; 2/24/2009) »

Friday, 04-Dec 06:48:14 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [142] Avast Antivirus Has Gone Mad
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [103] Comcast Makes NBC Universal Acquisition Official
· [85] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [70] Baltimore To Ban Lazy Cable Installs
· [66] Sprint Defuses GPS Privacy Media Bomb
· [64] Broadband Killed The Game Console
· [63] FCC Ponders Moving From PSTN To IP Voice
Most people now reading
· False positive in Avast! or is it real? [Security]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· [Business] how to bridge a smc 8014 business class modem [Comcast HSI]
· Using AirMax to provide triple play services? [Wireless Service Providers]
· What is the spell hit cap for a lvl 80 full arcane spec mage [World of Warcraft]
· [Rant] Disrespect of PTO [Rants, Raves, and Praise]
· [TWC] Audio/Video outage in Brooklyn [Time Warner Cable TV/Voice]
· Am I the only one that loves to work in IT? [No, I Will Not Fix Your #@$!! Computer]