Scott Granneman, 2006-02-09
The average user has no idea of the risks associated with public WiFi hotspots. Here are some very simple tips for them to keep their network access secure.
Colapse all |
Post comment
WiFi for dummies
2006-02-10
Phil from NY
Phil from NY
Great tips, Scott!
Anyone looking for some more advice should check out the "Open Wireless Access Points" episode of the "Security Now!" podcast:
http://www.grc.com/SecurityNow.htm#10
And when you want to get *really* secure when connecting to a public wireless network, by setting up a secure...
[ more ] [ reply ]
Anyone looking for some more advice should check out the "Open Wireless Access Points" episode of the "Security Now!" podcast:
http://www.grc.com/SecurityNow.htm#10
And when you want to get *really* secure when connecting to a public wireless network, by setting up a secure...
[ more ] [ reply ]
WiFi for dummies
2006-02-10
Sid (2 replies)
Sid (2 replies)
OK, WEP is better than nothing. But no the other hand, it's so heavily crippled it cannot be seriously called a security feature.
Considering that, is it still pertinent to mention WEP usage ? Would not it be far more wise to tell people not to use WEP anymore and move to WPA which usage on dummi...
[ more ] [ reply ]
Considering that, is it still pertinent to mention WEP usage ? Would not it be far more wise to tell people not to use WEP anymore and move to WPA which usage on dummi...
[ more ] [ reply ]
Re: WiFi for dummies
2006-02-11
stacy (1 replies)
stacy (1 replies)
WEP is better than nothing in the same sense that if your roof gets blown off, a tarp is better than nothing; but it is still not a solution to the problem.
A couple points about public hotspots:
1) The usage of encryption at the wireless level is the choice of the wireless provider, not you. So...
[ more ] [ reply ]
A couple points about public hotspots:
1) The usage of encryption at the wireless level is the choice of the wireless provider, not you. So...
[ more ] [ reply ]
Re: Re: WiFi for dummies
2006-02-15
Sid
Sid
I really don't see the point in your comparison. I would have said that WEP is a tarp with no roof...
My point is, and it's especially applying to public accesses, that WEP is bringing close to nothing in terms of security. It does not bring confidentiality, nor between users, nor against eavesdr...
[ more ] [ reply ]
My point is, and it's especially applying to public accesses, that WEP is bringing close to nothing in terms of security. It does not bring confidentiality, nor between users, nor against eavesdr...
[ more ] [ reply ]
Re: WiFi for dummies
2006-02-13
Anonymous
Anonymous
WEP isn't better than nothing. It is nothing, at least from the perspective of the user of a public hotspot. WEP provides no protection against one machine on that WLAN from reaching another. Thus, it is exactly the same protection as nothing.
The article would have achieved more good if it pu...
[ more ] [ reply ]
The article would have achieved more good if it pu...
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-02-13
j (1 replies)
j (1 replies)
Also, never assume that by using your corporate VPN that ALL of your traffic will be encrypted. That is the best way to set it up but many companies still only encrypt business traffic and not web traffic (including personal e-mail). Double check with your IT folk, if they say that they encrypt ev...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Coffee shop WiFi for dummies
2006-02-15
Anonymous (1 replies)
Anonymous (1 replies)
j
even without split tunneling wouldn't the return traffic come back unencrypted? I think so.
j...
[ more ] [ reply ]
even without split tunneling wouldn't the return traffic come back unencrypted? I think so.
j...
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-02-13
Anonymous
Anonymous
Another thing to note about WiFi encryption- if ALL of the customers are to use WEP/WPA, then one would reasonably assume they might all have the same WEP/WPA encryption key. If so, then using WEP/WPA is completely totally pointless as everyone will still see everyone's traffic....
[ more ] [ reply ]
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-02-13
Paul R. from Rome, NY
Paul R. from Rome, NY
All security features are part of a SYSTEM that includes the USER. SSL is no exception. Just because you're using a SSL-protected web site (and you have the comforting little padlock in the corner of you browser), doesn't mean that someone at the coffee shop hasn't poisoned the ARP tables and issu...
[ more ] [ reply ]
[ more ] [ reply ]
Use a VPN for God's Sake
2006-02-13
Anonymous
Anonymous
Seriously, most of these people are going to have a high speed connection at home. Set up a VPN on your system at home, then have your laptop connect to and route all the traffic through that VPN. Sure, it's a little slower because of company upload caps that are usually in place, and because you're...
[ more ] [ reply ]
[ more ] [ reply ]
RE: Coffee shop - Just say NO to Google!
2006-02-15
Anonymous (1 replies)
Anonymous (1 replies)
Interesting article however, given the latest news surrounding Google's policies on privacy and information security, I would NOT recommend using Google for anything.
For more information take a look at these sites:
http://www.gmail-is-too-creepy.com/
http://www.scroogle.org/
...
[ more ] [ reply ]
For more information take a look at these sites:
http://www.gmail-is-too-creepy.com/
http://www.scroogle.org/
...
[ more ] [ reply ]
Vindictive whackos just say NO to Google!
2006-02-17
Roger (1 replies)
Roger (1 replies)
"...given the latest news surrounding Google's policies on privacy and information security..."
You mean the news about how every other company hit with the US Federal subpoenass buckled without so much as a whimper, while Google is fighting them tooth and nail to protect your privacy?
"For mo...
[ more ] [ reply ]
You mean the news about how every other company hit with the US Federal subpoenass buckled without so much as a whimper, while Google is fighting them tooth and nail to protect your privacy?
"For mo...
[ more ] [ reply ]
Coffee shop WiFi for dummies - VPN won't always help
2006-02-15
Anonymous
Anonymous
Most VPN's I know of will only encrypt traffic destined for the corporate lan.
For instance, if I log onto my gmail or bank account the vpn is smart enough to know that the destination is not on the corporate lan and send it out unencrypted over the public network.
On the other hand if I log in t...
[ more ] [ reply ]
For instance, if I log onto my gmail or bank account the vpn is smart enough to know that the destination is not on the corporate lan and send it out unencrypted over the public network.
On the other hand if I log in t...
[ more ] [ reply ]
What about something like www.publicvpn.com ???
2006-02-15
Anonymous (1 replies)
Anonymous (1 replies)
Re: What about something like www.publicvpn.com ???
2006-02-16
stacy
stacy
Talk about an oxymoron; a PUBLIC virtual PRIVATE network. How about just using some hacker repellant?
http://www.ranum.com/security/computer_security/marketing/ha
cker-repellant-small.jpg
Seriously, if your only concern is eavesdropping by people within a few hundred feet of the hotspot, then thi...
[ more ] [ reply ]
http://www.ranum.com/security/computer_security/marketing/ha
cker-repellant-small.jpg
Seriously, if your only concern is eavesdropping by people within a few hundred feet of the hotspot, then thi...
[ more ] [ reply ]
Recommending gaim? HAH
2006-02-17
infamous41md (1 replies)
infamous41md (1 replies)
You have the nerve to criticize IE and Skype for their security records, but yet at the same time you actually recommend GAIM? The code in GAIM is some of the shoddiest I have ever audited, and that's saying a lot. Oh the 0day. Perhaps you should leave commenting on the relative security of progr...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Recommending gaim? HAH
2006-02-19
Roger (1 replies)
Roger (1 replies)
Umm, that's interesting, but at least you *have* given Gaim a code audit, unlike IE and Skype which are closed source. And that's reflected in the vulnerability disclosures: since getting up to version 1 around 16 months ago, Gaim has had 13 vulnerabilities published, of which nearly all were non-cr...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Recommending gaim? HAH
2006-02-20
infamous41md (1 replies)
infamous41md (1 replies)
I alone reported I think 5 vulns to the developers, several of which could be exploited.Sometime right around when I reported those someone else reported 12, plus there have been numerous other reports since then. I'm not sure where your numbers are coming from, but they're slightly off. The devel...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Re: Recommending gaim? HAH
2006-02-23
Roger (1 replies)
Roger (1 replies)
> I'm not sure where your numbers are coming from, but they're slightly off.
Got 'em straight from Bugtraq.
> My bigger point is not that gaim sucks, which it does, but it's that "security columnists" should keep their mouth shut
How would that help anyone?...
[ more ] [ reply ]
Got 'em straight from Bugtraq.
> My bigger point is not that gaim sucks, which it does, but it's that "security columnists" should keep their mouth shut
How would that help anyone?...
[ more ] [ reply ]
Re: Re: Re: Re: Recommending gaim? HAH
2006-02-24
infamous41md (1 replies)
infamous41md (1 replies)
The bugs I reported probably were never bugtraq'd.
> My bigger point is not that gaim sucks, which it does, but it's that "security columnists" should keep their mouth shut
>How would that help anyone?...
You didn't include my whole quote, but I take it that was sarcasm? In case it wasn'...
[ more ] [ reply ]
> My bigger point is not that gaim sucks, which it does, but it's that "security columnists" should keep their mouth shut
>How would that help anyone?...
You didn't include my whole quote, but I take it that was sarcasm? In case it wasn'...
[ more ] [ reply ]
Re: Re: Re: Re: Re: Recommending gaim? HAH
2006-03-01
Anonymous (1 replies)
Anonymous (1 replies)
Well You mister Auditer... If You did Audit the code it would be safer now. Unless You did not do Your job right?
And the comment about not talking is the freedom of speach. Deny that right at Your peril....
[ more ] [ reply ]
And the comment about not talking is the freedom of speach. Deny that right at Your peril....
[ more ] [ reply ]
Re: Re: Re: Re: Re: Re: Recommending gaim? HAH
2006-03-03
infamous41md
infamous41md
Safer? Hardly. Maybe just less of a choice of attack vectors to choose from. As I said I reported 5 or 6 vulns in gaim to the developers long ago. http://gaim.sourceforge.net/security/index.php. That was just the tip of the iceberg. More recent vulns I've kept b/c as I said the developers are ...
[ more ] [ reply ]
[ more ] [ reply ]
Get a real ISP provider
2006-02-17
In Secure
In Secure
My provider (www.kattare.com - I'm in no way associated with them other than a customer) allows secure IMAP, POP, SMTP, including the IMPORTANT option of sending to a different port (not 25, which as is implied in the article, might be blocked by the coffee-shop's ISP). In my case, I check "Send ma...
[ more ] [ reply ]
[ more ] [ reply ]
You forgot one of the most important...
2006-02-26
Anonymous (1 replies)
Anonymous (1 replies)
If the WiFi isn't free, or if you have to establish some unique identity to use it, beware of rogue gateways. Any of the other laptops could be putting out a stronger signal and be presenting a fake login page. If you're sitting far from the real transmitter, it can be a problem. And since you do...
[ more ] [ reply ]
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-09-14
Anonymous
Anonymous
I am opening a coffee shop in a month and trying to decide whether or not to get Wifi for the customers. I know somewhat about computers but I am no expert, Can some one tell me the best Wifi to get and what risk are involved. I have read the threaded discussions here but I am at a lost which is the...
[ more ] [ reply ]
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-10-04
oreste
oreste
This article was very helpful, for users of email and IM, and also for computer people like me who are not security experts. However, I use Mozilla Thunderbird for email at work, a secure environment, and recently had to plug in GNU OpenPGP to send a secure email to someone in another company. Thi...
[ more ] [ reply ]
[ more ] [ reply ]
Coffee shop WiFi for dummies
2006-12-25
Anonymous
Anonymous
Good Article! Anchorfree offers a free VPN service for all hotpot users known a hotspot shield. I would recommend that anyone who regularly uses HotSpots, consider this security measure. The reality is that HotSPots will always leave users vulnerable. If this concerns you, stay away from Hotspots ...
[ more ] [ reply ]
[ more ] [ reply ]
Coffee shop WiFi for dummies
2009-06-23
Ken
Ken
Hello,
I've been tasked with making my friend's coffeehouse WIFI network secure. I can go WEP or WPA. The plan is to change the password every 2-3 hours during the working hours of the coffeehouse. The password would be printed on the customer's receipt. Not bullet proof I suppose, but we're tr...
[ more ] [ reply ]
I've been tasked with making my friend's coffeehouse WIFI network secure. I can go WEP or WPA. The plan is to change the password every 2-3 hours during the working hours of the coffeehouse. The password would be printed on the customer's receipt. Not bullet proof I suppose, but we're tr...
[ more ] [ reply ]
...
[ more ] [ reply ]