Académique Documents
Professionnel Documents
Culture Documents
iTechNote
A wealth of helpful technology tips and hints
z Home
z Technology
z Java
z Microsoft
z Solaris
z Apple
z Archives
Wi-Fi networking is inherently insecure. Wi-Fi and its latest security and encryption updates (WEP/WPA/WPA2) try to protect
network access but not necessarily the information that flows over that network. Using public Wi-Fi network should be
considered as open to the public as if you had published your accounts, passwords, and correspondence in a newspaper.
There are three primary threats from bedevil Wi-Fi users - sniffers, rogue access points and worms/probes.
Sniffers
Wi-Fi uses radio waves to send data thus making it ripe for monitoring from vicinity. Unless a building is surrounded with a wire
cage, signals leak and you must treat your access to the network as completely available to anyone within line-of-sight range. A
used $200 laptop with a $10 Wi-Fi card and free software is quite effective and often used for these purposes of sniffing. The
sniffer can decode any data passing by into its original form.
z Stumblers - software that reveal the existence of Wi-Fi network, e.g. NetStumbler, MacStumbler, dstumbler
z Snoopers - software that reveal data passing across Wi-Fi network, e.g. tcpdump, ntop, ettercapNG
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 2 of 6
z Crackers - software that collect enough sample encrypted data to get the encryption key, e.g. Kismet, AirSnort, KisMAC
A more sophisticated sniffer can setup a rogue access point (evil twin) to intercept all data and relay it back and forth to the
legitimate network without your knowledge. In this process, even more data can be extracted from your computer.
The “phishing” attack starts with a fake web site that mimics legitimate site to capture login credentials. The attacker can also try
to force software on your PC to re-connect to services that require passwords and extract them when they are sent.
Many Wi-Fi networks in public hotspots use the same range of private Internet protocol addresses that home and office networks
employ, making those Wi-Fi networks appear exactly like each other to a firewall.
This allows entry for worms, as well as probes that try to find weaknesses in your system, or access shared network folders that
you have failed to password protect.
The Solution
JiWire Ironclad Wi-Fi Security (formerly SpotLock) claims to overcome the problems by creating its own Virtual Private
Network (VPN) using IPSec encryption technology in tunnel mode. It is included in JiWire Hotspot Helper that can be
subscribed for unlimited use for $24.95 a year. However, only Windows XP is supported.
The one-time 10 day unlimited trial allows you to use the Wi-Fi Hotspot Finder (offline) regardless of whether you subscribe to
JiWire Hotspot Helper or not. The directory is updated once a week and can be set to push to Wi-Fi Hotspot Finder on schedule.
via JiWire
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 3 of 6
Network Security
Through event log scanning! Detect hackers on your network. Free
d/l
gfi.com/eventsmanager
Intrusion Prevention
IBM's Prevention Sys. for Crossbeam IBM RealSecure Server
Sensor
www.IBM.com/Services/in/ISS
1. No Comments
Leave a Reply
Name
Website
Submit
Announcements
If you want to suggest an article or you think I have violated Copyright laws, please send me a feedback.
Categories
z Apple (5)
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 4 of 6
z Gazette (1)
z Infrastructure (8)
z Java (14)
z Microsoft (18)
z Oracle (4)
z Solaris (8)
z Technology (49)
Related Entries
Top 5 Risks to Use Public IM Within an Organization
As instant messaging technology is embraced by information workers and their organizations, it is important that system
administrators and information technology (IT) professionals within these organizations recognize both the value...
Sponsors
Ads by Google
Network Security Threats
Network
Wireless Security
WiFi Security
Subscribe
Subscribe to my RSS Feeds
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 5 of 6
Social Bookmarks
digg reddit
Most Popular
{ Vista Runs Smooth Only on 2G Memory
{ Anti-phishing Impacts on Web Site Owner
{ Active Directory, Kerberos, LDAP and Unix
{ The Fate of Microsoft Empire
{ Run a Google-scale Web Site with Amazon EC2
{ 9 Steps to use Windows Vista RC2 ISO
{ e-Passports Security Risks Revisited
{ Learn More About iPhone
{ Limitations on Vista features in XP
{ 4 Drivers to Mobile Computing
EJB 3 in Action
Debu Panda, Reza
R...
New $39.00
Best $34.04
Windows Vista
Mitch Tulloch,
Ton...
New $35.99
Best $27.16
Leg Avenue
Seamless Halter
Cut Out B...
New $4.99
Best $4.99
Beginning Xcode
James Bucanek
New $26.39
Best $16.21
Expert Oracle
Database
Architecture
Thomas Kyte
New $31.49
Best $16.49
Privacy Information
z Links
{ Oracle Blogs
{ Java.net Blogs
{ MSDN Blogs
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 6 of 6
http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08