Public Wi-Fi Network Threats at iTechNote Page 1 of 6

iTechNote
A wealth of helpful technology tips and hints

z Home
z Technology
z Java
z Microsoft
z Solaris
z Apple
z Archives

« 64% of U.S. Internet Users Watch Videos Online

Vista Runs Smooth Only on 2G Memory »

Public Wi-Fi Network Threats

Published October 26th, 2006 in Technology.
Wireless Network Sniffer Infinity Firewalls
Get complete real-time analysis across your Performance-Sensitive Security VoIP, Video,
entire network. and Data Centers.

wi-fi, treats, jiwire, security

Wi-Fi networking is inherently insecure. Wi-Fi and its latest security and encryption updates (WEP/WPA/WPA2) try to protect
network access but not necessarily the information that flows over that network. Using public Wi-Fi network should be
considered as open to the public as if you had published your accounts, passwords, and correspondence in a newspaper.

There are three primary threats from bedevil Wi-Fi users - sniffers, rogue access points and worms/probes.

Sniffers

Wi-Fi uses radio waves to send data thus making it ripe for monitoring from vicinity. Unless a building is surrounded with a wire
cage, signals leak and you must treat your access to the network as completely available to anyone within line-of-sight range. A
used $200 laptop with a $10 Wi-Fi card and free software is quite effective and often used for these purposes of sniffing. The
sniffer can decode any data passing by into its original form.

The software packages that a sniffer uses are:

z Stumblers - software that reveal the existence of Wi-Fi network, e.g. NetStumbler, MacStumbler, dstumbler
z Snoopers - software that reveal data passing across Wi-Fi network, e.g. tcpdump, ntop, ettercapNG

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 2 of 6

z Crackers - software that collect enough sample encrypted data to get the encryption key, e.g. Kismet, AirSnort, KisMAC

Rogue Access Points

A more sophisticated sniffer can setup a rogue access point (evil twin) to intercept all data and relay it back and forth to the
legitimate network without your knowledge. In this process, even more data can be extracted from your computer.

The “phishing” attack starts with a fake web site that mimics legitimate site to capture login credentials. The attacker can also try
to force software on your PC to re-connect to services that require passwords and extract them when they are sent.

There is no software on the market that is purposely designed to be evil twin.

Worms, Firewalls and Probes

Many Wi-Fi networks in public hotspots use the same range of private Internet protocol addresses that home and office networks
employ, making those Wi-Fi networks appear exactly like each other to a firewall.

This allows entry for worms, as well as probes that try to find weaknesses in your system, or access shared network folders that
you have failed to password protect.

The Solution

JiWire Ironclad Wi-Fi Security (formerly SpotLock) claims to overcome the problems by creating its own Virtual Private
Network (VPN) using IPSec encryption technology in tunnel mode. It is included in JiWire Hotspot Helper that can be
subscribed for unlimited use for $24.95 a year. However, only Windows XP is supported.

The one-time 10 day unlimited trial allows you to use the Wi-Fi Hotspot Finder (offline) regardless of whether you subscribe to
JiWire Hotspot Helper or not. The directory is updated once a week and can be set to push to Wi-Fi Hotspot Finder on schedule.

via JiWire

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 3 of 6

Data Loss Prevention

Learn more about Proofpoint's data loss prevention & email security
www.proofpoint.com

Network Security
Through event log scanning! Detect hackers on your network. Free
d/l
gfi.com/eventsmanager

AirMagnet WLAN Survey

Perform a professional WLAN site survey with enhanced graphic
tools
www.airmagnet.com

Intrusion Prevention
IBM's Prevention Sys. for Crossbeam IBM RealSecure Server
Sensor
www.IBM.com/Services/in/ISS

0 Responses to “Public Wi-Fi Network Threats”

Feed for this Entry Trackback Address

1. No Comments

Leave a Reply

Name

Mail (will not be published)

Website

Submit

« 64% of U.S. Internet Users Watch Videos Online

Vista Runs Smooth Only on 2G Memory »

Announcements

If you want to suggest an article or you think I have violated Copyright laws, please send me a feedback.

Categories
z Apple (5)

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 4 of 6

z Gazette (1)
z Infrastructure (8)
z Java (14)
z Microsoft (18)
z Oracle (4)
z Solaris (8)
z Technology (49)

Related Entries
Top 5 Risks to Use Public IM Within an Organization
As instant messaging technology is embraced by information workers and their organizations, it is important that system
administrators and information technology (IT) professionals within these organizations recognize both the value...

Sponsors

Ads by Google
Network Security Threats
Network
Wireless Security
WiFi Security

Subscribe
Subscribe to my RSS Feeds

RSS Feed-Posts RSS Feed-Comments

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 5 of 6

Social Bookmarks

digg reddit

Most Popular
{ Vista Runs Smooth Only on 2G Memory
{ Anti-phishing Impacts on Web Site Owner
{ Active Directory, Kerberos, LDAP and Unix
{ The Fate of Microsoft Empire
{ Run a Google-scale Web Site with Amazon EC2
{ 9 Steps to use Windows Vista RC2 ISO
{ e-Passports Security Risks Revisited
{ Learn More About iPhone
{ Limitations on Vista features in XP
{ 4 Drivers to Mobile Computing

EJB 3 in Action
Debu Panda, Reza
R...
New $39.00
Best $34.04

Windows Vista
Mitch Tulloch,
Ton...
New $35.99
Best $27.16

Leg Avenue
Seamless Halter
Cut Out B...

New $4.99
Best $4.99

Beginning Xcode
James Bucanek
New $26.39
Best $16.21

Expert Oracle
Database
Architecture
Thomas Kyte
New $31.49
Best $16.49

Privacy Information

z Links
{ Oracle Blogs
{ Java.net Blogs
{ MSDN Blogs

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08
Public Wi-Fi Network Threats at iTechNote Page 6 of 6

{ A Look Into Solaris

{ Sun Blogs
{ XeniNet

© 2006 iTechNote | Powered by Wordpress with 3 K2 Redux klein by Headsetoptions | Top

http://www.itechnote.com/2006/10/26/public-wi-fi-network-threats/ 05-Jan-08