Mitigating risks associated with Wifi – Part 2

By on January 2nd, 2012

Part 2 – Who else is connected to that network?

This concept applies to a wired network as much as it does to a wireless network, however I still think this needs to be mentioned. I’m sure that the other guests who happen to be staying at Caesar’s Palace during the annual BlackHat convention would think twice against connecting to that hotel wireless network if they knew that there were hundreds of experienced hackers also connected and just looking for some unsuspecting victim to play with.

No matter what operating system you run (Yes, EVEN Mac OSX despite what a die-hard Mac fan will tell you), there are inevitably going to be vulnerabilities discovered that have to be patched and maybe a zero-day or two out there that have not been patched yet. Some of these vulnerabilities can potentially be remotely exploited by an attacker on the same network and give them remote access to your computer. It is always wise to keep your system patched and install updates in a timely manner.  A properly configured software firewall and antivirus software that is also up to date are also key protections to be employed to mitigate the risk of a successful attack.

Even in the case of a wired network, techniques such as ARP Poison Routing can be used to trick your computer into sending data packets out through an attacker’s machine as opposed to a legitimate gateway. In addition, DNS spoofing can be combined with ARP cache poisoning to redirect a victim to an evil website when they attempt to go to a legitimate website. The details of these types of attacks are way beyond the target audience of this article, however the concept is simple: The victim types www.google.com (http://www NULL.google NULL.com/) into their browser and they are instead taken to an evil website on the attacker’s machine that may be designed to capture login credentials or maybe run some nasty exploit code and gain control of their computer. These types of attacks are generally easier to successfully implement on a wireless network than on a wired network and the anonymous nature of wireless traffic makes it virtually impossible for the attacker to be physically tracked down by a security professional as would be possible when physically plugged into a wired network.

The following practices will help you mitigate the risks of falling victim to traffic redirection and interception techniques (which are similar to techniques outlined in our previous article on sniffing and sidejacking):

  1. Avoid using open / unsecured wireless networks such as public wifi, coffee shop networks, etc. where possible.
  2. If you do use an open WiFi network, avoid logging in to sensitive sites such as internet banking sites, email accounts, or social media sites.
  3. Pay close attention to your browser for certificate errors, which would indicate that an SSL secured site is being spoofed and transmissions are being intercepted:
  4. Use a VPN tunnel . All traffic that is transmitted through the tunnel is encrypted between your computer and the VPN device by the tunnel, regardless of the type of data.

Note that this is the second of a four part series of articles dealing with WiFi security for the non-technical user. The previous article in the series may be found here. Stay tuned for the remaining articles in the series! Please do not hesitate to contact us if you are interested in our various IT general control review, penetration testing, and vulnerability assessment services.

  • digg Digg this post (http://digg NULL.com/submit?url=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&title=Mitigating+risks+associated+with+Wifi+%E2%80%93+Part+2&bodytext=Part+2+-+Who+else+is+connected+to+that+network%3F%0D%0AThis+concept+applies+to+a+wired+network+as+much+as+it+does+to+a+wireless+network%2C+however+I+still+think+this+needs+to+be+mentioned NULL.+I%E2%80%99m+sure+that+the+other+guests+who+happen+to+be+staying+at+Caesar%E2%80%99s+Palace+during+the+annual+BlackHat+convention+would+think+twice+agai)
  • facebook Recommend on Facebook (http://www NULL.facebook NULL.com/sharer NULL.php?u=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&t=Mitigating+risks+associated+with+Wifi+%E2%80%93+Part+2)
  • linkedin Share on Linkedin (http://www NULL.linkedin NULL.com/shareArticle?mini=true&url=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&title=Mitigating+risks+associated+with+Wifi+%E2%80%93+Part+2&summary=Part+2+-+Who+else+is+connected+to+that+network%3F%0D%0AThis+concept+applies+to+a+wired+network+as+much+as+it+does+to+a+wireless+network%2C+however+I+still+think+this+needs+to+be+mentioned NULL.+I%E2%80%99m+sure+that+the+other+guests+who+happen+to+be+staying+at+Caesar%E2%80%99s+Palace+during+the+annual+BlackHat+convention+would+think+twice+agai)
  • reddit share via Reddit (http://www NULL.reddit NULL.com/submit?url=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&title=Mitigating+risks+associated+with+Wifi+%E2%80%93+Part+2)
  • stumble Share with Stumblers (http://www NULL.stumbleupon NULL.com/submit?url=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&title=Mitigating+risks+associated+with+Wifi+%E2%80%93+Part+2)
  • twitter Tweet about it (http://twitter NULL.com/share?url=http%3A%2F%2Fwww NULL.tjscpa NULL.com%2Findex NULL.php%2F2012%2Fmitigating-risks-associated-with-wifi-part-2%2F&text=)
  • rss Subscribe to the comments on this post
  • print Print for later
  • bookmark Bookmark in Browser
  • email Tell a friend
Categorized under: Information Technology & Security, Tax / Small Business.
Tagged with: no tags.

Comments are closed.