Ensuring Security at HotSpots question

Hello all

I access the internet via a hotspot during my lunchbreak and wanted to ensure that I am surfing securely. I have read various PC magazine articles and here is what I have done SO FAR to ensure privacy

  1. Sygate Firewall
  2. File Sharing turned off, Plug/Play turned off
  3. Surf thru HotSpotVPN, a Virtual Private Network, reviewed positively in various journals
  4. Virus software always on
  5. AdAware and SpyBot run every few days
  6. HOSTS file modified to be "anti spyware"

what is lacking?

I hear about war drivers and others "grabbing" my packets while I surf. I think #3 above should fix that. Anything else? Can people with NetStumbler find ME (via GPS) while I surf? I know they can find the AP, how about the laptop user?

Dont want to be paranoid, but thats the reality these days.

thanks!

Reply to
Bill
Loading thread data ...

I use a VPN sniffer, same deal.. i dont need to snif fthier packets.

a point about hotspots, look at all who are in the place whom have laptops. then use netstumbler or other sniffers to check ap's and mac addresses. if you have the correct amount, then keep an eye on new macs suddenly appearing while no new users enter the visible hotspot.

things i do at hotspots. scan mace. thene check for file sharing and netbios UPnP and other things

i love the $xx like the LPT port and admin $IPC locations also...

if at a hotspot, ensure your data is not secure.

dont get me wrong. you would be lucky if i tap your PC.

i only look for appz games pics on HD's thing people get in e-mail, and save to the HD. like in my documents or other known folders. i also look for MP3's

other people sniff for passwords and other information.

another note.

i have a nice supply of WIFI nics, and rotate them. makes it harder to get caught. :)

my advice, want security, dont try and do secure connections at a public hotspot.

i might be there, and i might bee leaching your cool files.

oh, and i do leave my calling card to anyone i access.

i leave a txt file expla>

Reply to
agent10029

If they can find the AP then they can find you. You have to be within a few hundred feet and any wireless detector can identify your notebook in operation.

Reply to
Iceman

Well, if you can trust HotSpotVPN, and your firewall is any good, then you are pretty much covered, aren't you? In the end, you aren't really connected _to_ the AP, but are tunneling _thru_ it, and there's nothing for The Bad Ones to see.

Reply to
William P.N. Smith

But he said they were using VPN.

Now if the feds were smart they'd shut down all wireless at airports. It would piss a lot of peeps off, but.......

Reply to
Iceman

Perhaps you just wonder if I am pretty much covered. Why do you care?

-- Lady Chatterly

"A bot it may be, but somebody set it up in the first place. They don't just wander around like viruses." -- Aetyr

Reply to
Lady Chatterly

It's a good thing we've got NSA/FBI field agents to troll iCafes with their AES cracking man-in-the-middle script kiddie apps. Now that you've blown Rijndael wide open

formatting link
what's the next stunt you'll pull with your SGI Altix 3700 Bx2 laptop?

-Gary

Reply to
Gary

Bah-humbug. Ye software hackers are all the same. Always attacking a system at its strongest point (firewall and encryption) while totally ignoring blatantly vulnerable hardware points of access. Ask competent burglar if they spend minutes tinkering with the latest high security door lock, or if they prefer to just bypass the door and proceed with the theft.

For example, most modernish laptops have exposed USB ports. No cover, no protective interlocks, no authentication. On a Windoze laptop, plug a USB storage device into the USB port. Plug-n-play will automagically recognize it as valid device, add ATA drive emulation, and run AUTORUN.INF with the permissions of the user. If they're logged in as an administrator equivalent, then you have total control.

AUTORUN.INF runs a "root kit" like script that consists mostly of registry changes and perhaps adds some spyware. I recently demonstrated a rather simplistic version of this attack. About 30 seconds from start to cleanup on the initial run, most of which was plug-n-play doing its thing. About 10 seconds after that. Yeah, it leaves evidence of entry behind but most people wouldn't notice. While agent10029 is passing his captured VPN session to his trojaned collection of online grid computers for a parallel attack on the key, I've got what I want with a $15 USB dongle in 30 seconds.

The same approach can be done via firewire, with a floppy disk (much slower), via CF card in a PCMCIA slot (very fast), via the ethernet port (much more complex), or via Bluetooth (I haven't tried that yet).

So far, my only real problem is that I like to grab users Outlook PST files because most users like to store their passwords, account numbers, and such in email. Grab the old email, and they're mine. The problem is that Outlook PST files tend to gargantuan. 200-800 MBytes is typical. That doesn't fit on my cheapo USB dongle and takes forever. I guess the best protection against my hacking is bloated Microsoft data files. Sigh.

Anyway, if you really want to worry about security, never mind firewalls, encryption, wireless, and and software. Worry about exposed hardware.

Reply to
Jeff Liebermann

[snip]

When it comes to attacks, the easiest way is ... geesh; the easiest. Have customers that want to secure thier network, whether wired or wireless and attempt to spend, spend, spend for software solutions. I usually make my presents known when I tell them:

"It takes to long to get in via the Internet for stealing data. It is much easier to break into the location and take the whole network", along with "Social engineering is also far much easier to gain access. If you want secure, you not only need to secure your network, but secure your hardware and your people."

Sure, they need to have data that is worthwhile to steal. Had a customer claim that I couldn't get into his network from anywhere... geesh -> 3 minutes with floppy and I could have trashed the whole nine yards.

todh

Reply to
OldGuy

All of which relies on the user leaving their machine unattended. Anyone leaving a notebook unattended in a public place has bigger risks that having data stolen, they risk having the machine with the data in it stolen.

You would only ever have physical access to any of my machines without my presence in my office, in my home, or in the house of someone I trust. Only employees go to the part of the office where my hardware is (we are small enough for everyone to recognise everyone else) and strangers don't get left unattended at home.

So you have a negligible chance of applying your chosen attack method on any of my machines unless you engage a thief and steal the machines first.

Reply to
Flash Gordon

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.