1. Home
  2. Wireless Networking
  3. Any danger in connecting to an unsecured router?

Any danger in connecting to an unsecured router?

Need some help in understanding the vulnerabilities of using a computer to access the Internet via an unsecured router. As I understand it the computer doing the accessing uses its access point hardware to make the connection. What sort of access does the receiving computer have to folders and files on the computer that is using its router to make a connection to the Internet? Does it have the capability of tracking the places on the Internet where one goes?

The reason I ask is that I read an article where the authorities set up and used a wifi hotspot to track computer usage by walk-ups on a public street looking for illegal uses of the Internet.

Also, I have discovered an unsecured router within connect distance from my home and have used that connection to experiment. Many of us pay for more compacity than we use, and some of us do not mind sharing. But if there are dangerous security concerns about this I would like to know about them.

Tom ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In every assembly, of whatever size, passion will always steal the crown from reason. John Adams

Reply to
Tom
Loading thread data ...

In article , snipped-for-privacy@nothing.com (known to some as Tom) scribed...

With no firewall? At all?

If that is the case -- if the connection you used had no firewall protection at all, and you were connected for more than about 20 seconds

-- the chances are very high that the computer you used is already compromised. You should use a good, solid antiviral program (NOT McAfee or Symantec!) like AVG (they have a free edition) right away, as well as thoroughly scanning your system with Spybot Search & Destroy and AdAware.

If you value your system's integrity, NEVER, under ANY conditions (unless you're deliberately trying to contract something for research purposes) connect a Windows-based system to the Internet without SOME sort of hardware or software firewall in place. Period. This includes wireless access points.

This is only one of many possible trouble vectors.

Get a firewall. Period. ZoneAlarm works pretty well. So does AVG, if you're not using a VPN connection.

Happy tweaking.

Reply to
Dr. Anton T. Squeegee

I'm not sure I understand the description of your problem. I /think/ what you're asking is " if I connect to a wireless router which has no WPA/WEP or other encryption, what are the risks to me? "

Assuming this is so, first of all remember that irrespective of the encryption (or lack of) on the router:

- your PC needs to be running a firewall and AV software which is fully updated. Otherwise within minutes of connecting you will be compromised.

- you should ensure that you have no shared folders or printers which are publically visible. As far as I'm concerned that means you need to be running W2K or higher, or Linux, and to enable user-level security on shares and printers.

- your PC's OS and internet s/w should be absolutely fully patched, and you should check on a weekly basis for new patches.

As for wireless, all that the lack of encrpytion means is

- anyone else in the area could capture the traffic between you and the router, and look at it.

Provided the traffic is HTTPS that won't be useful to them. Plain http and email will be completly visible to them. Other traffic (word docs, spreadsheets. application data etc) would also be visible but obviously they'd need to know the format.

Reply to
Mark McIntyre

once you connect to the router - you are then on the local wireless LAN, along with using the wireless pipe to connect to the Internet. So - you have TWO worlds to be concerned about #1 the actual traffic to/from the Internet #2 the actual traffic that can be seen on the local wireless area

Therefore, if you have any "sharing" turned on, other local users can see your PC. If the windows sharing ports 13x are not blocked by the router, then the Internet can see your sharing.

Also, anything transmitted without SSL or VPN can be see as clear text locally.

the flip side - is the incoming traffic that can be probing or hacking your system. Without some form of blocking - not just from the Internet, but also local wireless, then others can poke around until they might find some open door to your system.

Reply to
P.Schuman

So the problem is not the unsecured wireless router but rather the insecure Windows OS. Ditch that POS.

Reply to
mr.b

Dr. Anton T. Squeegee wrote in news:MPG.1fe93c315759fc9a9896ed@192.168.42.197:

Yeah, that's what many people say, but explain, in detail, why this would be so.

I just don't see it. In this case, the AP was undoubtably a NAT router.

Reply to
DanS

False conclusion. The problem is the insecure firewall, not the OS - the same ports are used by SMB irrespective of the OS.

Reply to
Mark McIntyre

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.