Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking
Airport Menace: The Wireless Peeping Tom
It never fails that something interesting happens to me at the airport. I've even met some famous people during my travels. A few months ago, I ran into Frank Bielec, from the TLC show, Trading Spaces. But one of my favorite things to do at the airport is browse the wireless Ethernet waves. I'm never really surprised at what I find. I'm just glad I know more about wireless Ethernet than the average road warrior.
The Dangers Of Ad-Hoc Wireless Networking
However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of.
A wireless Ad-Hoc network allows you to communicate with other wireless Ethernet systems without using a wireless access point. It's kind of a peer to peer configuration and it works rather well. The problem is, most people just set it up, and forget about it. At home, it's not a huge problem, but when your on the road, it could cause you a great deal of grief. The airport is probably the best place to find Ad-Hoc networks. Business men and women, delayed once again, power up their laptops and get to work completing the days tasks, or planning tomorrows agendas.
I can't tell you how many systems I find in the airport configured this way. Not just in the terminal, but on the plane. About three months ago, just after we reached cruising altitude and were allowed to use our "approved electronic devices", I found that the gentleman two seats up from me had a laptop configured as Ad-Hoc. He walked by me about ten minutes later and commented on how much he liked my laptop. I thanked him, and asked if his laptop was on, and configured to use wireless Ethernet, he said yes.
To make a long story short, I showed him that I could see his laptops wireless Ethernet and informed him of the danger. He asked me if I could access his hard drive, and I told him that it might be possible. He asked me to see if I could, so I obliged. After configuring my laptop to use the same IP address class as his, and typing "net use * hiscomputersIPAddressc$ "" /USER:administrator", I received a notice that the connection was successful and drive Z: was now mapped to his computer. I performed a directory listing of his hard drive and the guy almost had a heart attack!
After this, he moved up to the seat next to mine and we spent the next hour or so configuring his laptop securely, starting with securing his computers local administrator account. At one point during the configuration, he made the statement that I got real lucky because his local admin account did not have a password. My response to him was, I get lucky quite often.
Who Else Has Your Client List
The fact is, whether it be "Infrastructure Mode", or "Ad-Hoc" wireless Ethernet communications, if not properly configured and secured, can pose a significant risk. There are thousands of articles on the Internet about the dangers of improperly configured wireless networks, yet the number of unsecured networks seems to be getting greater, not less.
Strength And Posture Does Reduce Your Risks
When I perform security assessments, I create a list of potential targets, and potential methods of compromise. I then prioritize that list by which system, with a particular vulnerability, may be easiest to compromise. Those at the bottom of the list typically never come on my radar screen; the best scenario it to keep of the radar altogether.
1. Above all, make sure all your user accounts have strong passwords, especially those that have administrative control over your system;
2. Configure your wireless network to use some sort of encryption. I know there is a lot of concern about the "crackability" of WEP, but if this is all you have to work with, and then use it. It is still helpful;
3. If possible, use MAC addresses filtering to restrict unwanted systems from attaching to your wireless network;
4. Make sure the firmware for your AP's and wireless Ethernet cards are up to date. These updates can be found on your card or AP's support site.
Remember, if you are compromised over your wireless network it can be near impossible to track down where the attack came from. Worse yet, think about how many systems become compromised, and no one ever knows it?
About The Author
Skills Shortage and Integration Challenges Halt Cybersecurity Adoption Security Boulevard
Rackspace Hosted Exchange Outage Due to Security Incident Search Engine Journal
Cyber Safety Review Board to Conduct Second Review on Lapsus$ Homeland Security
Union Tells Pilots To Use Regular Security Lines, To Delay Flights And Prove A Point - One Mile at a Time
Union Tells Pilots To Use Regular Security Lines, To Delay Flights And Prove A Point One Mile at a Time
Iran Accuses ‘Enemies’ Of Funding Protesters To Harm Security ایران اینترنشنال
Comprehensive regional security and the future order in Asia East Asia Forum
DHS Issues National Terrorism Advisory System (NTAS) Bulletin Homeland Security
Politician Urges Iran's Top Security Man To Change Constitution ایران اینترنشنال
This Week in Apps: The year’s best apps, Twitter rival Hive’s security woes, App Store backlash grows - TechCrunch
This Week in Apps: The year’s best apps, Twitter rival Hive’s security woes, App Store backlash grows TechCrunch
U.S., French Presidents State Support for Ukraine, Global Security Department of Defense
Climate Security and Energy Security Must Go Hand-in-Hand International Monetary Fund
Federal audit calls out managers, contractor at Nevada National Security Site – The Nevada Independent - The Nevada Independent
Federal audit calls out managers, contractor at Nevada National Security Site – The Nevada Independent The Nevada Independent
Chinese security firm advertises ethnicity recognition technology while facing UK ban - The Guardian
FACT SHEET: Biden-Harris Administration Announces Expansion of Global Health Security Partnerships and Releases Annual Progress Report - The White House
FACT SHEET: Biden-Harris Administration Announces Expansion of Global Health Security Partnerships and Releases Annual Progress Report The White House
USENIX Security ’22 – Christine Geeng, Mike Harris, Elissa Redmiles, Franziska Roesner ‘Like ... - Security Boulevard
USENIX Security ’22 – Christine Geeng, Mike Harris, Elissa Redmiles, Franziska Roesner ‘Like ... Security Boulevard
Energy Security Support to Ukraine - United States Department of State Department of State
12/4/22 National Security and Korean News and Commentary smallwarsjournal
TSA is adding face recognition at big airports. Here’s how to opt out. The Washington Post
Explainer: Hong Kong's national security crackdown – month 29 Hong Kong Free Press
Anderson woman provides warmth, security to victims of sexual assault The Herald Bulletin
1Password unveils 'sign in with' browser extension feature Help Net Security
A Complete Guide to SSL Cipher Suites Security Boulevard
Texans coach Lovie Smith: 'I have never worried about my job security' Houston Chronicle
Iranian security forces kill anti-government protester celebrating World Cup defeat, rights group says - CNN
Iranian security forces kill anti-government protester celebrating World Cup defeat, rights group says CNN
National Security Memorandum on Strengthening the Security and Resilience of United States Food and Agriculture - The White House
National Security Memorandum on Strengthening the Security and Resilience of United States Food and Agriculture The White House
HWG CASH ENHANCED FEATURES FROM LIGHTNET PROVIDES MORE COVERAGE, SECURITY, COMPETITIVE RATE, LOCAL CURRENCY SETTLEMENT & SPEED - Yahoo Finance
HWG CASH ENHANCED FEATURES FROM LIGHTNET PROVIDES MORE COVERAGE, SECURITY, COMPETITIVE RATE, LOCAL CURRENCY SETTLEMENT & SPEED Yahoo Finance
Diplomatic Security Service Leads U.S. Security at the World Cup - United States Department of State - Department of State
Diplomatic Security Service Leads U.S. Security at the World Cup - United States Department of State Department of State
Topic: Call List for Traffic Control and Security Officers (Armed and Unarmed) | West Seattle Blog... - West Seattle Blog
Topic: Call List for Traffic Control and Security Officers (Armed and Unarmed) | West Seattle Blog... West Seattle Blog
China is a growing threat to national security, U.S. companies and American workers, U.S. Commerce Secretary Raimondo says - CNBC
China is a growing threat to national security, U.S. companies and American workers, U.S. Commerce Secretary Raimondo says CNBC
France Prefers Headlines to Results Center for European Policy Analysis
European security org faces existential crisis at meeting The Associated Press - en Español
‘I felt nothing but safe’: Fans react to security presence in Downtown Atlanta for SEC Championship - WSB Atlanta
‘I felt nothing but safe’: Fans react to security presence in Downtown Atlanta for SEC Championship WSB Atlanta
Everything About Software Publisher Certificates Security Boulevard
Press Briefing by Press Secretary Karine Jean-Pierre and National Security Council Coordinator for Strategic Communications John Kirby - The White House
Press Briefing by Press Secretary Karine Jean-Pierre and National Security Council Coordinator for Strategic Communications John Kirby The White House
Ukraine conflict – day 284: Macron says West should address Russia security demands in peace talks - CGTN
Ukraine conflict – day 284: Macron says West should address Russia security demands in peace talks CGTN
Exclusive: World Cup soccer fans stopped by security officials for wearing rainbow-colored items - CNN
Exclusive: World Cup soccer fans stopped by security officials for wearing rainbow-colored items CNN
TSA sees 'concerning' rise in number of firearms at security checkpoints – and most are loaded - CNBC
Homeland Security Secretary Mayorkas says he's not quitting as Republicans prepare to escalate attacks against him - CNN
Homeland Security Secretary Mayorkas says he's not quitting as Republicans prepare to escalate attacks against him CNN
Statement from DHS on Decision Regarding Title 42 Homeland Security
UN official calls on Security Council to support a 'secure, peaceful and prosperous Sahel' - UN News
After receiving death threats: Security detail to protect officer who killed terrorist - Arutz Sheva
The national security grounds for investigating Musk’s Twitter acquisition Brookings Institution
Press Gaggle by Press Secretary Karine Jean-Pierre and National Security Advisor Jake Sullivan En Route Phnom Penh, Cambodia - The White House
Press Gaggle by Press Secretary Karine Jean-Pierre and National Security Advisor Jake Sullivan En Route Phnom Penh, Cambodia The White House
Ohio awards nearly $58 million for security upgrades to over 700 schools: See if your child's school is on the list - WKYC.com
Ohio awards nearly $58 million for security upgrades to over 700 schools: See if your child's school is on the list WKYC.com
$400 Million in Additional Assistance for Ukraine > U.S Department of Defense
New attacks use Windows security bypass zero-day to drop malware BleepingComputer
Retailers Install Security Cameras, Steel Cables as Stores Brace for Holiday Crime Wave - Washington Free Beacon
Retailers Install Security Cameras, Steel Cables as Stores Brace for Holiday Crime Wave Washington Free Beacon
McCarthy Threatens Impeachment of Biden’s Homeland Security Chief Washington Free Beacon
Target security guard fatally shoots person after 2 people were stabbed, including a child, in 'unprovoked' attack, L.A. police say - NBC News
Target security guard fatally shoots person after 2 people were stabbed, including a child, in 'unprovoked' attack, L.A. police say NBC News
NSA Releases Guidance on How to Protect Against Software Memory Safety Issues - National Security Agency
NSA Releases Guidance on How to Protect Against Software Memory Safety Issues National Security Agency
Disneyland Malware Team: It's a Puny World After All – Krebs on Security Krebs on Security
Trump's motive in Mar-a-Lago case seen as ego, not money The Washington Post
Money Mule Email Scam Hits U.S.
Imagine this - you open up your email box and an international company is offering you a dream job - you can be an agent for them - a financial intermediary - receiving payments for them and transferring money to them, and, naturally, keeping a commission on each transaction.There's no investment, no money required.
Top Five Online Scams
The top five online scams on the Internet hit nearly ten million people last year according to an FBI report in December 2004. That figure doubled from 2003 to 2004 and people are continuing to fall for these email and identity theft scams.
DOS Attacks: Instigation and Mitigation
During the release of a new software product specialized to track spam, ACME SoftwareInc notice that there was not as much traffic as they hoped to receive. During furtherinvestigation, they found that they could not view their own website.
Delete Cookies: New-Age Diet or Common Sense Internet Security?
No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet. It's about cookies on your computer - what they are, why they are there, and what to do about them.
Preventing Online Identity Theft
Identity theft is one of the most common criminal acts in society today. Criminals will use your personal information such as banking accounts and passwords, to pretend that they are you.
Wells Fargo Report Phishing Scam
First off I should explain what phishing is. Phishing is basically the act of tricking a victim into divulging information.
Make Money Online - Latest Scam Disclosed
Before we start, I want to make it clear that this article is about scammers that affect people who make money online by selling digital products, like e-books, software, etc. and have a refund policy, because we have a rather long way until the end and, if you are selling physical product or you money online through affiliate programs that don't involve a refund policy it's probably just a waste of time.
Phishing - Learn To Identify It
Phishing: (fish'ing) (n.)This is when someone sends you an email falsely claiming to be a legitimate business - like your bank or credit card company - in an attempt to scam you into giving them your personal, private information that they can use to access your accounts.
Can I Guess Your Password?
We all know that it's dangerous to use the same password for more than one program. If you sign up for a program run by someone of low moral fibre, what is to stop them running through various programs with your username and password to see what they can access? But of course remembering all the different passwords can be a headache.
Top Spyware Removers Considerations
Only the top spyware removers are successful at detecting and removing spyware and adware from your computer. You should look for complete protection against these threats: spyware, adware, keyloggers browser hijackers and Remote Access Trojans.
How to Know Whether an Email is a Fake or Not
A few nights ago I received an email from "2CO" asking me to update my personal data. The sender did not forget to insert a link to log in, too.
If You Sell Anything Online Your ePockets Are Being Picked
You and I are a lot alike. We are both software publishers and eBook authors getting hosed on a regular basis.
The Risk Of Electronic Fraud & Identity Theft
Electronic Fraud and Identity Theft-----------------------------------Human beings are pretty sensible when presented with an imminent threat or risk. That is, if it's staring us directly in the face.
Phishing, Fraudulent, and Malicious Websites
Whether we like it or not, we are all living in the Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living.
New Mass Mailing Spamming Internet Trojan for the Windows Platform
May. 16th 2005 - MicroWorld has reported the discovery of Troj/Sober-Q, which is a mass mailing spamming internet Trojan for the Windows platform.
Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking
Airport Menace: The Wireless Peeping Tom----------------------------------------As a network security consultant, I travel quite frequently. At times, it seems like the airport is my second home.
5 Tips For An Unbreakable Password
Despite the current wave of identity theft and corporate security breaches it's amazing how very few people treat their passwords with any level of seriousness. Most computers users, both at home and in the office, see passwords as a nuisance and therefore make them as easy to remember as possible.
Spyware symptoms happen when your computer gets bogged down with spyware programs running in the background without your knowledge. Spyware, adware, malware and even spamware can cause your computer to behave very strange.
Spyware is Not Like a Nosy Neighbor
Remember the television show about the nosy neighbor Mrs. Kravitzalways peeking out her window or over the fence, sometimes evenknocking on the door just to find out what was going on in herneighborhood? If you don't wait a month or so and the DVD orthe movie will be out.
Viruses and Worms: The Problems and Their Solutions
History and BackgroundThe virus was one of the first ever threats to computer security. It brought a whole new fear upon computer users.
|home | site map|