what info can be gathered

fsan · 01-06-2005

Assuming that filesharing is turned off and you access an AP (say at a hotel)
what info can be gathered about you? other than what you could call "history"
info.. like the sites you visit. please keep any answers simple (as i'm still learning) and what that info might tell someone.

Thanks for any help!

streaker69 · 01-06-2005

Quote:

Originally Posted by fsan

Assuming that filesharing is turned off and you access an AP (say at a hotel)
what info can be gathered about you? other than what you could call "history"
info.. like the sites you visit. please keep any answers simple (as i'm still learning) and what that info might tell someone.

Thanks for any help!

Every single packet that is exchanged between your machine and the AP could be captured, read and used against you in a court of law.

Thorn · 01-06-2005

Depending on the skill level of the intruder, and how well you understand security, and how your laptop is configured, the answer ranges from "nothing" to "anything on your hard drive."

File sharing is just one small part of one area of networking. Turning it off is a start, not the end. You have to start looking at any number of other things like FTP services, firewalls, and TCP ports. Start reading up on security if this is a concern.

Thorn · 01-06-2005

Maybe I misread this. Since you asked about file sharing and being on a hotel network, my thinking was that your concern lay in being a user concerned about someone coming into your machine. Now that I reread it, I'm not sure.

Are you concerned as a user on the network being accessed by someone else, or are you worried about outgoing info being tracked?

itsnotme · 01-06-2005

I'm wondering if he means what programs he uses, what OS he has, and what actions he does on the computer while in the hotel itself.

(At least thats what I understood from his post.)

G8tK33per · 01-06-2005

Quote:

Originally Posted by fsan

Assuming that filesharing is turned off and you access an AP (say at a hotel)
what info can be gathered about you? other than what you could call "history"
info.. like the sites you visit. please keep any answers simple (as i'm still learning) and what that info might tell someone.

Thanks for any help!

How's this for simple:

1) Use the f*cking shift key.
2) Don't surf pr0n at hotels.

...frickin' troll.

Monitr7 · 01-07-2005

Quote:

Originally Posted by G8tK33per

How's this for simple:

1) Use the f*cking shift key.
2) Don't surf pr0n at hotels.

...frickin' troll.

And what's wrong with surfing p0rn at hotels?

The Others · 01-07-2005

Quote:

Originally Posted by Monitr7

And what's wrong with surfing p0rn at hotels?

Any true geek can get it for free off the hotel TV

Dutch · 01-07-2005

Quote:

Originally Posted by Monitr7

And what's wrong with surfing p0rn at hotels?

Wrong question... What's wrong with surfing p0rn, Full Stop.

Dutch

Dutch · 01-07-2005

Quote:

Originally Posted by The Others

Any true geek can get it for free of the hotel TV

True Geeks™ are to busy drooling over the receptionist, to watch the hotel TV.

Dutch

Monitr7 · 01-07-2005

Quote:

Originally Posted by The Others

Any true geek can get it for free off the hotel TV

please explain... i am looking for free p0rn... i have tried using my neighbor's access poynt thing, but they have something on it called wep and i think thats not letting me connect... any help please? i will share p0rn that i find... lol

beakmyn · 01-07-2005

Quote:

Originally Posted by The Others

Any true geek can get it for free off the hotel TV

Yeah, but after 10 minutes the channel automatically scrambles again. What a pain in the ass. Unless you know a better way PM me

If you're going to be on a Hotel network using your business computer then anything you do is subject to logging and compromise. So if you logging into your email they can see your username, password, and email. If your surfing the internet they can all the pages. With the product IRIS they don't have to look at packet dumps as this program puts the packets back together so they see what you see.

Although you may have file sharing turned off there's still other ways to get into your computer. A determined criminal would hijack your connection and inject a program into your packet stream that would allow them entry. This assumes Internet Explorer is your browser of choice.

Or if they're really devious they could see that your using email then impersonate you onto your corporate network, whereby they could send you an email that appeared to be coming from the Hotel and attach a "security" (Trojan Horse) program that they say you must run in order to secure your connection.

The list goes on.

fsan · 01-07-2005

Thanks for the replies that were responding to my question.
Since a few asked, my reason for asking was just wondering what info could be obtained about who was using the AP. From the info you folks have given it seems that the only info likely to be gotten would be all the content received/sent -possibly email address (if you checked your email) and not much else? (without a determined attacker)
So a coffee shop might know everywhere your surfing but not WHO is doing it
unless you give them the info by checking email or such. It would seem to be
difficult then to build a database of people that have used their system.

nashr · 01-07-2005

Quote:

Originally Posted by fsan

Thanks for the replies that were responding to my question.
Since a few asked, my reason for asking was just wondering what info could be obtained about who was using the AP. From the info you folks have given it seems that the only info likely to be gotten would be all the content received/sent -possibly email address (if you checked your email) and not much else? (without a determined attacker)
So a coffee shop might know everywhere your surfing but not WHO is doing it
unless you give them the info by checking email or such. It would seem to be
difficult then to build a database of people that have used their system.

If you're talking about a database of people using the system, then I assume you mean gathering data over time. It could be done, but why would a typical wifi cafe bother? Unless the FBI/CIA or some other nameless three-letter-agency is trying to track down the latest spammer, there would be no payoff. Further, most wifi cafes don't have the know-how or support staff to manage something like this.

Simple answer, unless there's a geek on staff (or in the customer crowd) I don't think this is a high risk. Now, having said that, I do enjoy being a packet voyeur at my favorite wifi cafe sometime.

Hmmm, packet-voyeur... have I just invented a new fetish? LMAO - how about war-voyeur?

streaker69 · 01-07-2005

Quote:

Originally Posted by fsan

Thanks for the replies that were responding to my question.
Since a few asked, my reason for asking was just wondering what info could be obtained about who was using the AP. From the info you folks have given it seems that the only info likely to be gotten would be all the content received/sent -possibly email address (if you checked your email) and not much else? (without a determined attacker)
So a coffee shop might know everywhere your surfing but not WHO is doing it
unless you give them the info by checking email or such. It would seem to be
difficult then to build a database of people that have used their system.

Don't be so sure about that statement. It would depend upon how determined they are to build a database. They could log your MAC address which is unique only to your NIC, not duplicated anywhere unless it's spoofed by a hacker. Once you log on, they could write a script that could run an NBTSTAT of your machine if it's a winders machine then it would return your computer name, workgroup and the current user logged in. Someone who's determined can get the information.

NEVER use a unecrypted public AP to transfer personal data. You don't know who is listening to the transmission.

Remember, the data you save, could be your own.

01-06-2005	#1 (permalink)
fsan Registered Member Join Date: Dec 2004 Posts: 9	what info can be gathered Assuming that filesharing is turned off and you access an AP (say at a hotel) what info can be gathered about you? other than what you could call "history" info.. like the sites you visit. please keep any answers simple (as i'm still learning) and what that info might tell someone. Thanks for any help!

01-06-2005	#3 (permalink)
Thorn Did you do the math? Join Date: Apr 2002 Location: Villa Straylight Posts: 10,084	Depending on the skill level of the intruder, and how well you understand security, and how your laptop is configured, the answer ranges from "nothing" to "anything on your hard drive." File sharing is just one small part of one area of networking. Turning it off is a start, not the end. You have to start looking at any number of other things like FTP services, firewalls, and TCP ports. Start reading up on security if this is a concern. __________________ Thorn "I'm The Doctor. I'm a Time Lord. I am from the planet Gallifrey in the constellation Kasterborous. I'm 903 years old and I am the man who is going to save your lives and all 6 billion people on the planet below... You got a problem with that?"

01-06-2005	#4 (permalink)
Thorn Did you do the math? Join Date: Apr 2002 Location: Villa Straylight Posts: 10,084	Maybe I misread this. Since you asked about file sharing and being on a hotel network, my thinking was that your concern lay in being a user concerned about someone coming into your machine. Now that I reread it, I'm not sure. Are you concerned as a user on the network being accessed by someone else, or are you worried about outgoing info being tracked? __________________ Thorn "I'm The Doctor. I'm a Time Lord. I am from the planet Gallifrey in the constellation Kasterborous. I'm 903 years old and I am the man who is going to save your lives and all 6 billion people on the planet below... You got a problem with that?"

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

01-06-2005	#5 (permalink)
itsnotme Dumbass checker Join Date: Sep 2002 Location: Somewhere below Lake Ontario Posts: 1,076	I'm wondering if he means what programs he uses, what OS he has, and what actions he does on the computer while in the hotel itself. (At least thats what I understood from his post.)

01-07-2005	#13 (permalink)
fsan Registered Member Join Date: Dec 2004 Posts: 9	Thanks for the replies that were responding to my question. Since a few asked, my reason for asking was just wondering what info could be obtained about who was using the AP. From the info you folks have given it seems that the only info likely to be gotten would be all the content received/sent -possibly email address (if you checked your email) and not much else? (without a determined attacker) So a coffee shop might know everywhere your surfing but not WHO is doing it unless you give them the info by checking email or such. It would seem to be difficult then to build a database of people that have used their system.