Security on the client side while using hotspots

HotSpot here, HotSpot there. All you need to know about HotSpots

Security on the client side while using hotspots

Postby siliconjunkie » Thu Sep 30, 2004 1:33 pm

In surfing the various wireless-related forums on the web, when discussing the topic of wireless security, most conversations seem to focus on AP security (and rightly so, I suppose). What I am curious about is security on the client side of things.

There are a lot of places in my area that offer free wireless access to their customers (many coffeeshops, several bars, and even a few laundamats). Most of these places allow this access via a wide open (no WEP) AP.

My concern is that without at least WEP in the mix, what is there to stop some "31337 haX0r" from sitting in the corner sipping a cappuchino with a laptop running an 802.11b sniffer and having him grab, say, my POP3 password or my netstumbler.org forums password when i login?

The soulution I have come up with for now is to set up my Win2K box at home to recieve VPN connections, and then after establishing the 802.11b connection while at a free hotspot, I then create a secure tunnel through the VPN at my house. I then surf through that, but as you can imagine, there is quite a performance hit compared to simply connecting to the insecure AP and surfing.

So the questions I am posing to the community here are:

1) Is what I described above the best method of securing myself on the client side of things? When I say "best", I mean not only security-wise, but performance-wise (i understand that being more secure when using public APs will require some amount of performace loss (like VPNing) or inconvenience (changing firewall settings, etc...)

2) If not, what do you suggest? (I would love to know about some kind of software package that is designed to address wireless security on the client side of things, but maybe there is something else I am missing?

3) Am I being too "tinfoil" hattish (ie: am I making a mountain out of a mole hill in regards to worrying about someone sniffing traffic at free APs or am I misunderstnading the security risks)?
User avatar
siliconjunkie
 
Posts: 8
Joined: Tue Sep 03, 2002 9:00 am

Postby renderman » Thu Sep 30, 2004 2:52 pm

Your being tinfoil hat enough. You never know what sort of crap people are doing. One of my guilty pleasures is to run driftnet and dsniff in the background (/dev/null'd of course) and just see what goes by.

Regular web surfing is'nt a big issue if it's for sports scores and news, unless you start going to sites requiring authentication. I'd tunnel everything I could that needed authentication (email, secure sites, etc) through the tunnel home. The performance hit is well worth the safety. Though you might want to consider some level of security that it's actually *your* box your connecting to and not a man-in-the-middle (airsnarf)

There's not really much you can do in terms of 3rd party security other than a VPN since a public hotspot by definition needs to be open.

My road connecting setup is: Firewalled laptop, ssh tunnel to home system with S/KEY one time passwords, do everything on remote workstation using VNC tunneled over SSH. The only traffic is in the SSH tunnel :)
User avatar
renderman
 
Posts: 1867
Joined: Thu Jun 06, 2002 5:29 pm
Location: Anywhere but Utah

Postby PaPPy » Thu Sep 30, 2004 2:55 pm

siliconjunkie wrote:3) Am I being too "tinfoil" hattish (ie: am I making a mountain out of a mole hill in regards to worrying about someone sniffing traffic at free APs or am I misunderstnading the security risks)?



Have you ever seen the movie "the core"??? Its been done many of times. and unless you have some way to encrypt ur info leaving your and decrypted on the server/website, anyone running a sniffer program will capture it all. So security or performance?
PaPPy
 
Posts: 77
Joined: Sat Sep 18, 2004 9:02 pm
Location: Japan

Postby audit » Thu Sep 30, 2004 4:32 pm

try http://anonymizer.com/index.cgi

That's what I use to tunnel http traffic when traveling, it's cheap and just works.
User avatar
audit
 
Posts: 1945
Joined: Mon Aug 19, 2002 3:00 am
Location: In the Octagon

Postby peekitty » Thu Sep 30, 2004 7:00 pm

siliconjunkie wrote:In surfing the various wireless-related forums on the web, when discussing the topic of wireless security, most conversations seem to focus on AP security (and rightly so, I suppose).
You're absolutely correct, client side security is not addressed much. Another aspect of that is that when you join a public hotspot, you also open yourself up to active attacks on your local machine. It's good that software firewalls are almost ubiquitous - which comes back to why client side security is not frequently discussed. The circle of life continues..
User avatar
peekitty
 
Posts: 1054
Joined: Wed Sep 04, 2002 6:14 am
Location: S. Florida

Postby siliconjunkie » Thu Sep 30, 2004 8:04 pm

renderman wrote:Though you might want to consider some level of security that it's actually *your* box your connecting to and not a man-in-the-middle (airsnarf)
THATS the type of thing that creeps me out. The whole AirPWN thing got me concerned with connecting at public spots...the idea of someone intercepting HTTP traffic at a public hotspot and injecting goatse jpgs is one thing, but potentially intercepting and redirecting what i believe to be TUNNELED traffic is totally scary. I have my VPN settings configured to a particular IP address, and also set to drop any connection which isnt encrypted and I have a software firewall installed. Beyond that, I'm not exactly sure what other steps I can take to ensure a secure connection.


You know, I never thought about that. I always thought that Anonymizer just provided anonymous surfing, I didn't realize that their paid service also provided SSL. Thanks for the info. How is the latency on the service (the free service seems to lag a bit)?


peekitty wrote:It's good that software firewalls are almost ubiquitous
Yeah, firewalls help to some degree, but I'm more worried about somebody just sniffing my packets right out of the air than I am them "breaking into" my machine per se.
User avatar
siliconjunkie
 
Posts: 8
Joined: Tue Sep 03, 2002 9:00 am

A few more resources

Postby siliconjunkie » Wed Oct 06, 2004 3:47 pm

For any of you out there following this thread who are interested in a bit more security when using public wifi i found 2 sites that offer free HTTPS proxies that are useful for encrypting your surfing when using a network whos security you cannot verify:

The Cloak is a cool site that offers both free and paid services. The HTTPS service uses 256 bit encryption. The service is transparent (links on surfed pages are recoded to direct you thru the proxy) and there are no ads (which is nice) but free users are subject to a limited about of data transfer during a given time period (this varies based on traffic at the time). I had no problem checking mail and surfing slashdot and a few news sites before I used up my freebie time for the 5 hour period. It was also VERY fast (i noticed almost no difference between using the proxy and not)

Proxify is a cool one as well. Free usage is not as limited as The Cloak, but you will be forced to view some ads at the top of every proxied page.
User avatar
siliconjunkie
 
Posts: 8
Joined: Tue Sep 03, 2002 9:00 am

Postby biolizard89-2 » Sat Nov 06, 2004 4:12 am

siliconjunkie wrote:For any of you out there following this thread who are interested in a bit more security when using public wifi i found 2 sites that offer free HTTPS proxies that are useful for encrypting your surfing when using a network whos security you cannot verify:

The Cloak is a cool site that offers both free and paid services. The HTTPS service uses 256 bit encryption. The service is transparent (links on surfed pages are recoded to direct you thru the proxy) and there are no ads (which is nice) but free users are subject to a limited about of data transfer during a given time period (this varies based on traffic at the time). I had no problem checking mail and surfing slashdot and a few news sites before I used up my freebie time for the 5 hour period. It was also VERY fast (i noticed almost no difference between using the proxy and not)

Proxify is a cool one as well. Free usage is not as limited as The Cloak, but you will be forced to view some ads at the top of every proxied page.


Or, if you don't want to see ads or pay anything, just use an SSL CGIProxy. There are tons floating around on the Internet.
http://www.zensur.freerk.com/#4.5.3
I'm a total n00b, so don't flame me if I'm being an idiot.
biolizard89-2
Mini Stumbler
 
Posts: 6
Joined: Sat Sep 25, 2004 10:18 am

Postby Josh208 » Sat Nov 06, 2004 12:45 pm

biolizard89-2 wrote:Or, if you don't want to see ads or pay anything, just use an SSL CGIProxy. There are tons floating around on the Internet.
http://www.zensur.freerk.com/#4.5.3
I'm a total n00b, so don't flame me if I'm being an idiot.


No flame... and I wouldn't call you an idiot, but this hardly seems like a good idea to me. It appears as though anybody could set up their own proxy and advertise it here. What's to stop them from snooping the traffic of their users? If security is the goal, I'd stick with well known/trusted providers.
Josh208
Mini Stumbler
 
Posts: 1
Joined: Sat Nov 06, 2004 12:35 pm

Postby L Y R » Fri Jan 14, 2005 3:46 am

renderman wrote:Regular web surfing is'nt a big issue if it's for sports scores and news, unless you start going to sites requiring authentication. I'd tunnel everything I could that needed authentication (email, secure sites, etc) through the tunnel home. The performance hit is well worth the safety. Though you might want to consider some level of security that it's actually *your* box your connecting to and not a man-in-the-middle (airsnarf)

There's not really much you can do in terms of 3rd party security other than a VPN since a public hotspot by definition needs to be open.

My road connecting setup is: Firewalled laptop, ssh tunnel to home system with S/KEY one time passwords, do everything on remote workstation using VNC tunneled over SSH. The only traffic is in the SSH tunnel :)


Not sure what all the fuss is about, if you are connecting to an SSL web page which most password and sensetive pages are, your data is encrypted. while traveling over wireless or wired it makes no difference, Just like a sniffer can pick up information traveling in the air, so can a man in the middle pick up information over the core internet. Wireless aspect makes it all the more public and accessable, thought not more breakable.

Advice is]Always [/B]update your antiviruses, always update your OS patches. enable your soft firewall, and ONLY give senstive data over CERTIFIED and secure SSL pages. As with Filesharing, I would not advise that in a coffeshop, unless its not sensitive data

Am I missing something, Because I hear all the hype, yet I have not yet seen a case where passwords have been decrypted over the air while traveling to an SSL destination. But believe me the day SSL is cracked, we either have to move like lightning to 256k encryption, or Game over for Internet as we see it.
L Y R
Mini Stumbler
 
Posts: 2
Joined: Tue Jan 11, 2005 7:40 am

use 802.1x

Postby deltamind » Mon May 30, 2005 10:24 pm

and do an authentication against the server provided by Radiuz. It's free.


--------------------------------------------------------------------------
Brain M
http://www.wirelessorbit.com
deltamind
Mini Stumbler
 
Posts: 1
Joined: Mon May 30, 2005 10:17 pm

Postby Starpoint » Tue May 31, 2005 5:01 am

L Y R wrote:Not sure what all the fuss is about, if you are connecting to an SSL web page which most password and sensetive pages are, your data is encrypted. while traveling over wireless or wired it makes no difference, Just like a sniffer can pick up information traveling in the air, so can a man in the middle pick up information over the core internet. Wireless aspect makes it all the more public and accessable, thought not more breakable.

Advice is]Always [/B]update your antiviruses, always update your OS patches. enable your soft firewall, and ONLY give senstive data over CERTIFIED and secure SSL pages. As with Filesharing, I would not advise that in a coffeshop, unless its not sensitive data

Am I missing something, Because I hear all the hype, yet I have not yet seen a case where passwords have been decrypted over the air while traveling to an SSL destination. But believe me the day SSL is cracked, we either have to move like lightning to 256k encryption, or Game over for Internet as we see it.


I used to know of a company that offered hardware encryption on the NIC. Their NIC's would anything from 128 bit up to 4kbit encryption on all data at the nic.

When I find their info will post.

currently the only 256bit encrytion device I know of is dlink. they offer a 256 bit on their wifi routers.

I am sure there are more.
Against the run of the mill, static as it seems

We break the surface tension with our wild kinetic dreams
Curves and lines -- of grand designs...


Tonight's movie "Soylent Green" has been brought to you by our sponsor - Waste Management

My mind is like a Steel trap - Rusty and Illegal in most states
User avatar
Starpoint
 
Posts: 2539
Joined: Fri Apr 18, 2003 4:47 pm
Location: Houston

Postby streaker69 » Tue May 31, 2005 5:03 am

Starpoint wrote:I used to know of a company that offered hardware encryption on the NIC. Their NIC's would anything from 128 bit up to 4kbit encryption on all data at the nic.

When I find their info will post.

currently the only 256bit encrytion device I know of is dlink. they offer a 256 bit on their wifi routers.

I am sure there are more.


3com had a NIC out a couple years ago that had onboard hardware encryption. I believe they were calling it the Typhoon. I only saw one at a show in NY, but never saw one sitting on a shelf for sale anywhere, but it was probably such a specialized thing they wouldn't retail it.
Treat your gun like your genitals, only whip it out when it's absolutely necessary.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

passwords and cookies?

Postby odoyle81 » Sun Jun 12, 2005 8:29 am

L Y R wrote:Not sure what all the fuss is about, if you are connecting to an SSL web page which most password and sensetive pages are, your data is encrypted. while traveling over wireless or wired it makes no difference, Just like a sniffer can pick up information traveling in the air, so can a man in the middle pick up information over the core internet. Wireless aspect makes it all the more public and accessable, thought not more breakable.

Advice is]Always [/B]update your antiviruses, always update your OS patches. enable your soft firewall, and ONLY give senstive data over CERTIFIED and secure SSL pages. As with Filesharing, I would not advise that in a coffeshop, unless its not sensitive data


I understand the importance of using SSL when logging into banks or email. I was wondering if someone could clarify something for me though. Alot of sites uses cookies when you click on "remember me". It seems when I access the sites after doing this, it doesn't send a username or password (encrypted or otherwise), and I was wondering how this worked. I guess I don't understand how cookies are communicating with the website..

Thanks..
odoyle81
Mini Stumbler
 
Posts: 5
Joined: Sun Jun 12, 2005 8:20 am

Postby Dutch » Sun Jun 12, 2005 8:40 am

odoyle81 wrote:I understand the importance of using SSL when logging into banks or email. I was wondering if someone could clarify something for me though. Alot of sites uses cookies when you click on "remember me". It seems when I access the sites after doing this, it doesn't send a username or password (encrypted or otherwise), and I was wondering how this worked. I guess I don't understand how cookies are communicating with the website..

Thanks..

This is a freebie : http://www.google.com/search?q=how+cookies+work
Before posting again, please read all the posts in the Welcome Desk section. That might keep you out of trouble here...

Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Next

Return to HotSpots

Who is online

Users browsing this forum: No registered users and 1 guest

cron