While in Texas last time the hotel I was in did not have broadband and the best connection I could get way 24.4 via dial-up. After suffering for 2 days I slapped my forehead and plugged in my WiFi card. What blew me away was out of the 5 or so SSID that showed up being available with good signal strength 3 of them where unsecured. I did not feel comfortable using them but was shocked to find that many un-secure. Companies have realized WiFi in the office is a big problem if not setup correctly and are actually setting up honeypots that will counterattack hackers probing their networks. [Ars Technica]
2 Comments
Comments are closed.
Whenever using any open wireless network, one should only use encrypted services. SSH Tunnel’s are a great way to protect services like POP and SMTP or use a VPN. If you aren’t tunneled or VPN’d make sure log into webmail/web services via https.
I worry less about Honeypots if you aren’t doing anything wrong, and if someone is monitoring your use, encryption will keep your packets clear.
I am one of those people who support making your wireless open to the public (for internet access). All wireless nodes that I have set up have been open with no WEP. In order to get to your internal resources I either: a) set up a ‘captive portal’ and require a secure login (https) that sets your IP address as a “allow only”. Then the router will let your packets through to internal resources. 2) have a VPN server, and have people VPN to access their corporate resources. This has a great side effect. It is the same software/solution for getting into their internal resources regardless of what wireless internet connection they are using.
To clarify, no wep doesn’t mean full open internet access for guest, Only certain ports are allowed (and not SMTP so someone can’t spam through the access).
I know someone who was leeching off someone’s unsecured network for the best part of a week. After a while, he started feeling guilty, and sent the guy a message via his printer to install some form of firewall.