Home
Main Menu
Home
News
Documents
Downloads
Links
Contact Us
Mesh Topology
Login Form





Lost Password?
No account yet? Register
NodeDB Stats
Number of nodes registered (claimed):
7 (4)
DOCMan Lister

Warning: fopen(/home/lancastermesh/public_html/administrator/components/com_docman/docman.config.php) [function.fopen]: failed to open stream: Permission denied in /home/lancastermesh/public_html/administrator/components/com_docman/classes/DOCMAN_config.class.php on line 119
File Icon Lancaster Mesh diffs (2254)
File Icon Kamikaze firmware - 2.6 kernel - wrt54g (451)
File Icon Kamikaze firmware - 2.4 kernel - wrt54gs (401)
File Icon Whiterussian firmware - wrt54gs (397)
File Icon Node DB (382)
DOCMan Most downloaded
file icon Lancaster Mesh diffs (2254)
file icon Kamikaze firmware - 2.6 kernel - wrt54g (451)
General Wireless Hotspot Security PDF Print E-mail
Written by Administrator   
Thursday, 20 April 2006

Never trust a hotspot!

Public access wireless hotspots usually have no security on them and could potentially have been set up by a less than trustworthy individual. This doesn't mean you can't use them, but you've just got to take a few precautions.

Firstly, most people will be wanting to browse the net from a hotspot and little else, this is fine as long as you bear in mind than this could be logged by the provider or snooped by anyone nearby with a little knowledge of wireless networks. Providers may snoop to ensure that illegal activities are not being performed or maybe even for marketing information, whereas snoopers could well be doing it to try and gain personal information, including bank accounts and credit card numbers. Please bear in mind that these hints should also be followed on a normal computer wired up to the internet. You are still at risk from these problems, it is just that a wireless connection is a lot easier to tap into.

The easiest way to negate this risk, is not go anywhere that needs usernames, passwords, or credit card numbers. If you are on a pay for access hotspot tho', this could be a little difficult. If you use a particular hotspot provider regularly, make sure your account is always topped up from your home computer with a wired connection directly to the internet. Sometimes this isn't possible, but precautions can still be taken. If entering any sensitive information, always make sure that your browser window has a closed padlock in the bottom right hand corner. This indicates that all traffic from your browser to the web server is encrypted.

Another thing to bear in mind is that even if you log into a site using a secure connection, many sites will go back to a normal, unencrypted connection once you are logged in. This isn't a problem for things like public forums, but could be if you are reading emails (tho' nothing sensitive should be sent via email unless it is encrypted with something like PGP as all email is transmitted unencrypted by default), etc.

One other area that people could fall foul of snoopers is when accessing email using outlook or any other email client installed on your computer. Even tho' these require a username and password to access, the passwords could be being sent over the wireless and internet as plain text. Not good! A lot of servers these days will allow SSL connections, similar to the connections made when the padlock is shown in a browser window, which will encrypt all traffic between the client and the server. 

To summarise:

  • Avoid sending credit card details over the internet from a hotspot.
  • Always use secure connections for any sensitive information.
  • Encrypt any sensitive information.
  • Trust noone!

I hope this is useful to some people,

 Darren.
 
< Prev   Next >
[ Back ]