« Wanna Ride on the Big Plane? | Main | Part II: So You Wanna Ride on the Big Plane »

Safe, Secure Wi-Fi on the Road


Q: Recently I stayed in a hotel and used the free wireless access. Can any wireless user at another hotel or the parking lot for that matter, gain access to the network or my computer?
— Mary F.

A: Wow Mary, tough question. You couldn't ask me something like what does stand for or what city hosted the ? You leave me no choice but to admit that Information Technology (IT) questions are not my forte. I'm the guy who thought a "hard drive" was a road trip from Seattle to Portland or that a "gigahertz" was a particularly large rental car. Needless to say, I felt it best to defer to the experts on this one. Luckily, you can't swing a coaxial cable around here without lassoing an IT expert. Our in-house security gurus offered the following tips for keeping a secure connection on the road, and ensuring that what is seen is for your eyes only (and not some fedora-wearing corporate spy in the adjacent parking lot or club chair).
  • Make sure it's actually the hotel network to which you're connecting. WiFi density is so high in some areas that you have to be cautious. Just because you are in a hotel room, doesn't mean that the hotel network is the only one that can be seen.
  • Keep your anti-virus software and patches up-to-date and firewall enabled
  • Disable file and printer sharing, likely the easiest way to compromise a remote user.
  • Look for WEP (wireless encryption protocol) or WPA (WiFi protected access) when connecting. If you open the tool to view available wireless networks, it will say unsecured if it is not encrypted. Using WEP (encryption) gives you a reasonable amount of protection from someone just reading the signal out of the air.
  • Tell your computer to NOT auto connect to wireless access points that are listed as 'unsecure'. A common method of compromise is to establish a fake access point. Users with this feature turned off will automatically associate to your fake access point. You can even provide real internet access, but monitor all of their traffic. Or, if the user automatically associated to you, you can browse their shares without them even realizing.
  • When using a hotel network, establish a VPN connection to route your traffic through. The VPN client disables what they call 'split tunneling', which is the ability for your machine to connect to two or more networks at the same time. By establishing a VPN connection, no one else on the hotel network can see your traffic or connect to you.

There you have it Mary, some fine tips from the folks who know. Stay tuned next week when I tackle the really tough questions like business attire and airport parking.

Tom Conway, whose technical prowess ends with enabling his Out-of-Office Assistant, looks forward to your questions, comments and tips below:

 

Posted by Tom on August 29, 2007 11:37 AM |

TrackBack

TrackBack URL for this entry:
http://www.overheardbin.com/cgi-bin/mt/mt-t.cgi/255

Comments

A few comments. First off if you are relying solely on the SSID (name of the wifi network, e.g. "HHonors") as a means of identifying which network belongs to the hotel's wifi network, bear in mind an attacker can simply boost the power of their illicit wifi access point and make the SSID match the hotel's. The victim will probably pick the SSID with more "bars" or signal strength. This is known as the evil twin attack. You can call the front desk, or better yet the hotel's IT people, and ask which BSSID is the right one to connect to. The BSSID is a unique 12 digit address that shows up under details or property settings when examining an SSID for more details. Also confirming the adapter MAC address (again a 12 digit number) is a help.

WEP can be broken easily enough, so don't assume that if you run into more than one SSID for a hotel and they are WEP, they are secure. WEP requires a password, but there are free tools that allow WEP to be cracked. Use WPA if you wish to be sure (version 2 preferred, version 1 has some issues). There should be no auto-connect allowed to non-infrastructure (ad-hoc) networks. BTW most hotels do not use WEP or WPA at all -- too much trouble.

I did a talk at a hacker conference entitled Hacking the Friendly Skies (http://www.shmoocon.org/2006/videos/Nomad-Sky.mp4)
that you might find interesting, as I discuss how to attack a traveler's laptop while they are on the plane. Bear in mind the video is probably rated R due to language. While it applies to midflight, it also applies to hotels, trains, and other public places.

Posted by: Simple Nomad | August 30, 2007 2:41 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)