Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Wireless Security » How it is possible to get Malware with Open Hotspot
Search Topic:
Uniqs:
476		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Forum Guidelines ·Wireless Security FAQ ·Keith's FAQ
Updated inSSIDer (v1.1; 2/24/2009) »
AuthorAll Replies

rapt0r

join:2009-03-19

 How it is possible to get Malware with Open Hotspot

I'm wondering if technically possible to get Infected when connecting to open WiFi Hotspot.
Assuming I found a rouge Open Wireless and I get connected to its network and DHCP will lease IP.
Is it possible when connected a Malware is downloaded into clients machine?
Or web browser is Hijacked?
What are the different possibilities of getting infected?
to forum · permalink · · 2009-04-26 15:51:59 · Reply to this


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest

 The greatest risk, is when you are using Windows networking and are sharing some of your files.

Another risk is a rogue DNS server. For example, when you do a google search, it could give you the IP address of a fake google page.

If you are taking reasonable precautions, and having your browser warn you before running any executable, then the risk should be something you can handle. Just be more cautious and less trusting when at an untrusted hotspot.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.8
to forum · permalink · · 2009-04-26 18:10:05 · Reply to this

docrice

join:2008-03-31
Fremont, CA

reply to rapt0r
There are many vectors in getting malicious code onto your machine, regardless of whether it's at an open hotspot or not. Since your question is framed within that context, I'm assuming you're referring to direct network attacks instead of tricking the user into going into a webpage that automatically downloads code through XSS, "friendly" ActiveX install prompts, etc..

If the hotspot has a captive portal which serves a web page that's compromised, that's one place. DNS redirection is certainly a possibility. Even layer 2 redirection can cause you to chain your traffic through an unknown entity. How about an unpatched exploit that your machine may have that somehow allows remote SMB / RPC / etc. access into your OS perimeter?

In other words, there's a lot. You just have to reduce your risk profile by running with least-privilege, blocking everything inbound that isn't return traffic of your initiation, using something like NoScript in Firefox, etc..
to forum · permalink · · 2009-04-28 04:32:41 · Reply to this
-
Forums » Up and Running » Security » Wireless SecurityUpdated inSSIDer (v1.1; 2/24/2009) »

Thursday, 26-Nov 02:53:39 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [105] New AT&T Ad Campaign Hits Back At Verizon
· [101] Time Warner Cable Fires Broadside At Broadcasters
· [95] Apple Joins AT&T Verizon Snark Fest
· [85] New Bill Takes Aim At Higher Verizon ETFs
· [63] TiVo Sees Record Customer Losses
· [48] In-Flight Internet Headed For Bumpy Landing?
· [34] Senators Want ACTA Made Public
· [30] Earthlink Suffers From Major E-mail Outage
· [30] AT&T Offers New Prepaid Wireless plans
· [30] Despite Billions In USF Fees, U.S. Libraries Lack Bandwidth
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Shutting of Electricity Temporarily (up to 1 yr) to Save $$$ [Home Repair & Improvement]
· Whats the big deal about being "Old School"....? [World of Warcraft]
· [DVR] DCX3400 - 30 Second Skip Forward [Comcast Cable TV]
· Reasons #137/#138 to Love Windows Home Server [Microsoft Help]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· Slow speeds in the evenings [TekSavvy]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]