iTechNote

Wi-Fi networking is inherently insecure. Wi-Fi and its latest security and encryption updates (WEP/WPA/WPA2) try to protect network access but not necessarily the information that flows over that network. Using public Wi-Fi network should be considered as open to the public as if you had published your accounts, passwords, and correspondence in a newspaper.

There are three primary threats from bedevil Wi-Fi users - sniffers, rogue access points and worms/probes.

Sniffers

Wi-Fi uses radio waves to send data thus making it ripe for monitoring from vicinity. Unless a building is surrounded with a wire cage, signals leak and you must treat your access to the network as completely available to anyone within line-of-sight range. A used $200 laptop with a $10 Wi-Fi card and free software is quite effective and often used for these purposes of sniffing. The sniffer can decode any data passing by into its original form.

The software packages that a sniffer uses are:

• Stumblers - software that reveal the existence of Wi-Fi network, e.g. NetStumbler, MacStumbler, dstumbler
• Snoopers - software that reveal data passing across Wi-Fi network, e.g. tcpdump, ntop, ettercapNG
• Crackers - software that collect enough sample encrypted data to get the encryption key, e.g. Kismet, AirSnort, KisMAC

Rogue Access Points

A more sophisticated sniffer can setup a rogue access point (evil twin) to intercept all data and relay it back and forth to the legitimate network without your knowledge. In this process, even more data can be extracted from your computer.

The “phishing” attack starts with a fake web site that mimics legitimate site to capture login credentials. The attacker can also try to force software on your PC to re-connect to services that require passwords and extract them when they are sent.

There is no software on the market that is purposely designed to be evil twin.

Worms, Firewalls and Probes

Many Wi-Fi networks in public hotspots use the same range of private Internet protocol addresses that home and office networks employ, making those Wi-Fi networks appear exactly like each other to a firewall.

This allows entry for worms, as well as probes that try to find weaknesses in your system, or access shared network folders that you have failed to password protect.

The Solution

JiWire Ironclad Wi-Fi Security (formerly SpotLock) claims to overcome the problems by creating its own Virtual Private Network (VPN) using IPSec encryption technology in tunnel mode. It is included in JiWire Hotspot Helper that can be subscribed for unlimited use for $24.95 a year. However, only Windows XP is supported.

The one-time 10 day unlimited trial allows you to use the Wi-Fi Hotspot Finder (offline) regardless of whether you subscribe to JiWire Hotspot Helper or not. The directory is updated once a week and can be set to push to Wi-Fi Hotspot Finder on schedule.

via JiWire