5

I am enrolling myself into a college. College provides a Public WiFi Access Point, to access internet through its network, which is unencrypted (No password). As being a programmer for last one and a half years, I know of some common attacks that any noob will want to try on public network (Packet sniffing using wireshark, etc.) but I don't know how these attacks work. I just want to know how much vulnerable I will be to these attacks on this network. Also, how can I make my Machine isolated from these attacks?

Also if somebody could tell me the possible points of data packet interception, it will appreciated.

I will running Linux Ubuntu 11.10 + Windows 7 Ultimate on my machine.

lzam
  • 872
  • 5
  • 16
ashu
  • 457
  • 1
  • 6
  • 12

2 Answers2

7

If you are on unsecured WiFi, all of your internet traffic is broadcasted for everybody nearby to see. This means that any traffic to/from your computer that is not encrypted at another layer (such as SSL/TLS or SSH) will be visible, which can expose sensitive data, such as usernames and passwords, or authentication cookies.

In addition to passive eavesdropping, malicious individuals may be able to intercept and modify traffic to your computer (by tricking you into connecting to a spoofed WiFi network, or by using a mechanism such as ARP spoofing) They could then do nasty things like replace legitimate downloads with malware.

In truth, these are concerns in wired networks as well, but open WiFi just makes things easier (the attacker doesn't need to plug into an ethernet jack).

To mitigate the risks, use SSL/TLS whenever possible, and if you are really worried, use a VPN service, or better yet TOR

lzam
  • 872
  • 5
  • 16
  • By using Tor, the data packets sent from my machine will be encrypted, so, ARP Spoofing will be meaning less? right? I mean Attacker can only see encrypted packets? – ashu Aug 24 '14 at 08:55
  • 5
    @ashu Tor will encrypt data between TOR relays. Please keep in mind that if you use TOR without _also_ using SSL/TLS, you will be vulnerable to interception at the TOR exit node. – lzam Aug 24 '14 at 13:44
  • Thanks @lzam! Your answer was very helpful and helped me to learn something new and good. – ashu Aug 24 '14 at 16:51
0

I think it is worth noting that even if the network was password protected it would not help much as the thousands of others would be on the same network.

Most important is how the network people setup the segmentation of the wireless. "Don't allow wireless clients on same AP to see each other" for example.

Really the bottom line is to make certain the encryption goes end to end with SSL.

Bob

Bob
  • 1
  • 1
  • WPA-Personal with a PSK shared with strangers is not very secure obviously; still, you at least get a session key, which allows encrypted unicast from/to AP. Of course, only symmetric encryption is used, based on a shared secret, so anyone could capture and decrypt the auth phase and recover the private session key. But 1) this requires some effort (more than trivial listening on open Wifi) 2) only those who captured the encrypted session key packets can do the decryption. So WPA-Personal provides some obfuscation. But you should move to Enterprise mode instead. – curiousguy Aug 24 '14 at 23:25