4
For instance, you're laptop's wifi card is on, but you've deliberately not connected to any hot spots. Is there anyway it can be hacked while sitting there, and not connected?
4
For instance, you're laptop's wifi card is on, but you've deliberately not connected to any hot spots. Is there anyway it can be hacked while sitting there, and not connected?
5
It will still be scanning for networks, which means receiving and processing broadcast packets. It is possible for these packets to be malformed, and if the stack is buggy, then this malformed packet could trigger a bug and then compromise the laptop.
I've never heard of an actual attack using this method, there are going to be so few laptops in this state compared to the number actually attached to a network that it seems to be a very strange way to attack a system, but if you're worried, disable the wifi card when you're not using it. Of course, if you want to be really secure, you need a concrete box.
Also, as it sends the list of ESSIDs it want to connect to ("probes"), you can sniff that packet, then create a pseudo-hotspot (DHCP and everything, of course) with just one purpose: trick that laptop into connecting the hotspot and then, for example, exploit a vulnerable service. – whitequark – 2010-06-07T02:22:12.177
So what is the solution to this on the laptop? Is there a way to disable probing of hotspots? I know exactly the only hotspot I am interested in connecting to, how do I tell Windows to keep its trap shut? – Rhubarb – 2010-06-17T01:31:11.340