Solved

Safe with VPN on fake "free wifi" at airport?

Posted on 2016-09-06
8
82 Views
Last Modified: 2016-09-09
On an airport fake "free wifi" network, would you be safe if using VPN?

Two hazards come to mind:

1) The initial login page could be malicious to take advantage of any drive-by boobie-traps.  For example, when the fake auth page phishes for xfinityWiFi or ATTwifi credentials, it could include malicious code attempting to take advantage of un-patched vulnerabilities   Yes, you could randomly happen across a malicious page on the internet, but why concentrate your risk of doing so by deliberately connecting to a malicious network?

2) Maybe your legit NAT router blocks netbios or other ports that maybe the malicious router might not?   Maybe this is less of an issue in 2016 with the default windows firewall blocking all inbound except permitted ports ?

So, if you had tunnel bear VPN on your laptop and were at the airport, would you feel safe (and be safe) using malicious wifi?

Thanks for all thoughts on this matter,
Mike
0
Comment
Question by:mike2401
8 Comments
 
LVL 15

Accepted Solution

by:
max_the_king earned 250 total points
ID: 41786363
Hi,
i'd say that you cannot be 100% safe ... however ...

if you really need to connect, you should disable microsoft file sharing and use a vpn client, whom security depends on the kind of vpn you use and how securely has been implemented.

What is good is that:
Traffic from your device is encrypted anyway should you use a vpn client, thus the sniffing gets really useless.

What is bad:
to start your vpn you need to be on the internet first: this means that you first connect to free-wifi (possibly you need to sign up agreement page) then your client will take time to connect to vpn server ... during that time you might be exposed to a man-in-the-middle attack. It is not very easy but theorically it is possible.

Conclusions:
there are very many other risks, little risks but still possible to happen. Reasonably You'll never ever get compromised but you can never be 100% sure.

hope this helps
max
0
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 250 total points
ID: 41786369
1) If you need the login page, and that's infected, VPN is of no use. So, keep your Windows and other software (in this case your browser, but ALL software should be update to date, like Adobe Reader etc etc), and then you can proceed to connect to open wifi networks.

2) doesn't matter at all, your Windows Firewall (or replacement like ESET Smart Sec, ZoneAlarm etc) should be UP at all times.

Have your phone ready too, using Android and  Wifi Analyzer:
Ex. situation: a whole bunch of Aruba networks devices (based on MAC address), then suddenly there's another access point with the same SSID, but totally different make/model?
0
 
LVL 91

Expert Comment

by:John Hurst
ID: 41786422
I would not use Airport Wi-Fi.  When I am in an airport, I use my iPhone as a hotspot.
0
 

Author Comment

by:mike2401
ID: 41786435
As I'm researching this, a drive-by-download attack on the wifi router login page could infect you before you get on the internet and establish a vpn.

So, fake-wifi seems particularly dangerous!!!

According to:
http://www.foxbusiness.com/features/2015/02/04/what-need-to-know-about-drive-by-cyber-attacks.html

"What is a drive-by download?
A drive-by download is a type of cyber attack that targets a person through their Internet browser, installing malware on their PC as soon as they visit an infected website. A person can be tricked into a drive-by download attack in two ways: (1) the person is lured into visiting a malicious website set up by criminals; or (

What type of malware can you get?
Drive-by attacks install a wide range of malicious files on the victim’s computer - it could be a virus, spyware, remote-access tool, keylogger, trojan and more. What is particularly concerning, however, is the drive-by’s propensity for infecting victim PCs with a banking trojan or ransomware."
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 91

Expert Comment

by:John Hurst
ID: 41786440
What type of malware can you get? ..... drive-by’s ...  for infecting victim PCs with a banking trojan or ransomware.

And of course ransomware is the end of your data.

Don't risk it
0
 

Author Comment

by:mike2401
ID: 41788663
Here's a clever way to know if the xfinity hotspot is legit:

Just deliberately type a bad userid/password on the xfinity auth page.

A bogus wifi spot would then let you surf.  A real one would return: bad userid or password.

If bad, then type in your legit credentials.

This doesn't address the malicious login page scenario raised here, however.

-Mike
0
 

Author Comment

by:mike2401
ID: 41791496
Thanks!
0
 

Author Closing Comment

by:mike2401
ID: 41791498
Thanks!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now