asked on Safe with VPN on fake "free wifi" at airport?
On an airport fake "free wifi" network, would you be safe if using VPN?
Two hazards come to mind:
1) The initial login page could be malicious to take advantage of any drive-by boobie-traps. For example, when the fake auth page phishes for xfinityWiFi or ATTwifi credentials, it could include malicious code attempting to take advantage of un-patched vulnerabilities Yes, you could randomly happen across a malicious page on the internet, but why concentrate your risk of doing so by deliberately connecting to a malicious network?
2) Maybe your legit NAT router blocks netbios or other ports that maybe the malicious router might not? Maybe this is less of an issue in 2016 with the default windows firewall blocking all inbound except permitted ports ?
So, if you had tunnel bear VPN on your laptop and were at the airport, would you feel safe (and be safe) using malicious wifi?
Thanks for all thoughts on this matter,
Mike
Two hazards come to mind:
1) The initial login page could be malicious to take advantage of any drive-by boobie-traps. For example, when the fake auth page phishes for xfinityWiFi or ATTwifi credentials, it could include malicious code attempting to take advantage of un-patched vulnerabilities Yes, you could randomly happen across a malicious page on the internet, but why concentrate your risk of doing so by deliberately connecting to a malicious network?
2) Maybe your legit NAT router blocks netbios or other ports that maybe the malicious router might not? Maybe this is less of an issue in 2016 with the default windows firewall blocking all inbound except permitted ports ?
So, if you had tunnel bear VPN on your laptop and were at the airport, would you feel safe (and be safe) using malicious wifi?
Thanks for all thoughts on this matter,
Mike
VPNWireless NetworkingVulnerabilities
Last Comment
mike2401
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I would not use Airport Wi-Fi. When I am in an airport, I use my iPhone as a hotspot.
ASKER
As I'm researching this, a drive-by-download attack on the wifi router login page could infect you before you get on the internet and establish a vpn.
So, fake-wifi seems particularly dangerous!!!
According to:
http://www.foxbusiness.com/features/2015/02/04/what-need-to-know-about-drive-by-cyber-attacks.html
"What is a drive-by download?
A drive-by download is a type of cyber attack that targets a person through their Internet browser, installing malware on their PC as soon as they visit an infected website. A person can be tricked into a drive-by download attack in two ways: (1) the person is lured into visiting a malicious website set up by criminals; or (
What type of malware can you get?
Drive-by attacks install a wide range of malicious files on the victim’s computer - it could be a virus, spyware, remote-access tool, keylogger, trojan and more. What is particularly concerning, however, is the drive-by’s propensity for infecting victim PCs with a banking trojan or ransomware."
So, fake-wifi seems particularly dangerous!!!
According to:
http://www.foxbusiness.com/features/2015/02/04/what-need-to-know-about-drive-by-cyber-attacks.html
"What is a drive-by download?
A drive-by download is a type of cyber attack that targets a person through their Internet browser, installing malware on their PC as soon as they visit an infected website. A person can be tricked into a drive-by download attack in two ways: (1) the person is lured into visiting a malicious website set up by criminals; or (
What type of malware can you get?
Drive-by attacks install a wide range of malicious files on the victim’s computer - it could be a virus, spyware, remote-access tool, keylogger, trojan and more. What is particularly concerning, however, is the drive-by’s propensity for infecting victim PCs with a banking trojan or ransomware."
What type of malware can you get? ..... drive-by’s ... for infecting victim PCs with a banking trojan or ransomware.
And of course ransomware is the end of your data.
Don't risk it
And of course ransomware is the end of your data.
Don't risk it
ASKER
Here's a clever way to know if the xfinity hotspot is legit:
Just deliberately type a bad userid/password on the xfinity auth page.
A bogus wifi spot would then let you surf. A real one would return: bad userid or password.
If bad, then type in your legit credentials.
This doesn't address the malicious login page scenario raised here, however.
-Mike
Just deliberately type a bad userid/password on the xfinity auth page.
A bogus wifi spot would then let you surf. A real one would return: bad userid or password.
If bad, then type in your legit credentials.
This doesn't address the malicious login page scenario raised here, however.
-Mike
ASKER
Thanks!
ASKER
Thanks!