Safe with VPN on fake "free wifi" at airport?

On an airport fake "free wifi" network, would you be safe if using VPN?

Two hazards come to mind:

1) The initial login page could be malicious to take advantage of any drive-by boobie-traps.  For example, when the fake auth page phishes for xfinityWiFi or ATTwifi credentials, it could include malicious code attempting to take advantage of un-patched vulnerabilities   Yes, you could randomly happen across a malicious page on the internet, but why concentrate your risk of doing so by deliberately connecting to a malicious network?

2) Maybe your legit NAT router blocks netbios or other ports that maybe the malicious router might not?   Maybe this is less of an issue in 2016 with the default windows firewall blocking all inbound except permitted ports ?

So, if you had tunnel bear VPN on your laptop and were at the airport, would you feel safe (and be safe) using malicious wifi?

Thanks for all thoughts on this matter,
Mike
mike2401Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

max_the_kingCommented:
Hi,
i'd say that you cannot be 100% safe ... however ...

if you really need to connect, you should disable microsoft file sharing and use a vpn client, whom security depends on the kind of vpn you use and how securely has been implemented.

What is good is that:
Traffic from your device is encrypted anyway should you use a vpn client, thus the sniffing gets really useless.

What is bad:
to start your vpn you need to be on the internet first: this means that you first connect to free-wifi (possibly you need to sign up agreement page) then your client will take time to connect to vpn server ... during that time you might be exposed to a man-in-the-middle attack. It is not very easy but theorically it is possible.

Conclusions:
there are very many other risks, little risks but still possible to happen. Reasonably You'll never ever get compromised but you can never be 100% sure.

hope this helps
max
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
KimputerCommented:
1) If you need the login page, and that's infected, VPN is of no use. So, keep your Windows and other software (in this case your browser, but ALL software should be update to date, like Adobe Reader etc etc), and then you can proceed to connect to open wifi networks.

2) doesn't matter at all, your Windows Firewall (or replacement like ESET Smart Sec, ZoneAlarm etc) should be UP at all times.

Have your phone ready too, using Android and  Wifi Analyzer:
Ex. situation: a whole bunch of Aruba networks devices (based on MAC address), then suddenly there's another access point with the same SSID, but totally different make/model?
0
JohnBusiness Consultant (Owner)Commented:
I would not use Airport Wi-Fi.  When I am in an airport, I use my iPhone as a hotspot.
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

mike2401Author Commented:
As I'm researching this, a drive-by-download attack on the wifi router login page could infect you before you get on the internet and establish a vpn.

So, fake-wifi seems particularly dangerous!!!

According to:
http://www.foxbusiness.com/features/2015/02/04/what-need-to-know-about-drive-by-cyber-attacks.html

"What is a drive-by download?
A drive-by download is a type of cyber attack that targets a person through their Internet browser, installing malware on their PC as soon as they visit an infected website. A person can be tricked into a drive-by download attack in two ways: (1) the person is lured into visiting a malicious website set up by criminals; or (

What type of malware can you get?
Drive-by attacks install a wide range of malicious files on the victim’s computer - it could be a virus, spyware, remote-access tool, keylogger, trojan and more. What is particularly concerning, however, is the drive-by’s propensity for infecting victim PCs with a banking trojan or ransomware."
0
JohnBusiness Consultant (Owner)Commented:
What type of malware can you get? ..... drive-by’s ...  for infecting victim PCs with a banking trojan or ransomware.

And of course ransomware is the end of your data.

Don't risk it
0
mike2401Author Commented:
Here's a clever way to know if the xfinity hotspot is legit:

Just deliberately type a bad userid/password on the xfinity auth page.

A bogus wifi spot would then let you surf.  A real one would return: bad userid or password.

If bad, then type in your legit credentials.

This doesn't address the malicious login page scenario raised here, however.

-Mike
0
mike2401Author Commented:
Thanks!
0
mike2401Author Commented:
Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.