Is this wifi safe

How to check if a Wi-Fi network is safe to connect to?

I always feel scared to connect to hotel, airport Wi-Fi etc. I feel that if the Wi-Fi router is hacked, my personal information can be collected by a hacker. How can I determine if a Wi-Fi network is safe to connect to? Also, what can an adversary do if he hacks the router I connect to? For example, can he obtain my browsing history? Can he obtain my login credentials if I log in to Gmail? Can he see the emails I sent using the network? Can he install malware onto my mobile? Can he disable the encryption somehow? Can he create some backdoor on my laptop/mobile and access it remotely? Edit: I got some pretty good answers when the adversary doesn’t have control over the router (like arp attacks, mitm attacks). What can an adversary do if he has control over the router?

A wireless network is probably safe to connect to, if you own the network, and live alone at the bottom of the sea. Otherwise, I wouldn’t consider wifi «safe».

@SimonRichter Only relatively. A sufficiently-advanced attacker controlling your WiFi may be able to MITM that VPN connection. Yes, this requires that they impersonate the provider’s certificates, but as we’ve seen in recent years, that’s possible far more often than might be desirable.

My rule of thumb: If it’s public accessible, a VPN is required for all traffic, and all inbound traffic is dropped via the PC firewall, or even better, via an IoT device or VM running a router OS (OpenWrt, pfsense, Sophos UTM, etc. (An allow rule for ports 68 & 69 must be in place prior to connecting to the SSID, but once connected and assigned an IP, is deleted, at which all that should be left is a rule blocking all inbound traffic.)

@JW0914 I know blocking via PC firewall. Can you please explain more about blocking via IoT device or VM running a router OS?

3 Answers 3

Can you tell if the network you’re attached to, assuming you’re just an average user, has a been compromised?

What can an attacker do if they’re on the same network as you?

Regardless if you’re connected to an open access point, an access point with WEP enabled (hopefully not) or an access point with WPA/WPA2 you can be attacked. Many public places have WiFi with WPA2 enabled and they just freely give out the password. You’re still at risk.

An attacker doesn’t need to compromise a router to attack you on a public network. It’s very easy to arp spoof the entire network and pretend to be the router. Then all your traffic will pass through them. It’d be seamless to your experience

Once the arp spoof and ipv#_forwarding is configured it’s trivial to sniff your traffic, inject malicious javascript into http traffic, etc etc etc.

The attacker doesn’t even need to arp spoof you to attack your machine though. Just being on the same network as the attacker gives them the ability to scan your machine for open ports, vulnerable services running, start probing your machine.

Using tools such as nmap to first scan the network for potential targets and then port scanning each target, an attacker can quickly find you and identify any possible holes in your machine. Nmap even has some nifty passive scanning features where it won’t even expose the attacker on the network because it just listens to who’s transmitting instead of actively probing.

Always use TLS and if you can, connect to a VPN whenever you’re on a public wifi. Make sure that you don’t have any unnecessary services running on your machine that are open to the network. Honestly, you probably shouldn’t have any ports open. Any openings are potential access points. Also make sure your machine is fully patched and running all available firewall services.

Mind you this is all just mitigation. If you’re connecting to public wifi points you have some accepted risk.

Some reference material for you:

If you want to dig in a little deeper into what can be done, how and with what tools, please look at these links below. To do what I’ve described above has a very low barrier of entry.

How do you see what ports are open and listening on Windows?

The output will show you all the ports that are open and listening internally and externally. The one’s marked with 127.0.0.1 you can ignore because those are only visible internally to your machine.

Anything marked as 0.0.0.0:Port will be visible to attackers on the network. Also anything marked with private addresses such as

10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 

The command and results are almost the same on Linux

How to identify what services are running on your listening ports

From an elevated command prompt run netstat -a -b and look for ports marked as listening. You’ll see the name of the service in brackets.

I use this attack pattern all the time to test devices on my home network for weaknesses. My favorite is testing my phone apps for random things they’re sending over the internet. Anyone with a live boot of kali or parrot os can have this attack up and running in about 5 minutes. Last year I even wrote a tool that does most of this for you and injects javascript miners into public networks. You can find my article about it here

Источник

Is public WiFi safe to use?

We have all done it: connected to a free public WiFi network we did not know to check emails, read the news, or scroll Instagram. What we often do not think about is that the same convenience that makes public WiFi so easy to use is also what makes it so attractive to hackers. Since most public WiFi services lack a strong password, they are vulnerable to a number of techniques that hackers can use to observe your online activity, collect your personal and financial data, or even break into your device.

Risks of using Public WiFi

Here are some fairly simple exploits that a hacker could use to access your device while you are connected to public WiFi:

1. Man-in-the-middle

In a MITM attack, the hacker intercepts the network traffic being transmitted between your device and the WiFi router, allowing them to monitor your online activity and even alter your interaction with websites. One method is called “ARP spoofing” in which the hacker associates their media access control address with the IP address of your device causing any traffic meant for your IP address to be shared with the hacker. This can all be done without the end user – you – realizing anything is amiss. Meanwhile, the hacker behind the MITM attack could potentially read every email you open and watch every password you enter. They can even redirect you to spoof websites, which look like the legitimate website you wanted but are actually under the control of the hacker, allowing them to steal any information you enter

2. Malicious hotspots

Often when you are in an airport or in a mall looking for free WiFi you will see several WiFi networks with very similar names, like “Airport_WiFi,” “Airport_Public_WiFI,” and “Airport_WiFi_Free.” In these cases, it is very likely that a hacker has created their own hotspot and is trying to pass it off as the legitimate public WiFi. If you connect to a hotspot controlled by a hacker, all your network traffic is visible to them unless you are using a VPN.

3. Malware

If you have enabled file-sharing or Bluetooth or if you are connected to an unsecured WiFi network, hackers can connect to your device and send it malware. This is what the hacking group known as “Darkhotel” did, targeting business travelers that stayed at luxury hotels. Malware encompasses a lot of nasty software and programs that are designed to steal your bandwidth, shut down your device, or even give complete control of it to a hacker. What’s worse, most malware works in the background of your device’s operating system, making it hard to detect and eliminate without the proper software.

4. WiFi sniffing

There are numerous programs available that allow you to monitor a hotspot’s network traffic. If the WiFi network is not secured, either due to a reliance on insecure protocols or because there is no password or both, these types of programs allow hackers to capture data packets and analyze them. With this information, they can easily monitor your online activity, steal your passwords, and see any personal or financial information you access while you are online.

5 ways to stay safe on public WiFi

While public WiFi will never be 100 percent secure, there are some simple steps that you can take to reduce your vulnerability.

1. Use a trustworthy VPN

A VPN is the best protection you can have when connecting to a public WiFi network. A VPN will encrypt your network traffic, meaning that even if someone is intercepting your data, they still cannot see it without decrypting it. This makes it impossible for them to monitor your online activity in real time. A VPN combined with HTTPS makes it very difficult for a hacker to perform a MITM attack.

2. Use HTTPS to ensure you are visiting the right site

If you visit sites using HTTPS (or if you use the EFF browser extension HTTPS Everywhere) you are encrypting part of your network traffic and making it more difficult for someone running a MITM attack to send you to a spoofed website they control.

3. Disable automatic connections, Bluetooth, and file sharing

You should always be aware of what network your device is connected to. The easiest way to do this is to disable automatic connections. That way you will need to select what WiFi network you connect to. It may add an extra step, but it prevents your device from being connected to a WiFi network and exposed to risks without you knowing. The same logic applies to Bluetooth and AirDrop and other file sharing services. Only activate Bluetooth, AirDrop or other file sharing services for a specific function and then turn it off once you are finished.

4. Know who runs your hotspot – and ask for the password

Before logging on, you should always find an employee of the hotel/café/airport you are in and ask them if they have free WiFi and what the name of their network is. This will help you avoid connecting to malicious and fake hotspots. Even if you verify the WiFi network is genuine and it is password-protected, we still advise you to avoid using it without first protecting your connection with a VPN.

5. Avoid sensitive accounts

If you use public WiFi without a VPN, the best way to ensure your personal data is not compromised is to not check accounts that could expose that information. Even if someone has successfully begun monitoring your online activity, if you do not check your bank accounts, open your emails, or read private messages while you are on public WiFi, then then they cannot access them either. If you are going to check any type of sensitive account on an unsecured network, always use a VPN.

Proton VPN is brought to you by Proton Mail, the world’s largest encrypted email provider. It is a free VPN service that provides IP addresses in 43 countries and counting.

There will always be a security risk if you use public WiFi, but that does not mean you should never use it. The basic precautions listed above will help you keep your personal data safe from the majority of attacks against public WiFi hotspots.

Best Regards,
The Proton VPN Team

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter | Facebook | Reddit

To get a free Proton Mail encrypted email account, visit: protonmail.com

Richie Koch

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

Источник