NCSAM/2011–Post 8–Beware Rogue Access Points

Everywhere we go, it’s tempting to hunt for Wi-Fi service; especially to find free Wi-Fi service.

I do it all the time, and mostly I’m happy to find a local Starbucks or other Wi-Fi provider with which I am familiar.

Every so often, however, I come across unusual sites.

“HPSetup” is one I see commonly, as is “Free Public WiFi”.

Usually, these are benign, but useless. They simply don’t give you the free access to the Internet you’re hoping for.

Sometimes, these and other apparently free public Wi-Fi networks are bait, designed for the hapless user to connect and transact their business over, but in a way that allows an attacker to read and alter that traffic. Imagine if your bank transactions are being read, or your personal emails, or your purchases. Your credit card information can be stolen, and you’d never know it.

So, what’s the advice here?

Fairly simple advice, I’m afraid.

Connect only to those networks that you expect to be in place. In Starbucks, go and visit the area with all the leaflets on Fair Trade Coffee, and read the leaflet on connecting to free Wi-Fi. Make sure you connect only to the correctly-named wireless network. Similar advice works for other free wireless networks – and any that you already pay for, you should already have good instructions for using.

For better security still, make sure that you have a Virtual Private Network (VPN) at home, to which you connect after you have established your connection to the Wi-Fi. This significantly reduces (to almost nothing) the chance that a Wi-Fi attacker on a rogue access point is able to steal your traffic.

You can’t do a better example than DefCon

Finally, on this topic, here’s a list of the open WiFi endpoints (Access Points and Ad-Hoc connections) that were available for use at DefCon. Note that the official networks were called “DefCon” and “DefConSecure”.

List of visible access point(s): 46 item(s) total, 46 item(s) displayed
        BSSID        BSS Type PHY    Signal(dB)    Chnl/freq    SSID
-------------------------------------------------------------------------
02-1A-11-FF-D2-09    Infra     g            -69        6      anarchism
02-1A-11-FB-9A-F0    Infra     g            -53        6      tardisnet
00-15-FF-05-1D-F3    Infra     <unknown>    -56        4      53796e6572436f6d6d
54-9B-12-C1-38-57    Infra     g            -73        5      Verizon SCH-LC11 3857 Secure
00-0B-86-CC-29-61    Infra     g            -61        6      DefConSecure
00-0B-86-CC-29-60    Infra     g            -62        6      DefCon
00-26-CB-79-C2-60    Infra     <unknown>    -67        6      v&ctf (hidden ssid)
02-1A-11-F6-56-26    Infra     g            -76        6      fone
00-15-FF-06-D3-38    Infra     <unknown>    -57        4      (Unnamed Network)
5C-DA-D4-73-66-3A    Infra     g            -73        6      (Unnamed Network)
00-18-84-26-20-E1    Infra     g            -75        5      stgm2
00-21-E8-42-5B-D9    Infra     g            -79        7      Vacalulu
00-14-06-31-4B-50    Infra     g            -76        9      (Unnamed Network)
00-12-CF-8E-6A-BB    Infra     g            -72        10     Pineapple
60-33-4B-E0-2F-A1    Infra     <unknown>    -69        11     (Unnamed Network)
44-A7-CF-4A-CF-83    Infra     g            -81        9      Verizon MiFi2200 CF83 Secure
7C-61-93-10-75-DE    Infra     g            -81        11     n3kt0n
00-21-E8-56-07-DA    Infra     g            -86        11     Verizon MiFi2200 07DA Secure
00-0B-86-CC-33-40    Infra     g            -54        1      DefCon
00-0B-86-C4-0B-20    Infra     g            -62        1      DefCon
00-0B-86-C4-0B-21    Infra     g            -62        1      DefConSecure
02-21-6A-00-FE-9E    Ad hoc    g            -84        1      Roberto
00-0B-86-CC-33-41    Infra     g            -55        1      DefConSecure
C0-C1-C0-F4-5C-F4    Infra     <unknown>    -72        1      netgear
00-14-06-11-4B-50    Infra     g            -69        3      _Travelers WiFi
00-14-06-11-4B-51    Infra     g            -82        3      TravelCity PDQ
00-0B-6C-BD-C1-B4    Infra     g            -87        3      NotYourWifi
38-16-D1-96-F9-88    Infra     g            -75        4      d4s_mobile
CA-E6-51-95-8C-AB    Ad hoc    g            -82        5      allwhitemales
00-24-A5-D7-8D-94    Infra     <unknown>    -79        11     Verizon MiFi A6AD Secure
00-0B-86-C3-FF-00    Ad hoc    g            -78        11     (Unnamed Network)
00-0B-86-C3-FE-C1    Infra     g            -77        11     DefConSecure
00-0B-86-C3-FF-03    Infra     g            -78        11     DefConSecure
90-21-55-0B-11-4E    Infra     g            -75        1      LVPS
00-16-C8-66-82-10    Infra     g            -86        1      Palms-Rooms-Cox
00-03-52-B6-49-10    Infra     g            -88        7      777LasVegasWi-Fi
7C-61-93-9B-35-8A    Infra     g            -79        6      goaway
00-60-B3-07-11-4D    Infra     g            -87        11     Guest Internet Access
00-0B-86-C3-FE-C0    Infra     g            -84        11     DefCon
00-0B-86-C4-0B-80    Infra     g            -78        1      DefCon
00-26-E8-3F-3E-6E    Infra     g            -69        10     Verizon MiFi2200 3E6E Secure
00-0B-6C-C3-04-7B    Infra     g            -87        3      vagabond
00-30-44-10-2D-26    Infra     <unknown>    -87        11     TOOOL-LPV-SEC
00-C0-23-6B-99-81    Infra     g            -88        1      (Unnamed Network)
5C-DA-D4-15-23-D3    Infra     g            -75        6      AndroidAP1259
00-0B-86-C3-FF-02    Infra     g            -79        11     DefCon

Published Wed, Oct 12 2011 21:00 by Alun Jones
Filed under: , ,

Leave a Comment

(required) 
(required) 
(optional)
(required) 
If you can't read this number refresh your screen
Enter the numbers above: