It will never cease to amaze me how much people implicitly trust wireless connections. I see businesses from coffee shops to book stores offering free wireless connectivity in the hopes that people will stick around and spend money. This is a great idea for businesses, and the concept does work. However, I often wonder why you would so willingly trust this free service.
Imagine this scenario. You walk into your favorite Barnes & Noble book store to sip some coffee, eat some eclairs, and surf a bit. While surfing, you decide you want to check your hotmail account. You type in your usual “http://www.hotmail.com” as you always do. You then enter your username and password as you always do. “Login Failed? Huh?” You type it again “Username: eye_me_leet | password: h4x0r2u”… ” and just as quickly as the first response occurs, the same response comes back “Login Failed”. Thinking this may be a cache problem or just a bug with IE, you close your browser or perhaps reboot all together. You type in the site again aych-tee-tee-pee collon-slash-slash dub-dub-dub-dot-hotmail-dot-com [Enter]. But to your horror, as the pixels on the page change, they don’t turn to the standard looking hotmail screen, instead, these pixels spell words only a truly 1334 r00t *** would put on a site — “U’V b33n pwnt !”. What happened, other than some really bad clichC) leet-speak?
When you connected to the first access point, you didn’t realize you were connecting to someone else in the same room as you. They set up their very own wireless access point that acted as a proxy for the internet. This user was running Ethereal to sniff packets, but more importantly, he set up his own machine as the authority for hotmail.com. In doing so, you were directed to his mock site that simulated the look and feel of Hotmail. When you typed in your username and password, it didn’t go to hotmail to authenticate. Instead, it was captured by the “hacker” who immediately used your information to log into the real hotmail site and change your credentials. This hacker was at least kind enough to tell you that you were “had”. Your username and password may likely be the same across multiple services too. That same one you used for hotmail is most likely similar, if not the same as the one you are using on your windows machine. So the user then connects to your machine’s IP address and types in the same username / password information to gain access to administrative shares, read your documents or infect you with viruses. Alternatively, the hacker could read and send email from your box and perhaps use it to gain more information about where you do business, who you talk to and what kind of work (or play) you engage in. The possibilities are limitless and terrifying.
Remember this the next time you blindly walk into a business and connect to their network.