Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Using public hotspots are not safe

advertisement 
Using public hotspots are not safe,why?
Let us explain that why using public hotspots are not safe.
In this information technology era we are surrounded with electronics
devices like computer’s, smart phones and Ipod’s etc. And people’s
use’s internet for communication. No doubt these devices and internet
is helpful in our daily life but increasing in internet crime’s becoming a
major issue now a day’s. In this article we will talk about how public
hotspots are not safe and why you avoid them. You might also want to
read these great articles on the best hacking books and Malware
Analysis.
Sniffing on the WLAN:
Sniffing is like intercepting in a communication and this is a powerful
attack on Wireless lan (WIFI). Consider a scenario in which you are
connected to a hotspot and you are doing some online banking and on
that same public hotspot an attackers is also connected and he is doing
sniffing on the network then he can see all the information in plain text
you have entered on the website of the bank but only if the bank is not
using Secure socket layer (SSL). So whenever you open like a bank
website then make sure your connection is encrypted, to verify that
check your browser is your browser has green lock like this
If in the browser you see https with green color before the
www.example.com then your connection is encrypted and there is not
too much risk involved but if the connection is not encrypted then your
account maybe got hacked by attacker who is on same WIFI hotspot.
Man in the middle attack:
As the word suggest man in the middle, yes in this attack an attacker
become in between you and your original host and all the traffic go
through via attacker machine below is the image which explains how
this attacks works.
As in the above diagram we can see that all the traffics is going through
via attacker machine so he/she can capture and read all the
information being share by you with your host. Like if you are logging in
then your ID and Password maybe captured by the attacker. This is how
man in the middle attacks works.
Exploit the machine:
On WIFI there are many possible way’s to exploit a machine like you are
connected to a public hotspot and the attacker is also connected to the
same hotspot now he can run a network scanner and can know the IP’s
of the machine’s connected on that specific hotspot. The attacker will
run another scanner which will find open ports and do operating
system finger printing for this purpose attacker’s uses NMAP which
provide all the information when started on an IP. If you are using old
operating system like windows xp, windows 7 then there are 90%
chances that your machine can be hacked and if you are little updated
and using windows 8.1 and so on then there are 60% chances that you
can be hacked by the attacker. After scanning the attacker will exploit
those vulnerabilities which he/she have found using scanner but to
exploit vulnerabilities he/she will use metasploit which have exploits for
almost every operating system and server etc. However we recommend
whenever you connect to a public hotspot keep in mind that maybe you
are being scanned for vulnerabilities.
Session Hijacking/Cookies stealing:
This is another attack which can be performed by attacker on public
hotspot. Some websites uses sessions and cookies to authenticate a
person to avoid logging in every time. This help’s user’s to save but it
opens a door for hacker’s to attack. Consider a scenario in which
attacker is connected to the same hotspot which you are using he can
rum tools like wireshark to sniff the traffic and then he can find the
session or cookies in that captured traffic by just typing a small
command. And then he/she will go to that website where that session
or cookies belongs and will inject the session values or cookies values
and he/she will be able to logged in to your account.
Phishing:
Phishing is the most easiest and very powerful attacks but now a day’s
it’s not work too much due to awareness in peoples about this attack,
however this attack has very old history and still popular for newbie
hacker’s and there are also some website’s providing fake page services
for phishing attacker like 1fake.com etc. In phishing attacker send a link
to the victim like he/she may ask his/her friend to like his page but
when the victim click on the link he got login page of facebook as soon
as he enter the username and password all the information will be
stored in the hacker server or mailed to him/her. This type of attacks is
also can be performed on a public hotspot. To remain secure from
these type of attacks always check the URL to verify that the website
address is original not fake.
Conclusion:
After discussing these 5 types of hacking scenarios we recommend that
avoid to use public hotspots, and use only when necessary. Remain
secure and enjoy the wonders of technology.
Related documents
Concerns for College Students - Sexual Assault Response Services
Concerns for College Students - Sexual Assault Response Services
Finding_26
Finding_26
Hands on Demonstration for Testing Security in Web Applications
Hands on Demonstration for Testing Security in Web Applications
rsync program contain a exploitable vulnerability
rsync program contain a exploitable vulnerability
Social Engineering Attacks
Social Engineering Attacks
Availability
Availability
Abstract
Abstract
Physics of Martial Arts .
Physics of Martial Arts .
Davis
Davis
Social Engineering - SCF Faculty Site Homepage
Social Engineering - SCF Faculty Site Homepage
tang-FinalDraft
tang-FinalDraft
Chap 2
Chap 2
Download
advertisement