View Full Version : Is it safe connect ´unknown´ Wi-fi hotspots with N800?
03-22-2007, 08:24 AM
Is it safe connect to free Wi-Fi hotspots with N800?
Or is there possibility that ´someone comes in..´..
Does N800 have firewall?
Has anyone tryed N800 at Shield UP page that try get information of your computer and test if its secure?
If by "?unknown?", you mean unprotected wireless hotspots you come across, then probably theres probably no risk as such. Even if there were some sort of malicious intention behind these hotspots, you are using a linux device and seeing as far the most malicious exploits are targetet at microsoft products you are propably safe.
However, if you are indeed talking about private unprotected hotspots, then you might be doing an illegal activity if you connect. Im pretty sure that in most countries unauthorized acces to hotspots is a crime along the lines of breaking and entering. How you would ever be discovered and punished is a completely different matter, so i guess its up to your moral beliefs :cool:
03-22-2007, 09:33 AM
Yeah. What pixl said.
03-22-2007, 09:41 AM
with xterm installed, you can run a quick `netstat -nat` to see what ports your listening on.
6000 is the X server
53 is DNS
i run ssh client and server (OpenSSH) on mine so i see port 22 which is SSH.
mine is also listening on 4555, but i think that is related to X as well. other than that, i doubt there is much to exploit. i dont think there is an iptables or shorewall firewall in place.
03-22-2007, 09:47 AM
Some citys (even at Finland) there is Wlan city network where you can connect and some cafe shops and hamburgerbars also have wifi for customers. I almost forgot Assembly computer demo party.. Party network is full of hackers..
I know that pc(windows) is totally unsafe if there is no firewall.. But I guess that Linux is not totally safe either, if its not configured correct and these days firewall is important.
If someone has network connection for N800 that has no firewall. It would be very intresting test this..
Atleast I am intrested what information my N800 lets out..
03-22-2007, 09:58 AM
Im pretty sure that in most countries unauthorized acces to hotspots is a crime along the lines of breaking and entering.
How do you know whether access is "unauthorized" or not? I've left my wireless access point unprotected simply because I don't mind other people using my bandwidth. However, I haven't changed the SSID to "Free_hotspot". So am I authorizing people to use it or not, and how could they tell the difference anyway?
03-22-2007, 10:09 AM
the law attempts to cover those who try and secure their networks against unauthorized access. if you change the root passwd on your device, it shows that you are trying to limit access and you can claim you do not want "visitors" on your network. if you use encryption or MAC filtering, you can make that claim as well. if you leave the device as is, out of the box, it becomes harder to make that claim.
being that the law cannot force you to secure your wifi, the is room for interpretation, and i would guess that the intent of the visitor would come into play in the case where unauthorized access was gained to a default configured AP.
Many of the commercially available free wifi connections have a registration page which contains some sort of EULA, that acts to indemnify the hosting party, and designate their service as "free".
03-22-2007, 10:17 AM
This is also intresting Wlan share project. :)
03-22-2007, 10:22 AM
You can never trust an open wlan. For example: I run a (multi homed) proxy on my lan with a optional redirecting honeypot. It logs all trafic.
You would never know.
FYI: I have no bad intentions, I just want to know what is going on on my lan.
(I could use the honeypot to get back at you if I wanted...)
But I agree, 99% of all open wlans are safe.
03-22-2007, 10:38 AM
is that a honeypot or a tar-pit?
03-22-2007, 11:03 AM
Ok. So its not good idea enter passwords to open wlan connection..
Then I cant use Skype either.. When it comes.. :(
But.. If I only read newspapers etc.. Is it safe so no one could login to my N800, download information pics, docs etc, or damage it somehow..
It would have been cool use Skype on the road when we get it to N800.
Did anyone try Shields up?
I wouldn't be logging into bank sites, or anything that required private information on an open hotspot unless it was on a SSL/https site.
I usually assume that if I'm on an open WiFi, there could someone potentially sniffing/listening in.
03-22-2007, 11:24 AM
hehe, no just a friendly honeypot. I want to know what going on, nothing more.
03-22-2007, 12:10 PM
I would assume as a matter of course that any hotspot you connect to is going to be monitored and that there are potentially unfriendly people trying to sniff that information. Whenever I'm out and about I surf sites for fun and news and never do anything I wouldn't want exposed. I'm not worried about my n800 being hacked since there really aren't any ports open except SSH.
03-22-2007, 10:05 PM
From my research Make sure you use HTTPS:// websites and the "lock" icon is visible on the bottom right of every webpage!!
First, be aware that (almost) ANYTHING that you type or any info that appears on your screen while you're using a wireless connection can be seen by others nearby.
If you are accessing a page that requires a login and password, or if you are entering ANY personal data (credit card, SSN, etc) make sure that you are on a secure site. That's easy enough -- just check that the web address begins with https instead of the usual http -- and your information will be safely encrypted before transmission. As long as you're on a page with an address that begins with https, the data you send and receive is protected from sniffers and snoopers.
But be on your guard, some web-based email providers have a secure login page, but after you're logged in the access reverts to normal non-encrypted mode. So any email you send or receive while on a wireless connection is out in the clear. Google's GMail and Yahoo Mail are examples of webmail services that work this way. Until recently Hotmail didn't even offer a secure login option. So look for the link or checkbox for the secure login when accessing your web-based email. If your service doesn't offer one, consider switching or decide to live with the security exposure.
03-23-2007, 07:40 AM
First, if you install the dropbear- server or openssh server then you'll need to change your root password right away, or anyone else on that hotspot network can log in (after all that's how I do serious work on my n800 - I log in from another computer on the wi-fi). Any password should be changed from the default one of course.
Other than that: The default gmail bookmark on the N800 is not recommended if you're on a wi-fi network, because it uses the URL that'll only give you encryption during the login phase. (Last I checked, anyway.) Instead, set up your own gmail bookmark, with https://mail.google.com/ -- this will encrypt the whole session, which is preferable IMO.
Other than that (taking measures if you install servers, and encrypting any serious communication) you shouldn't have any particular worries about hotspots. It's not like someone can virus-infect you just by you being on the network, as such.
03-23-2007, 08:11 AM
while changing the root password is a good practice in theory, i would guess that fewer that 7% of the user base would change it to a "strong" password, which is nearly as bad as not changing it at all.
anyone with an ssh server that is accessible by way of the internet should look at a few of the logs...
lastb -a |more
lastb -a -f /var/log/wtmp.1 |more
lastb -a -f /var/log/wtmp.2 |more
i have scrolled through this and found over 347 consecutive attempts from only one IP address attempting to log in as root or other assorted id's, some well known backdoor accounts, too. this was only one persons bot'ed machine. literally hunderds of machines have tried to do this to me.
i found a project on sourceforge.net that gleaned IPs out of /var/log/secure (and /var/log/messages, i think) for bad auth attempts. when 3 are found from an IP not in the exempt list, it appends a rule to my firewall that drops any further attempts at login. an `iptables -nL` on my machine shows 163 IP addresses banned thus far, and i blew it away and rebuilt it less than 3 months ago. look for daemonshield on sf.net
with bot'ed machines, and a weak password, your n800 is more likely to be comprimised when on an open wifi network. using key-based two factor authentication methods will significantly reduce the exposure to unwanted access.
as a good rule of thumb, you should never use a root password unless you are on console. you should ssh as a user and `sudo` or `su -` into the root account.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.