I was kinda curious and ran a few port scanners on my Nokia 770 (ie. Nmap) and the good news is that I found NO open ports according to Nmap and it couldn't even sucessfully ID the OS on the 770.

In reading some of the posts pertaining to networking, it appears that IPFW is running and firewalling the 770 from external probes/attacks. Can anyone else confirm this?

Also, I am by no means a master with using Nmap, anyone else port scan their 770 to see if it has any open ports/vulnerabilities?

This is good news and it's nice to see that there are no unnecessary services/daemons running leaving open ports for all to see/attack. Of course a device like this which is only transiently connecting to a public wireless AP is a bit harder of a target, but it's still nice to see that a Firewall is running out of the box.

Dave

The reason I brought this up is that I came across what appears to be a slightly deceptive Honeypot WAP at John Wayne Airport (SNA) last week. There was a open public WAP provided by the airport which was working well (in Infrastructure mode on link and handed out proper IP addresses with an initial redirection to a Web page that had you agree to TOS).

However, I noticed another WAP labeled "Free Public WAP" which when you associated with it, didn't provide an IP address/Netmask or DNS info at all, and when you tried to link to it, it was in Ad-Hoc (client to client) mode rather than the Infrastructure mode you usually get with a real WAP.

I've heard of unkind folks out there who run a laptop with a tempting Ad-Hoc Wireless network name like this and wait to see if anyone logs in. Usually, they'll snare someone naive who is w/o a firewall or doesn't realize that they have Windows File sharing open...Big, fat, stupid, juicy targets.

Luckily the 770 is pretty locked down, or near as I can tell it's locked down.

Dave

Yes, this kind of traps probably exist, but I don't think their users except something like the 770.

You will of course also realise that the real public WAP internet access point can be used to attack your machine in exactly the same manner: you don't know whom you share the WLAN segment with...

BTW, IMHO, the biggest threat is probably password sniffing. Anyone running Kismet in the background while you surf the net on a public access point is going to see your complete internet browsing session. For this it is irrelevant whether you use a 770 or any other computer.

This is true, password sniffing is quite a trivial thing for someone on a compromised network to do. This is why I check/send my e-mail via Gmail's POP and SMTP servers which use encrypted/SSH logins. Too bad Yahoo's don't yet do SSH, but their web interface logs you in via SSH at least.

Also tried another test and ran the port scan from www.grc.com on the Nokia 770, looks like all the ports are found to be "closed" but not "stealthed", so the 770 is detectable on a network but not open to any unsolicited incoming IP packets.

Dave