The diversity of Methods of connection to the Internet generates new threats in the theft of information, something that underlies any new linking technology.
by Osvaldo Callegari
The evil Evil enters the scene again; in the past we commented on something about this scourge, beyond being a recurring issue is again in force, for this we will talk about what this method is about to violate equipment.
Currently, people who work in environments where a large volume of information is handled, be it professionals, technicians, suitable, executives, etc. are exposed to their data being stolen when they are on the street with their mobile equipment and connect in commercial premises, airports, train stations, bus terminals.
What is "Evil Twin"?
When we say "Evil Twin" we mean a potential threat to Wi/Fi users who regularly use public hotspots to connect to the Internet called "hotspots". A hacker sets up what is called a rogue access point with a minimum of the features of the network on which users expect to connect. When they do so they ignore that they are on a fake network, at that moment the pirate steals sensitive information from the equipment, such as credit card data, email passwords, industrial data, plans and whatever is useful to the subject; it should be noted that it also affects instant messaging.
Once the false access has occurred, the intruder establishes different strategies to steal the information, such as the case of access control of websites, where the user navigates without realizing that he is in a cloned system, it is in this place mainly where the data is extracted and sent through the same network.
Worldwide there are no large-scale reports of incidents by attacks of the Evil Twin, according to certain network administrators the threat exists and some articles have reached the press that force the consumer to worry about this issue and to look for protection measures for it.
Wireless risks
The Wi-Fi™ alliance recommends that wireless network users exercise the same level of precautions they learned to avoid threats on wired networks.
Some important points to keep in mind:
You can prevent these types of threats with simple measures to avoid being a victim.
- End users should change their access codes regularly
- Not responding to emails with questions
- Search for secure or on-demand connections
- Find access points that use VPNs
- Know the list of public access points that are safe
- Use products that are certified for WPA™ and WPA2™
- View the configuration status of factory computers, as security is disabled.
- Renaming the home network identifier usually brings a default name.
- Public access points should take at least some of these measures: only register on known access points that use https SSL (Secure Socket Layer) access. To find out if your connection is secure, check to see if there is a certificate to back it up.
- On local networks, ask administrators to generate VPN networks with encryption over their tunnels.
- Disable your Wifi card on your laptop every time you stop using it.
- Access points should be known or at least from a trusted source.
It is not enough for products to be certified, security keys must be configured on access points and client devices.
Getting to know Evil Twin
What is the reality of Evil Twin and why is it so hard to detect?
When you are in a public place it is very difficult to discern what kind of access you have connected to.
When you visit a café, the first thing you see is the front door to see if there is the wireless connection service logo, then unfold your notebook, order a coffee and read the newspaper, in that period your laptop is trying to connect to the Internet, at that precise moment it happens that instead of connecting to the coffee it links to another access point with a greater signal than that of the Local and several web pages are cloned, for example from banks similar to those you have on your computer and use regularly. Once a bank is consulted, for example, all the data on that page is redirected to a remote place where it will be used for dire purposes.
The big difference that these pages have is that they are not encrypted, just look under the browser status bar and not see the lock.
Measures to be taken into account in the browser
- The lock icon: Most browsers display in their status bar, usually below, a small icon indicating that that web page is encrypted and officially registered.
- Pop-ups: often browsers display pop-ups with advertising, some of them can be dangerous, they can lead to the transport of information openly over the Internet. You should instruct your browser not to allow pop-ups in the security settings.
- Links that are not familiar: be wary of pages that are not familiar to us, in case of banking transactions talk to a manager before to make sure that this is the correct address.
- Network board settings: You must place a manual wi-fi connection to prevent it from automatically connecting to any network without your consent.
- The credit card should be used only for online purchases and be aware of any changes in the statement.
Additional Wi-Fi
How to connect on public roads to the Internet (hotspot)?
Connecting when you're on the go is one of the wonderful things Wi-Fi™ can do, linking to the network while you're out of the office or away from your company's network. Whatever the location, a cyber café, a convention center, the airport lobby or a corporate center, you can connect via Wi-Fi™ to check your emails, access sales information, databases or other corporate files, send or receive data or browse the Internet. The growing number of hotspots and corporate wi-fi networks make available to tourists a high-end service with a large number of expanding places.
Or of course it is necessary to have a device that allows you to make such a link, from a compact flash card, a module embedded in your laptop or personal assistant (PDA). This technology makes you contact the world wherever you go and start talking about business.
How to connect to a Wi-Fi™ network?
Depending on the location of the hotspot and the network configuration, connecting is a fairly simple and automatic task, it can be a manual process that requires you to change the network name, password and security code.
When you want to connect to a network of this type, you must consult the appropriate person of the place to know how is the mode of connection of the same, in this way you will have shortened a lot of way to reach your satisfactory link.
If you run Windows XP™ on your computer, it should automatically scan and recognize the local Wi-Fi™ network and allow you to register normally, if on the contrary you are using another operating system, you must manually configure the network scan to see how to connect.
Depending on the manufacturer of the network board, you may need to use an application that comes as an additional to find new networks. These tools or programs are called Wi-Fi™ utilities.
The vast majority of systems allow you to create and retain network names, security settings, and passwords for different networks. Some access services are paid, in this case the system has an intelligent registration mode that establishes before starting the service the means of payments, for example by credit card and by established time, a welcome screen is also presented for customers of the service. Other hotspots are free to use and for the whole community as in the case of airports, municipalities, bus terminals, etc.
Considerations about hotspots and security on remote wireless networks.
In many open networks such as convention centers, airports and public areas, security is not fully implemented. WPA and authorizations are deliberately disabled to simplify access for a large number of users.
You need to turn off file sharing to prevent someone nearby from accessing your computer's data.
Once you are connected, the optimal thing is to make a virtual private network with your company through some product that allows you to manage that network automatically, that way everything you say or write with your peers will be totally or almost totally secure.
Tip: using a VPN (virtual private network) is the safest method known today, it can be said that it is somewhat cumbersome to install it, but the satisfaction of being safe pays with growing the procedure carried out.
Interconnections, mobile data and its security are the new stages that the future holds in this game of technological exchanges; the key is to take the precautions taken in wired networks to counteract the unwanted effects of over-the-air communications.
In www.wi-fi.org can consult about the products approved with access protection.
The names and trademarks mentioned are trademarks and registered names of their owner companies. Additional sources: Wi-Fi Alliance with proper written authorization. The Wi-Fi™ Alliance is the world's largest organization that approves wireless equipment.
*For more information and or queries or concerns write to: [email protected]
Leave your comment