Fake APs in Airports
The original articles on this referenced US Airports, however I'm guessing this problem plagues everyone.
I originally saw the report at heise Security, but they referenced a ComputerWorld article... yet they didn't link to it... A bit of quick searching on Google, lead me to the article in question.
Both articles make mention of the ease at which a malicious person can imitate a wireless access point. The process is actually quite simple.
- Put a wireless card into ad-hoc mode.
- Connect a second card to a legit AP.
- Name the ad-hoc network "FreeWifi" or something similar (perhaps the name of a known Hotspot vendor).
- Bridge the connection.
The malicious person can now sniff unencrypted traffic and use man-in-the-middle (MitM) attacks to sniff even your encrypted traffic. There are various warnings provided by these articles. Ensure that you aren't on an Ad-Hoc network. Don't accept SSL errors (Domain Name Mismatch, Unknown Certificate Authorities, etc)... IE7 has done a great job with this one... If you get a warning screen while using wireless in a public place... Don't proceed.. Firefox displays a pop-up box, making it much easier to simply click-past without looking at what's happening. One problem I've noticed with Firefox 2.0 is that when you have a Domain Name Mismatch, the pop-up box actually says "This could be someone trying to fool you, however that is unlikely"... It's like their saying "Ignore this error and click through".
This comes down to user education... We need to get this information to people in mass quantities... Unfortunately heise Security and ComputerWorld don't quite appeal to the masses that need this information. This is an article that needs to be picked up by a site like Security Fix.
Something we all need to keep in mind is that Ad-Hoc mode isn't always an identifier... Both articles I've quoted referenced it and I even used it in my description above, however there are Linux drivers that allow you to have a Wireless card in Infrastructure Mode. Users need to pay attention and be careful and even then there may not be any great ways to tell if you're on a valid AP or not.
It is good to get the word out as soon as possible. I am currently staying at a hotel, and there are two ad-hoc networks which I know are fake with the SSIDs like ‘Free WiFi Access” and “Wireless”. I knew not to connect to them from previous security articles I’ve read, but not everyone knows this, and they would connect to it right away. I hope that this info comes out for everyone and everyone finds out, because it would prevent a lot of attacks on people’s computers, identity, financial information, etc. Good article.