[YLUG] Solving a general wireless security problem
Steve Kemp
steve at steve.org.uk
Mon Jun 9 22:18:42 BST 2008
On Mon Jun 09, 2008 at 20:50:35 +0100, mike cloaked wrote:
> So the question is: How can a knowledgeable linux laptop user set up
> his laptop to prevent such a man-in-the-middle attack via a spoofed
> open AP? I never run wireless connections to Open APs but many do of
> course.
All misdirection aside your attack boils down to a man in the middle
attack on an SSL-protected website.
For a mobile user the solution is to tunnel your access via a
known-good VPN located at your home/office. That can't be spoofed
and providing there are no key-loggers, etc, in place it gives you
the security you need.
In the public wifi-world you cannot rely upon DNS, you cannot
rely upon plain-text logins, but you can can can rely upon PKI
to protect you - if you've set it up ahead of time.
Steve
--
More information about the York
mailing list