Why is public free WiFi not safe?

Source: Internet
Author: User

Public WiFi unsafe cause resolution:

Listening software Wireshark is working

And why? Well, this is an explanation of the nature of the principle. In general, we may face two types of attacks after connecting to the public WiFi.

Intranet monitoring Attack

Simply put, within a common network, attackers can easily eavesdrop on the content of your web browsing, including photos uploaded by the web, new tweets, and so on.

There are two ways, an ARP attack, used a few years ago only 1Mb, 2Mb broadband people will be more familiar with, someone opened Thunder download immediately with Peer-to-peer speed-limiting software, this software is used by the ARP attack. It is forged into a transit point between your mobile phone/computer and routing, not only to see all the flow, but also to speed limits.

Another kind is the network card's promiscuous mode listens, it can receive the network all broadcast traffic. This is conditional, that is, the network has in the broadcast equipment, such as hub. Everyone in the company or Internet cafes can often see the hub, a "line into the network, dozens of lines out of" the expansion of equipment. If there is such a facility in this public WiFi, you may normally be able to tap into the traffic.

Should be the above two ways of protection methods are also very mature, respectively, ARP firewall, traffic encryption (buy an SSL VPN).

Fake WiFi attack

The above is saying that if you are connected to a public WiFi, you may suffer an attack. But there is another situation where you can be attacked once you've connected to a public wifi.

To see a (fictitious) case, Xiao Wang once even moved the CMCC network Internet, a TA found on the subway, the mobile phone incredibly automatically connected to the "CMCC" WiFi, but usually the subway is a wooden CMCC signal it? But also can surf the internet, ta feel very strange, immediately turn off WiFi, But the mobile phone on the various types of software in the background have been connected to the net. Go home to the network disk a look, inside more than a "Hacking by Helen" txt document.

Sounds amazing, doesn't it? The principle is very simple. With 3G routing, do a "CMCC" of the password-free wifi, in which all traffic is configured to go through your monitoring software, the next thing is the same as the front pull. Here is a small loophole, your mobile phone/computer will automatically connect all the previously connected WiFi, just CMCC is no password, forgery is convenient.

As for the network disk, app active networking sync, many are using cookies value and some specific value to do the validation, get this data can be forged into the computer on the app ID landing.

A fake WiFi attack is a setup item that uses automatic connection and can be protected by "not automatically connecting." But this seems more trouble, small weave hands on three devices, Windows for each wifi, have a separate whether automatic connection configuration; MIUI is similar, iOS is "ask whether to join the network", but open or not will automatically connect, more strange. Therefore, the easiest way to go out is to turn off WiFi, but also to save electricity.

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.