http://www.eprairie.com/news/viewnews.asp?newsletterid=6473 [When you read as much security news as I do, you begin to notice little anomalies, such is the case with this article below, it looks suspicisionly similar to an article in Fortune Magazine from 1/26/2004 at... http://www.fortune.com/fortune/peterlewis/0,15704,575710,00.html While I guess you can blame this on the butterfly effect of two writers thinking the same thing on the same week, I think different forces are at work, you be the judge. - WK] 1/28/2004 CHICAGO - Have you ever used the wireless network at a Chicago hotel or coffee shop? If you have, odds are a hacker owes you a thank you for letting him or her hijack your computer to spew spam over the internet. Also, to the establishment manager, the hackers say: "hanks ever so much for not securing the wireless network you recently installed. You've made it much easier for me to sit in your establishment and digitally browse the laptops of dozens of your patrons and guests." Driven by the demand brought on by business travelers and the nirvana-type promises of the wireless craze, establishments all over the world are adding wireless broadband connections. Before you jack your laptop into one of these public high-speed links, though, consider that by the time you check out of the hotel or finish that double-skinny latte someone else may have taken a stroll through your computer. I recently found myself in a discussion with an executive from a large, Chicago-based concern. The executive came away from the talk with enough doubt in his belief that his people will follow the rules his company has set down with regard to attaching to unapproved networks that he agreed to spend a day with me on a hacker's tour of wireless Chicago. What followed was an education of how appallingly simple it is to log onto the various public wireless networks around Chicago (or, for that matter, any city). Just to show how really simple this is, we used hacker tools easily downloaded from the Internet. At this juncture, I must add that it's not that hotels and coffee shops are the only ones with security issues. However, since laptop-toting business people may be carrying highly sensitive company files and they tend to frequent coffee shops and stay overnight at hotels, these locations become a target-rich environment for the digital predators. Much like the alligator lurking on the edge of the watering hole, the predator knows that sooner or later the unprepared wildebeest will stumble into his grasp. Our tour began with an upscale hotel in downtown Chicago that's known for a high number of executive-level business guests. I will admit that I did cheat a little in starting here as I've done a fair amount of reconnaissance in the way of war walking around downtown Chicago. In about 15 minutes, we had located 25 vulnerable laptops and four hotel back-office computers. We did this by simply looking for a wireless access point that was unsecured. Once found, we probed for computers that were daydreaming at the watering hole. Time for a disclaimer: We did not probe any of the vulnerable guest or hotel computers we were able to locate. The intent of this tour stop was to demonstrate how easy it is to find targets in the wild using a typically configured Windows laptop and connecting it to the hotel network as a typical business traveler would. We did not actually violate any guest or hotel computers. The next stop on the tour was a well-known and heavily frequented coffee shop. While sitting and sipping our double-shot espressos, I connected a laptop to the newly installed and highly publicized wireless network. Instead of doing the normal and expected activity of directing my computer outward to the Web, I used a popular security tool called NMAP (or network map) to see what else was on the network. Grossly simplified, NMAP enabled my computer to roam the coffee shop and find addresses that just might contain a wildebeest. The next step is to see which wildebeest is asleep at the watering hole by probing for ports that are unprotected. By the way, the typical PC has some 65,000 ports. Hackers use a tool called a "port scanner" to see which wildebeest is day dreaming. Here's where my tour companion got an eye-opening experience: When it comes to computers, mobile business people often have an open-door policy. Many Windows-based laptops are sold with the vulnerable file-sharing option turned on by default. Even virtual private networks (VPNs), which create secure and encrypted tunnels to a corporate network over the Internet, are vulnerable to hackers. Though a VPN encrypts data traffic, underneath in the operating system layer there is still traffic that the predator can and will exploit. My tour companion came away with a new outlook of how well people secure - or should we say don't secure - their PCs. Oh, did I mention that the coffee shop was right around the corner from his corporate offices and many of the laptops we successfully exploited were from his own company? The take away from this tour is a set of simple rules we all know and practice in our day-to-day lives but seem to forget when we use those oh-so-convenient public wireless networks. Just lock your doors, don't talk to strangers and don't leave your wallet out in the open. However, when it comes to your laptop, forget about playing well with others and never share your toys. -=- Ben Apple is CEO of Chicago-based Management Solution Strategies. He has his CISSP certification and is a recognized instructor in IT security governance and IT security best practices. Apple can be reached at bapple@private - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Jan 29 2004 - 04:57:52 PST