Wednesday, October 27, 2010

How to use WLAN securely

WLAN is in many ways an insecure way to communicate. However, here is a few things to think about when surfing on WLAN to avoid connecting to a rouge hot-spots (main article, see http://www.esecurityplanet.com/features/article.php/3908596/article.htm).

1. Make sure the name of the WLAN is expected.

2. When connecting, make sure that the WLAN is not marked as “Ad Hoc”, this means that the hotspot i actually a computer with a network card in “infrastructure” mode. This is a common man in the middle attack.

3. If you suddenly gets disconnect when having a good signal, be careful when reconnecting – it might be an attack that caused the disconnect, and when you reconnect you connect to a rouge hotspot with the same name.

4. Commersial hotspot suppliers almost always make you pay in some way. If you suddenly can surf without paying, something is probably wrong.

5. If the websites you visit looks unfamiliar in any way, small unexpected changes etc, be careful, it might not be the real website.

6. If websites with certificates that is usually marked as “green” suddenly is marked as “red”, be careful.

7. If you plan to login to a webpage such as Facebook, go to https://www.facebook.com instead of http://www.facebook.com to prevent eavesdropping. When on an public WLAN, avoid using sites that don’t support https.