BuffaloRescue Posted April 7, 2013 Share Posted April 7, 2013 Hi IM using the free wifi my condo block provides. Im concerned because i seem to be able to see some files on other peoples computers in my network. How secure is it, can people steal my passwords etc? What can i do to make it secure. Thanks Link to comment Share on other sites More sharing options...
schondie Posted April 7, 2013 Share Posted April 7, 2013 There's plenty of free programs that can stop others from seeing you on the wifi connection. They slow down your connection but keep you safe. Others with the same problems will jump in and offer better advice than I can. HotSpotShield is one example but I'm sure there's many better solutions nowadays. Link to comment Share on other sites More sharing options...
BlackPuddingBertha Posted April 7, 2013 Share Posted April 7, 2013 As long as you selected "public network" when the wifi security pop-up asked you to select one then you dont have much to worry with in respect to your files. It wouldnt hurt to go into your network settings and turn off all printer and file sharing. However, if you are on a public shared network like the average condo has then anyone smart could manage to see the traffic between your PC and the internet, and this could include your email passwords and suchlike, though normally not the content of any webpages that start with https rather than http and which have the little "secure" icon by the address. To be on the safe side you should consider getting some sort of free or pay VPN service and using it constantly whilst connected to this network. Link to comment Share on other sites More sharing options...
Para Posted April 7, 2013 Share Posted April 7, 2013 Its as safe as the firewall software you are using. As BPB said make sure you don't set up and sharing and consider it a public zone. 1 Link to comment Share on other sites More sharing options...
Chicog Posted April 8, 2013 Share Posted April 8, 2013 Make sure you use HTTPS:// wherever you can. There are browser addons to try and enforce this. Sent from my GT-N7000 using Thaivisa Connect Thailand mobile app Link to comment Share on other sites More sharing options...
joncl Posted April 8, 2013 Share Posted April 8, 2013 A firewall is a must and many anti-virus apps have those built in these days so it is done for you, or simply google "free firewall download" and set it up. Zone Alarm is a good example. Link to comment Share on other sites More sharing options...
BuffaloRescue Posted April 8, 2013 Author Share Posted April 8, 2013 A firewall is a must and many anti-virus apps have those built in these days so it is done for you, or simply google "free firewall download" and set it up. Zone Alarm is a good example. im a mac user as far as i know the firewall its all built in Link to comment Share on other sites More sharing options...
HenkeLarsgretasson Posted April 9, 2013 Share Posted April 9, 2013 If its open anyone with knowlege and in range can see anything you do, https does not help (if you get a message that the certificate is not valid, people are listening) If its WEP see above If its WPA2 with a weak password see above If its WPA2 with a strong password anyone within the network can see everything you do. Here is how it is done over wifi (or lan) http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Use some software that monitors any change in arp packets to be safe Link to comment Share on other sites More sharing options...
BuffaloRescue Posted April 10, 2013 Author Share Posted April 10, 2013 so basically... nobody should use wifi then? There is no way to be secure without specialist skills is that right? Link to comment Share on other sites More sharing options...
joncl Posted April 10, 2013 Share Posted April 10, 2013 (edited) A firewall is a must and many anti-virus apps have those built in these days so it is done for you, or simply google "free firewall download" and set it up. Zone Alarm is a good example. im a mac user as far as i know the firewall its all built in Yes you have iptables under admin terminal (Apples flavour of *nix) but it is not set up by default at all - so make sure it is securely setup to stop most foreign probes. Test it with nmap which is downloadable for most operating systems these days and you will see what I mean - mostly wide open. Nmap details for the MAc and all OS's it supports is on this link here MAC firewall details here and all over google Edited April 10, 2013 by joncl Link to comment Share on other sites More sharing options...
joncl Posted April 10, 2013 Share Posted April 10, 2013 If its open anyone with knowlege and in range can see anything you do, https does not help (if you get a message that the certificate is not valid, people are listening) If its WEP see above If its WPA2 with a weak password see above If its WPA2 with a strong password anyone within the network can see everything you do. Here is how it is done over wifi (or lan) http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Use some software that monitors any change in arp packets to be safe You are referring to the condos AP's here right? Not the end users on his Mac as he is not runnng it in hotspot mode. Link to comment Share on other sites More sharing options...
BlackPuddingBertha Posted April 10, 2013 Share Posted April 10, 2013 so basically... nobody should use wifi then? There is no way to be secure without specialist skills is that right? I told you earlier: turn off file and printer sharing and if you are still concerned install a VPN and use it constantly on public networks. This is not very complicated and provides reasonable protection against snooping. You have to remember that 99.9% of the users on that wifi network will have trouble remembering their own names and probably only ever look at Facebook. So the likelihood of them hacking your connection is not high, any more than the likelihood of them knowing what day it is. Link to comment Share on other sites More sharing options...
HenkeLarsgretasson Posted April 10, 2013 Share Posted April 10, 2013 (edited) If its open anyone with knowlege and in range can see anything you do, https does not help (if you get a message that the certificate is not valid, people are listening) If its WEP see above If its WPA2 with a weak password see above If its WPA2 with a strong password anyone within the network can see everything you do. Here is how it is done over wifi (or lan) http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Use some software that monitors any change in arp packets to be safe You are referring to the condos AP's here right? Not the end users on his Mac as he is not runnng it in hotspot mode. User 1 connects to condo wifi1 User 2 also connects to wifi1 User 1 and 2 are both using wifi1 to acess internet User 1 and 2 are in a local network User 3 can sit in his car outside the house and "hack" the network so he gains access to wifi1 User 3 can the trick user1 and 2 to connect to his laptop and listen to all traffic (user 3 then sends it to wifi1) To be safe u need to have WPA2 with a good password running on wifi1 so User 3 cant access wifi1 a good password is ex. fgFG56%%ffdfDg5%&%hH User2 can still trick User1 since he knows the WPA2 password User1 needs a firewall that detects changes in arp packets to be safe In a condo its usually safe since the signal dont go so far through walls etc.. Its the open hotspots at mc donalds and such that people should be afraid off. It is very easy to sniff passwords and spy there edit: typos Edited April 10, 2013 by HenkeLarsgretasson Link to comment Share on other sites More sharing options...
BuffaloRescue Posted April 10, 2013 Author Share Posted April 10, 2013 ok well i just switched on the standard mac firewall. Mac stuff is meant to work out of the box right. I just put it on normal settings. Turned off filesharing. Unfortunately i have no control on the condo wifi settings Link to comment Share on other sites More sharing options...
BlackPuddingBertha Posted April 10, 2013 Share Posted April 10, 2013 For the third time: use a VPN. They work, even on Apple products. Link to comment Share on other sites More sharing options...
BuffaloRescue Posted April 11, 2013 Author Share Posted April 11, 2013 OK i got strong vpn The problem ive got now is it wont connect until i have entered the condo wifi password on their web page. So i have to disconnect the vpn. Connect to wifi, go to the page. Then connect the vpn. I got an apple script to force the vpn to connect for the condo wifi.. which works, but i need to delete the script every time i want to connect (eg turn computer on) then re-write the script so it forces it on. The reason is because sometimes the vpn connection fails so i need it to re-connect automatically so i dont leave myself exposed on the network, Its using PPTN connection, maybe i should get the open vpn and use tunnelblick instead. Still its all a bit of fart-arsing around for the average user. Link to comment Share on other sites More sharing options...
joncl Posted April 11, 2013 Share Posted April 11, 2013 If its open anyone with knowlege and in range can see anything you do, https does not help (if you get a message that the certificate is not valid, people are listening) If its WEP see above If its WPA2 with a weak password see above If its WPA2 with a strong password anyone within the network can see everything you do. Here is how it is done over wifi (or lan) http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Use some software that monitors any change in arp packets to be safe You are referring to the condos AP's here right? Not the end users on his Mac as he is not runnng it in hotspot mode. User 1 connects to condo wifi1 User 2 also connects to wifi1 User 1 and 2 are both using wifi1 to acess internet User 1 and 2 are in a local network User 3 can sit in his car outside the house and "hack" the network so he gains access to wifi1 User 3 can the trick user1 and 2 to connect to his laptop and listen to all traffic (user 3 then sends it to wifi1) To be safe u need to have WPA2 with a good password running on wifi1 so User 3 cant access wifi1 a good password is ex. fgFG56%%ffdfDg5%&%hH User2 can still trick User1 since he knows the WPA2 password User1 needs a firewall that detects changes in arp packets to be safe In a condo its usually safe since the signal dont go so far through walls etc.. Its the open hotspots at mc donalds and such that people should be afraid off. It is very easy to sniff passwords and spy there edit: typos Exactly and if the Condos WIFI AP is not setup as you said above this will happen so it is up to the condo to ensure that is done right, not the end users who relies on the WIFI AP to connect to the internet. All he can do is ensure he is firewalled to stop any such intrusion via the insecure condo WIFI AP. Link to comment Share on other sites More sharing options...
BlackPuddingBertha Posted April 11, 2013 Share Posted April 11, 2013 OK i got strong vpn The problem ive got now is it wont connect until i have entered the condo wifi password on their web page. So i have to disconnect the vpn. Connect to wifi, go to the page. Then connect the vpn. I got an apple script to force the vpn to connect for the condo wifi.. which works, but i need to delete the script every time i want to connect (eg turn computer on) then re-write the script so it forces it on. The reason is because sometimes the vpn connection fails so i need it to re-connect automatically so i dont leave myself exposed on the network, Its using PPTN connection, maybe i should get the open vpn and use tunnelblick instead. Still its all a bit of fart-arsing around for the average user. Obviously your VPN wont connect until you are connected to the condo wifi and to the internet. So: connect to the condo wifi, then start the VPN, then do your stuff. I'm sure there will be some sort of programme that can be installed to run the VPN from one click, even on a Mac. Link to comment Share on other sites More sharing options...
wolf5370 Posted April 11, 2013 Share Posted April 11, 2013 you could also use a bridging router (like a Buffalo - not the bovine type) then you would have use of hardware firewall between you and the common router - can also then set up a VPN too if wanted. Note this only stops anyone connecting directly to your PC, not from monitoring data to the main router (HTTPS and VPN encryption will though). 1 Link to comment Share on other sites More sharing options...
2008bangkok Posted April 12, 2013 Share Posted April 12, 2013 Make sure you use HTTPS:// wherever you can. There are browser addons to try and enforce this. Sent from my GT-N7000 using Thaivisa Connect Thailand mobile app Dont give up your day job dude Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now