Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 11 Dec 2018, 12:03
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Evil Twin attack on wifi access point
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1524
Location: Canada

PostPosted: Fri 26 Oct 2018, 22:05    Post subject:  Evil Twin attack on wifi access point
Subject description: retrieve the WPA/2 passphrase in clear-text within minutes
 

It’s relatively easy for a criminal to set up an evil twin rogue wireless access point that mimics one that your users and visitors connect to, whether on your premises or in a public place, with the intention of stealing usernames and passwords.
Source : https://www.tripwire.com/state-of-security/security-data-protection/detect-attack-evil-twin-wifi-access-points/

The attacker snoops on Internet traffic using a bogus wireless access point. Unwitting web users may be invited to log into the attacker's server, prompting them to enter sensitive information such as usernames and passwords. Often, users are unaware they have been duped until well after the incident has occurred.

When users log into unsecured (non-HTTPS) bank or e-mail accounts, the attacker intercepts the transaction, since it is sent through their equipment. The attacker is also able to connect to other networks associated with the users' credentials.

Fake access points are set up by configuring a wireless card to act as an access point (known as HostAP). They are hard to trace since they can be shut off instantly. The counterfeit access point may be given the same SSID and BSSID as a nearby Wi-Fi network. The evil twin can be configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection,[3] or it can simply say the system is temporarily unavailable after obtaining a username and password.
Source : https://en.wikipedia.org/wiki/Evil_twin_(wireless_networks)

Public Wi-Fi is often a target for Man in the Middle (MITM) attacks. According to SaferVPN, up to 25 percent of all public hotspots are used by hackers to access your personal information
Source : https://www.makeuseof.com/tag/evil-twin-fake-wifi-networks

Be warned that information abounds on how to make Evil Twin Attack Access Point. Google it and there it is. Not even on the Dark Web.

Carefulness is not enough. You can not tell the fake from the real access point.

The good old wire connection is your friend. Give it a try.

Further reading :
https://rootsh3ll.com/evil-twin-attack/
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 13108
Location: Arizona USA

PostPosted: Fri 26 Oct 2018, 22:23    Post subject:  

It's not just publicly available wifi that's vulnerable to this attack. Say you give your wifi modem's password to someone so they can use your wifi. Say their phone or laptop detects two wifi modems that have the same name. It may or may not show them both. Even if it does, the person trying to log in will probably just pick one and try to log into it using the password you gave them. If he happens to try to log into the evil twin, he just gave it your wifi password.

I suppose this also works when your iPhone or laptop automatically tries to log into your wifi network. Do auto-logins go by the SSID to tell which access point to log into, or what?
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2710

PostPosted: Fri 16 Nov 2018, 09:59    Post subject:  

Pre-established/installed ssh keys would flag up that things were wrong (message to the effect that a man in middle attack was potentially apparent ... do you wish to accept).

So if connecting to something like a torified virtual machine (https://openbsd.space/) using ssh from a internet cafe where a mim attack had been deployed, only if you were foolish enough to ignore the warning might that attack succeed.

Same as ever, security is a process not a product.

_________________
( ͡° ͜ʖ ͡°) :wq
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0465s ][ Queries: 12 (0.0162s) ][ GZIP on ]