Today we will talk about all our favorite public Wi-Fi networks. How great it can be to sit in a cafe, surf the Internet, browse, favorite pages, post a blog post, book San Jose Hotels or share your picture. Or at the station, at the airport, waiting for your flight, to pass the time, gentle in the pleasant embrace of the Internet. But, unfortunately, few people know that such pastime is very dangerous for your confidential information.
Let’s look at this case:
You are sitting in a café, drinking coffee with a donut and reading the news on the Internet from your tablet, laptop or smartphone. Naturally, you use an access point, which was so kindly provided by the cafe. The access point is open and so many visitors use the free Internet. You do not pay attention to them, drink coffee. But there is one person in this café who, unlike you, watches other people, he also sits with his laptop and smiles strangely for some reason. Let me imagine – this is our intruder. He doesn’t just come here to drink coffee, he has other goals: he hacks into other people’s pages, or rather he gets access to them. But unlike everyone else, he doesn’t stop at dreams, he does it. For this, he needs a laptop with a Wi-Fi adapter, sniffer and, of course, a little knowledge.
A sniffer is a network traffic analyzer, a program designed to intercept and then analyze network traffic, or only for network traffic analysis. It is used both by system administrators to analyze their networks and by intruders to intercept packets transmitted in the network.
In order to sit on the Internet, you do not need to know how the Wi-Fi network works. But in order to understand how a fraudster manages to hack cafe users, we have to consider a small theory.
The theory of connecting to an access point.
When you are going to join an access point (AP), you go to a menu where you can see all the APs available. How does that happen?
APs transmit package every 100 ms that contain little information about them, these packets are called frames. These packets contain the SSID, standard, whether or not encryption is used, how authentication is done, and so on.
When you are going to join an access point, you transmit a package to the access point that contains the necessary information for authentication: your MAC address, the standard supported by the Wi-Fi adapter, your password, etc.
If all the data sent in the access point’s package turns out to be correct, you are going to join the wireless network.
Later, when working with the network, you will send it requests, in the form of packages. And it will return to you the result of your requests, also in packages.
Well, when we have a little understanding of the principle of Wi-Fi operation, we can understand what the fraudster does: he intercepts packets that the access point sends to a legal user, that is you. And while you’re barking up doughnuts, he can easily get acquainted with the contents of the packets. If he has certain knowledge and skills, it will be easy for him to pull out cookies to enter your favorite services, to find out what sites you are currently sitting on, to read your correspondence and even to find out your bank card details.
So, thanks to an open access point he was able to access your account, your confidential information.
Finally, if you decide to access the Internet in a cafe using Wi-Fi, think: “Do I need it?! Maybe instead of sitting on the Internet, it will be more useful and interesting to chat live with friends?