Public Wifi – Coffee Shop Security

Number of Views : 10412

I went to a coffee shop today to do some work. Update a few documents and get some random things I have been putting off.    As always I log onto the coffee shop wireless and connect to my VPN.  (read other articles here and here).

After completing the items I had set out to do.  I took some time to do some poking around on the wifi.  Since wireless is basically you sharing a network with others, it is easy to see what people are doing.  I used a simple nmap query to see who my neighbors are.

That scan showed me 5 active people and their IP.   It also let me know that the router had HTTP running.   Since I already knew the PC names and what ports they had open. (some one had a web server running).  I decided to look at the wireless router.  To my surprise it was running DD-WRT, my favorite router firmware.    DDwrt is a very powerful router firmware that can turn a basic wireless router into a great device.

However there are a few settings you need to understand when using DDWRT.  One in particular is to disable the default status page for unauthenticated users.  This page shows a lot of information that you don’t want snooping people like me to see.   Things like:

  • Public IP
  • Firmware version
  • Device Type and name
  • Connected users (IP address, mac address, dhcp lease)

Not only was this on but I was able to also see the other computers on the network (with out doing a nmap scan).   So everyone who had connected in the last 2 hours pc was listed on this page.  I decided to push up a pic.  My pc is called TP2.

 

This is scary to me because someone took the time to use a great opensource Firmware but not the time to properly secure it.    It is also interesting to see the number of android devices that were using the wifi.  I guess the same is true for iPhone devices.

I can’t stress this enough, when on public wifi use a VPN.  If you don’t have one.  Head on over to wifi-vpn.com and subscribe or purchase.

The other item on the list is BT, that is the backtrack vm that I started to do some network sniffing.

Leave a Reply

Your email address will not be published. Required fields are marked *