Recently I was at a security conference for Palo Alto networks in Vegas,
Since I was in security mode, I was sniffing around the wi-fi and hotel network.
What I discovered was shocking , quite simple actually if you think about it.
But i guess that sometimes we are too trusting.
1- there was no network segmentation in the hotel wi-fi
From my wireless connection I could see all wired and wireless computers, in one large subnet.
2- fooling the wifi was also easy, spoofing a MAC address of a paid user and woola Internet
3- I immediately made sure my firewall was on, as anyone in the network could attack my Mac
4- did a simple port scan on their proxy server, running squid with authentication services for the hotspot
5- tried a little man in the middle , and pcs started to route their traffic trough my laptop
6- obviously this was only done for a few seconds not as to disrupt users, just to prove a point.
7- just a tip, if you guys are in public wifi spots make sure that your firewall and av’s are updated as anyone in the area can attack your machine and look for vulnerabilities.
8- be careful when trusting unknown networks, you never know who is listening, with wire shark I could see loads of traffic flowing trough the network.
Some tips below from various scans with a mobile app, from different conferences and open networks. Just so you get an idea of what’s out there
For data security reasons that’s all I can post as I didn’t save or look at any data from users, however this could be very easy to obtain if someone has malicious intent.
Be careful guys protect your data! ensure, your firewalls are on, your OS is updated and also your applications, you never know who is snooping around!
Remember you don’t only need to protect your network, a computer out of the office is a great target and potential to get into the office network trough a back door,
If you need any tips don’t hesitate to get back to me, and no don’t ask for,hacking tips I can’t help you with that