Accidentally backdoored free wi-fi access

[albatross710]

When I was in Europe last month I was astounded at some of the cost levels of daily wi-fi access.

I noticed that on the Swisscom service available at my hotel in Amsterdam and in Milan that accessing a http site would redirect me to the Swisscom login and pay page.

When I accidentally accessed a https: page from my Chrome Favourites the traffic went straight through and allowed me full access to the website. Bingo! this gave me free hotel wi-fi access to mail and banking. My corporate VPN client didn't work though.

Then I fired up the iPhone and noticed that my email would work through the iPhone browser (using https address). My imap connection using the iPhone mail client didn't work.

The TripIt application also worked via this free connection.

So, the reason I thought I would share this is that because it occurred at two different hotels, it could be common practice that the engineers whom config these systems often forget to block https traffic.

Would be interest to hear if others have had a similar experience.

Alby

 

[harvyk]

I'd say it's unusual to allow any network traffic through until it's authenticated.

That said if an techie set the system up and forgot that there are other protocols on the web then yes doing what you did is more than possible.

As you piggy backing free wifi, the best way to do it is look for wifi networks with names such as belkin, linksys, d-link etc... If the network is using a default name, chances are they are still using default passwords (if one exists) and no wifi security.

PS I am in no way advocating stealing internet.

 

[albatross710]

As you piggy backing free wifi, the best way to do it is look for wifi networks with names such as belkin, linksys, d-link etc... If the network is using a default name, chances are they are still using default passwords (if one exists) and no wifi security.

Got to love default passwords!

 

[NM]

I'd say it's unusual to allow any network traffic through until it's authenticated.

That said if an techie set the system up and forgot that there are other protocols on the web then yes doing what you did is more than possible.

Quite likely they are using WCCP redirection and only have it enabled for TCP port 80.

As you piggy backing free wifi, the best way to do it is look for wifi networks with names such as belkin, linksys, d-link etc... If the network is using a default name, chances are they are still using default passwords (if one exists) and no wifi security.

PS I am in no way advocating stealing internet.

Be really careful with such SSIDs. While it may be that someone has not changed the default settings, its is also possibly a "honey pot" used by scammers to try to get people to connect and then they can "observe" all of your communications through the "back door".

 

[Mal]

Be really careful with such SSIDs. While it may be that someone has not changed the default settings, its is also possibly a "honey pot" used by scammers to try to get people to connect and then they can "observe" all of your communications through the "back door".

And in some states of Australia/countries, this is considered an chargeable offence. While it's unlikely that someone who has poorly configured their router would have the ability to work out someone was leeching their bandwidth (except if they went over their quota and received a huge bill!), there is always that possibility.

 

[Jabbar48]

Instant internet access without any cost. Beware of that strategies, hackers/scammers might be the culprit of that free internet access. They might got some of your pertinent info with all the browsing activities you did. Try to report that anomalous thing to authorities.

 

[Thom]

Instant internet access without any cost. Beware of that strategies, hackers/scammers might be the culprit of that free internet access. They might got some of your pertinent info with all the browsing activities you did. Try to report that anomalous thing to authorities.

How can you protect yourself from hackers/scammers on the wireless networks in any case? Or isn't it really an issue?

 

[tuppaware]

Instant internet access without any cost. Beware of that strategies, hackers/scammers might be the culprit of that free internet access. They might got some of your pertinent info with all the browsing activities you did. Try to report that anomalous thing to authorities.

Meh, If your logging onto anything with a secured connection they can't steal your passwords on a genuine website (its encrypted at your end and the sever end). The problem might be a phishing one, or virus based.

 

[Mal]

Meh, If your logging onto anything with a secured connection they can't steal your passwords on a genuine website (its encrypted at your end and the sever end). The problem might be a phishing one, or virus based.

Actually, they still can - but not so simple. Wireless networks are inherently insecure unless configured in certain ways that makes logging into them much more difficult.

 

[tuppaware]

Actually, they still can - but not so simple. Wireless networks are inherently insecure unless configured in certain ways that makes logging into them much more difficult.

The last open wireless network I found when I was staying in perth I used logged onto the netgear wireless router using the default password - and shut down the wireless. Hopefully the end user will of noticed and fixed that up.
(of course I did take a chance to download a few shows I mean ahmmm...linux distros of course)