Any danger in connecting to an unsecured router?

Need some help in understanding the vulnerabilities of using a
computer to access the Internet via an unsecured router. As I
understand it the computer doing the accessing uses its access point
hardware to make the connection. What sort of access does the
receiving computer have to folders and files on the computer that is
using its router to make a connection to the Internet? Does it have
the capability of tracking the places on the Internet where one goes?

The reason I ask is that I read an article where the authorities set
up and used a wifi hotspot to track computer usage by walk-ups on a
public street looking for illegal uses of the Internet.

Also, I have discovered an unsecured router within connect distance
from my home and have used that connection to experiment. Many of us
pay for more compacity than we use, and some of us do not mind
sharing. But if there are dangerous security concerns about this I
would like to know about them.

Tom
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In every assembly, of whatever size, passion will
always steal the crown from reason. John Adams

In article <(E-Mail Removed)>,
(E-Mail Removed) (known to some as Tom) scribed...

> Need some help in understanding the vulnerabilities of using a
> computer to access the Internet via an unsecured router. As I

With no firewall? At all?

If that is the case -- if the connection you used had no firewall
protection at all, and you were connected for more than about 20 seconds
-- the chances are very high that the computer you used is already
compromised. You should use a good, solid antiviral program (NOT McAfee
or Symantec!) like AVG (they have a free edition) right away, as well as
thoroughly scanning your system with Spybot Search & Destroy and
AdAware.

If you value your system's integrity, NEVER, under ANY conditions
(unless you're deliberately trying to contract something for research
purposes) connect a Windows-based system to the Internet without SOME
sort of hardware or software firewall in place. Period. This includes
wireless access points.

> The reason I ask is that I read an article where the authorities set
> up and used a wifi hotspot to track computer usage by walk-ups on a
> public street looking for illegal uses of the Internet.

This is only one of many possible trouble vectors.

> Also, I have discovered an unsecured router within connect distance
> from my home and have used that connection to experiment. Many of us
> pay for more compacity than we use, and some of us do not mind
> sharing. But if there are dangerous security concerns about this I
> would like to know about them.

Get a firewall. Period. ZoneAlarm works pretty well. So does AVG,
if you're not using a VPN connection.

Happy tweaking.


--
Dr. Anton T. Squeegee, Director, Dutch Surrealist Plumbing Institute
(Known to some as Bruce Lane, KC7GR)
http://www.bluefeathertech.com -- kyrrin a/t bluefeathertech d-o=t calm
"Salvadore Dali's computer has surreal ports..."

On Tue, 12 Dec 2006 21:52:24 -0500, in alt.internet.wireless , Tom
<(E-Mail Removed)> wrote:

>Need some help in understanding the vulnerabilities of using a
>computer to access the Internet via an unsecured router.

I'm not sure I understand the description of your problem. I /think/
what you're asking is " if I connect to a wireless router which has no
WPA/WEP or other encryption, what are the risks to me? "

Assuming this is so, first of all remember that irrespective of the
encryption (or lack of) on the router:

- your PC needs to be running a firewall and AV software which is
fully updated. Otherwise within minutes of connecting you will be
compromised.

- you should ensure that you have no shared folders or printers which
are publically visible. As far as I'm concerned that means you need to
be running W2K or higher, or Linux, and to enable user-level security
on shares and printers.

- your PC's OS and internet s/w should be absolutely fully patched,
and you should check on a weekly basis for new patches.

As for wireless, all that the lack of encrpytion means is

- anyone else in the area could capture the traffic between you and
the router, and look at it.

Provided the traffic is HTTPS that won't be useful to them. Plain http
and email will be completly visible to them. Other traffic (word docs,
spreadsheets. application data etc) would also be visible but
obviously they'd need to know the format.

--
Mark McIntyre

once you connect to the router - you are then on the local wireless LAN,
along with using the wireless pipe to connect to the Internet.
So - you have TWO worlds to be concerned about
#1 the actual traffic to/from the Internet
#2 the actual traffic that can be seen on the local wireless area

Therefore, if you have any "sharing" turned on, other local users can see your
PC.
If the windows sharing ports 13x are not blocked by the router,
then the Internet can see your sharing.

Also, anything transmitted without SSL or VPN can be see as clear text locally.

the flip side - is the incoming traffic that can be probing or hacking your
system.
Without some form of blocking - not just from the Internet, but also local
wireless,
then others can poke around until they might find some open door to your system.

On Wed, 13 Dec 2006 19:49:30 +0000, P.Schuman wrote:

> If the windows sharing ports 13x are not blocked by the router, then the
> Internet can see your sharing.

So the problem is not the unsecured wireless router but rather the
insecure Windows OS. Ditch that POS.

Dr. Anton T. Squeegee <(E-Mail Removed)> wrote in
news:MPG.1fe93c315759fc9a9896ed@192.168.42.197:

> If that is the case -- if the connection you used had no firewall
> protection at all, and you were connected for more than about 20 seconds
> -- the chances are very high that the computer you used is already
> compromised.

Yeah, that's what many people say, but explain, in detail, why this would
be so.

I just don't see it. In this case, the AP was undoubtably a NAT router.

On Wed, 13 Dec 2006 18:25:54 -0500, in alt.internet.wireless , "mr.b"
<(E-Mail Removed)> wrote:

>On Wed, 13 Dec 2006 19:49:30 +0000, P.Schuman wrote:
>
>> If the windows sharing ports 13x are not blocked by the router, then the
>> Internet can see your sharing.
>
>So the problem is not the unsecured wireless router but rather the
>insecure Windows OS.

False conclusion. The problem is the insecure firewall, not the OS -
the same ports are used by SMB irrespective of the OS.
--
Mark McIntyre