Ablang <ron916@gmail.com> wrote:

<snip>

> How the attack works
>
> First, let's take a look at how the attack works. You go to an airport
> or other hot spot and fire up your PC, hoping to find a free hot spot.
> You see one that calls itself "Free Wi-Fi" or a similar name. You
> connect. Bingo -- you've been had!
>
> The problem is that it's not really a hot spot. Instead, it's an ad
> hoc, peer-to-peer network, possibly set up as a trap by someone with a
> laptop nearby. You can use the Internet, because the attacker has set
> up his PC to let you browse the Internet via his connection. But
> because you're using his connection, all your traffic goes through his
> PC, so he can see everything you do online, including all the
> usernames and passwords you enter for financial and other Web sites.

This is not true. All online banks use a secure connection.

> In addition, because you've directly connected to the attack PC on a
> peer-to-peer basis, if you've set up your PC to allow file sharing,
> the attacker can have complete run of your PC, stealing files and data
> and planting malware on it.

If and if. And no mention of having a software firewall.

> You can't actually see any of this happening, so you'd be none the
> wiser. The hacker steals what he wants to or plants malware, such as
> zombie software, then leaves, and you have no way of tracking him
> down.
>
> All that is bad enough, but it might not be the end of the attack.
> Depending on how you've connected to that ad hoc network, the next
> time you turn on your PC, it may automatically broadcast the new "Free
> Wi-Fi" network ID to the world, and anyone nearby can connect to it in
> ad hoc peer-to-peer mode without your knowledge -- and can do damage
> if you've allowed file sharing.

Interresting. A WiFi worm. Has any been sighted?

<mega-snip>

The original article can be read here:

<http://www.computerworld.com/action/...intArticleBasi
c&articleId=9008399>

x-posted to: alt.internet.wireless and alt.comp.virus.