Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment And here's how a Windows 0-day works over Wi-Fi (Score 2, Informative) 386

Beating the rogue access point (AP) dead horse a bit here, and spelling it out for those who don't "get it".

Badguy creates hostile "website" with Windows exploit. Badguy goes to local airport terminal or Starbucks and pretends to be a legitimate wireless hotspot using Airsnarf or similar rogue AP utility. Badguy FORCES any user who joins wireless network to browse the hostile website that has the Windows exploit. User gets owned. Lather, rinse, repeat.

You can do this to your neighbor, too, if they have an open access point. FYI.

The point is that it does NOT require coincidental surfing of hostile websites to gather and exploit targets with a Windows 0-day these days. The rich and elite road warriors carrying all their financial and corporate data with them are prime targets. Attackers with rogue AP setups can make easy money from hotspot users by FORCING them to browse a hostile "website" with a rogue AP "splash page".

Particularly vulnerable, are hotspot users that have the Windows operating system installed and use IE as their default browser.



Slashdot Top Deals

The ideal voice for radio may be defined as showing no substance, no sex, no owner, and a message of importance for every housewife. -- Harry V. Wade