LD SoftwareBespoke Software, Web Design, Security Consultants and Host Services.

Menu

Sentinel
You have been warned!
We have caught 5848 shameful hackers.
NukeSentinel(tm)

Paypal Referral
Sign up for PayPal and start accepting credit card payments instantly.

Link Exchange
Join our free link exchange

Click Here
 
Evil twin (wireless networks)

Web Design & Development Guide

Evil twin (wireless networks)

Home | Up

Evil Twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up by a hacker to eavesdrop on wireless communications among Internet surfers. [1]

This type of Evil Twin Attack may be used by a hacker to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent Web site and luring people there.[2]

A rogue Wi-Fi connection can be set up on a laptop with a bit of simple programming and a special USB (Universal Serial Bus) thumb drive that acts as an access point. The access points are hard to trace, since they can suddenly be shut off, and are easy to build. A hacker can make their own wireless networks that appear to be legitimate by simply giving their access point a similar name to the Wi-Fi network on the premises. Since the hacker may be physically closer to the victim than the real access point, their signal will be stronger, potentially drawing more victims. The hacker's computer can be configured to pass the person through to the legitimate access point while monitoring the traffic of the victim, or it can simply say the system is temporarily unavailable after obtaining a user id and password.[3]

Several free programs available on the Internet can decode packets to reveal clear-text logins and passwords. Using an Evil Twin attack a hacker is able to harvest Web applications such as email that could send passwords in clear text.

One way that Corporate users can protect themselves from an Evil Twin attack is by using VPN (virtual private network) when logging into company servers. They can also ask the wireless provider to provide the SSID, which is the exact name of the wireless network.They should not send sensitive information such as bank account information or corporate user ids and passwords over a wireless network.[4]

Hackers typically setup Evil twin attacks near free hotspots, such as airports, cafes, hotels or libraries[5]

Reference

  1. ^ "Strange Wi-Fi spots may harbor hackers: ID thieves may lurk behind a hot spot with a friendly name." Andrew D. Smith. The Dallas Morning News. Knight Ridder Tribune Business News. Washington: May 9, 2007. pg. 1 Source type: Wire Feed ProQuest document ID: 1267536891 Text Word Count 766 Document URL: [1] (subscription). Retrieved June 6, 2007
  2. ^ "Security Watch. Daniel Wolfe. American Banker. New York, N.Y.: Feb 14, 2007. Vol.172, Iss. 31; pg. 7. (A security firm used an Evil Twin as a test to obtain passwords from attendees at RSA security conference). Source type: Newspaper ISSN: 00027561 ProQuest document ID: 1219496681 Text Word Count 1097 Document URL: [2] (subscription). Retrieved June 6, 2007
  3. ^ "Computer Column." Craig Crossman. Knight Ridder Tribune Business News. Washington: Aug 24, 2005. pg. 1. Source type: Wire Feed ProQuest document ID: 886418531 Text Word Count 761 Document URL: [3] (Subscription). retrieved June 6, 2007
  4. ^ Attorney General Madigan warns computer users about 'Evil twin' attacks at wireless hotspots. US Fed News Service, Including US State News. Washington, D.C.: Jan 17, 2006. News release by Illinois Attorney General. Source type: Wire Feed ProQuest document ID: 975720601 Text Word Count 471 Document URL: [4] (Subscription). retrieved June 6, 2007.
  5. ^ Access Without Authentification: how and why we let anyone surf our wireless."Donna Watkins. Computers in Libraries. Westport: Mar 2006. Vol.26, Iss. 3; pg. 10, 5 pgs. Source type: Periodical ISSN: 10417915 ProQuest document ID: 1000365471 Text Word Count 2618 Document URL: [5] (subscription). retrieved June 6, 2007
  • Jeremy Kirk, 'Evil twin' Hotspots Proliferate', IDG News Service, Apr 25, 2007

Related

Home | Up | Browser exploit | Cross-site cooking | Cross-site request forgery | Cross-site scripting | Cross-zone scripting | Directory traversal | Evil twin (wireless networks) | HTTP response splitting | IDN homograph attack | Referer spoofing | Session fixation | Session poisoning | Website spoofing

Web Design & Development Guide, made by MultiMedia | Websites for sale

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

 

Text Ads
There isn't content right now for this block.

Community Login
Welcome,
Anonymous
Nickname
Password
   
People Online:
Visitors: 21
Members: 1
Total: 22
Online Now:
01 : Monty

Like my code
Then please make a donation.

Which help me produce more free code.

Paypal Verified

Information

Powered by PHP-Nuke

Valid CSS!

Valid Robots.txt

Bad Behavior

[Valid RSS]

[Valid RSS]
You can syndicate our News with backend.php And our Forums with rss.php
You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.16 Seconds