Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Measures to take when out in public? and MBAM Pop Ups?


  • Please log in to reply
1 reply to this topic

#1 auto1571

auto1571

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 25 October 2015 - 08:56 AM

Hi I was pondering on what would be the best security measures to take when you need to use your computing devices out in public? From my understanding when you are in a public place and using a public WiFi spot there is a chance that there could be hackers trying to intercept the Internet traffic.

 

My first question is to ask if a Firewall is sufficient or would you also recommend a VPN? If a Firewall is good enough here then is the Windows 10 Firewall good enough or would you recommend a third party Firewall. In regards to Firewalls I am leaning towards the Windows 10 Firewall due to the fact that the Windows Firewall has been very good since the Windows 7 Firewall and that now some third party security suites are piggybacking on it.

 

 

 

Now the second thing I would like to talk about is the pop-ups I keep getting from MBAM every time I try and connect to a VPN server. I am currently using Proxy.sh VPN. However every time I try and connect to a server I keep getting MBAM popping up stating that certain malicious
domian IP addresses are getting blocked. I am unsure as to why this is happening. As far as I know this is leget and reliable VPN provider. 

 

 

So any help in regards to the above would be very much appreciated. Thanks.



BC AdBot (Login to Remove)

 


#2 irvin_than_allyl

irvin_than_allyl

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:54 PM

Posted 26 October 2015 - 12:05 AM

It really depends on what you're going to be doing on the public network. You definitely shouldn't do any banking or log into any accounts you value. In general, wireless has a lot of issues when it comes to security, because of the fact that the signals are propogated through the air as radio waves, and they cannot be physically confied and controlled, like wired networks can. It's just simply impossible to physically control the medium of data transmission, with the exception of using special paint and window coating to prevent or greatly limit signals from reaching outside the outer walls of a building. This isn't applible for your usage of public wifi though.

 

It's possible for hackers to set up fake wireless access points, victims connect to them, and then they intercept their traffic. This is called a man in the middle attack. If you were to fall victim to a man in the middle attack, if you logged into a site that uses plain text, unencrypted http, like bleepingcomputer.com, when you log in your credentials would be intercepted. Also, your login session cookie could be hijacked, even if the BC login form used https encryption for the authentication. Furthermore, even when you log into sites that fully use https encryption throughout the whole site, including during authentication, and even after authentcation, you could be tricked into accepting the attackers SSL certificate, which would allow them to decrypt your traffic. Have you ever seen something like this in your web browser?

 

 

2011-10-19-09-09-25-5809bb.jpg

 

https://support.mozilla.org/en-US/kb/connection-untrusted-error-message

 

 

 

 

It means that the SSL certificate cannot be verified. During a man in the middle attack, an attacker could intercept your web request, present you with a self signed certificate, you would receive a prompt like this, and if you clicked "I understand the ricks" and proceeded, the attacker would now be able to decrypt and view your traffic. It could even be done with a Java applet, and would look less suspicious. I can't find a screenshot after some quick searching, but in that case your browser would pop up a dialogue asking you to run a Java applet, and it would say it's signed and verified, and secure. You click run, and you're owned.

 

 

The best method for using public wifi in a secure manner as possible, would be to set up either a SSH server in your home network, or a VPN in your home network, accessible externally through the internet. When you are on public wifi, you'd either just SSH into your server, or establish a VPN connection, and you would be using your home internet connection for your web browsing or email or whatever. You could of course use a VPN service like the one you describe, but it's always safer to use your own network because you control it.

 

As far as proxy.sh, I looked on reddit and it seems people aren't too happy with them because they've done some logging to catch hackers, and users consider it a violation of the trust they put into them.

https://www.reddit.com/r/VPN/comments/1ne8qs/why_i_will_never_use_proxysh_and_you_shouldnt/

 

But as far as their service being malicious, and as far as your MBAM alerts regarding IP addresses, I don't know. Have you checked on proxy.sh's web site to see which IP addresses you should be connecting to, and compared those with the IP addresses MBAM is alerting you to?

 

 

Further Resources:

https://en.wikipedia.org/wiki/Wi-Fi

http://www.pcworld.com/article/158288/paint_secures_wifi.html

https://en.wikipedia.org/wiki/Man-in-the-middle_attack

https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol

https://en.wikipedia.org/wiki/Transport_Layer_Security

https://en.wikipedia.org/wiki/Public_key_certificate

https://en.wikipedia.org/wiki/Java_applet

https://en.wikipedia.org/wiki/Secure_Shell

https://en.wikipedia.org/wiki/Virtual_private_network


Edited by irvin_than_allyl, 26 October 2015 - 12:15 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users