|
how do I know if an aiport free wi-fi access point is fake?
I was sitting in a terminal at XYZ airport. Since they had free Wi-Fi access at this airport, I took out my laptop and tried to connect. To my amazement, my Wi-Fi settings showed 6 available connections. They had nearly identical SSID names. I kept a note of what I saw:
XYZ-Free-WiFi ***** XYZ-FreeAirportWifi *** XYZ-Airport Free *** XYZAirportFree ** XYZ-AirportFreeWifi ** AndroidAP(probably someone using phone tethering) (***** showed signal strength) I don't know if I was just being paranoid, but I had a feeling that one or more of them must have been fake access points. I ended up not connecting to any of them. How can I tell which is real and which is fake? |
Usually their website will show how to connect, and say which are real. I would bet that all are real, and that whoever set it up did not want to take the time to make all the SID's the same, so they went with close variations.
But unless you know which one you are looking for, you can't tell. For example, for Colorado Springs
and they have little cards telling people how to connect |
I agree with everything that has been said. Obviously if the free access point is an ad hoc connection you should run away, but most fake access points now use AP mode.
To see where fake APs have evolved to, check out this page: http://hak5.org/episodes/episode-910 |
Originally Posted by Dubai Stu
(Post 19043835)
|
Another thing to look for is an HTTPS connection anytime personal information is requested (meaning your browser might display https://whatever.com instead of http://whatever.com). I haven't heard of fake sites with HTTPS protocol. Yet. Of course, if it's a free wifi hotspot, with nothing financial going on (no credit card info), there may not be a need for HTTPS, so the lack of HTTPS wherever you log in doesn't imply it's fake (unless financial info is being requested), but the presence of HTTPS is a pretty good indicator it's real.
|
You can always go to https://www.google.com as a test.
Note: As Trueblu notes below, I meant https://www.google.com not "wwww." I corrected the url to reflect this. |
Originally Posted by Dubai Stu
(Post 19050555)
You can always go to https://wwww.google.com as a test.
Not beeing snarky: but the other url doesn't exist for me. tb |
Originally Posted by MissyH
(Post 19041071)
I was sitting in a terminal at XYZ airport. Since they had free Wi-Fi access at this airport, I took out my laptop and tried to connect. To my amazement, my Wi-Fi settings showed 6 available connections. They had nearly identical SSID names. I kept a note of what I saw:
XYZ-Free-WiFi ***** XYZ-FreeAirportWifi *** XYZ-Airport Free *** XYZAirportFree ** XYZ-AirportFreeWifi ** AndroidAP(probably someone using phone tethering) (***** showed signal strength) I don't know if I was just being paranoid, but I had a feeling that one or more of them must have been fake access points. I ended up not connecting to any of them. How can I tell which is real and which is fake? Most of those aren't actual scam networks BTW. Windows XP will automatically broadcast an ad-hoc network named the same as the last one it connected to if it isn't connected to an access point. I'll bet most of the ones listed are the computers of people who previously connected to a fake "Free Public Wifi" network and don't realize that their computer is now doing it also. http://www.techdirt.com/blog/wireles...airports.shtml |
Safest bet is to "know before you go". Check the airport's website from home and they usually have posted instructions as to how to connect which include SSIDs. If they don't send them a nasty email about how dangerous it is not to publish such important information
For example: http://www.panynj.gov/airports/jfk-w...tructions.html says it's provided by Boingo. Boingo's site (search hotspot directory for JKF) says SSID "Boingo Hotspot". If you can't verify it before hand don't use it... |
I'm going to guess that anything at XYZ airport was fake. :D
|
Originally Posted by BStrauss3
(Post 19064250)
Safest bet is to "know before you go". Check the airport's website from home and they usually have posted instructions as to how to connect which include SSIDs. If they don't send them a nasty email about how dangerous it is not to publish such important information
For example: http://www.panynj.gov/airports/jfk-w...tructions.html says it's provided by Boingo. Boingo's site (search hotspot directory for JKF) says SSID "Boingo Hotspot". If you can't verify it before hand don't use it... |
Originally Posted by OverThereTooMuch
(Post 19064960)
How does that info help you verify that it's a legit AP? Someone can easily set up an AP with the same name.
|
|
I'd look around for fliers advertising the airport's wifi and be sure I connect to the network specified in the flyer.
Once connected, be sure you do any important browsing through an SSH tunnel or VPN connection (as I am most notably NOT doing right now at my hotel in France...) |
Originally Posted by BStrauss3
(Post 19066224)
It excludes MOST of the names the OP found.
|
| All times are GMT -6. The time now is 2:06 pm. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.