Warning on Unprotected Wireless Access (Case Study: Nova)

While shopping in Nova today, I was warned about the complex’s wireless network. Nova is one of those places with free access, but apparently it’s rife with airborn viruses (sic). What happens is people buy new books with Centrino chipsets, and as soon as they turn on the machines (inside Nova) to check them out, the computer detects the network and the viruses invade and wipe out the system.

The trick, apparently, is to take the machine home first, install NAV, Firewall, Spybot, etc, and use a landline to get all the upgrades. After that, one can start roaming the city in search of hot spots (and there are several free ones).

Still, after talking to that guy, there’s no way I’m going to pop into Nova for a bit of free on-line time. :astonished:

So, where are the free hot spots?

I’m a bit skeptical on this one. Not that I don’t believe it completely, but your description of what happens is almost like the way virues are presented in science fiction flicks like “Independence Day”. For my own technical understanding, I’d like to know how you got this information, more specifically what kind of virues that guy is talking about. As it would seem, dozens, if not hundreds and thousands of people are going home from Nova with a wiped out machine. If possible ask that guy to explain the background on it: (1) who provides the hotspot, (2) motivations for keeping a virus-laiden wireless network, (3) what kind of virus, etc.

Not that I’ve heard anything about Nova’s network before, but I wouldn’t discount the problem so quickly.

For (2), simple incompetence would do the trick.

For (3), any worm program that probes around networks would invade a new machine that showed up on a network to which a machine it had already infected was attached. When I had DSL, I got constant network probes from worms that were trying to break in; fortunately, my firewall was blocking the worms and logging the probes. At one point, it was so bad that I started sending lists of IP addresses to my ISP so that they could tell the other users on their network that their machines were infected.

As for (1), who knows, who cares. Any hotspot could have this problem, not just Nova’s.

[quote=“MaPoSquid”]Not that I’ve heard anything about Nova’s network before, but I wouldn’t discount the problem so quickly.

For (2), simple incompetence would do the trick.

For (3), any worm program that probes around networks would invade a new machine that showed up on a network to which a machine it had already infected was attached. When I had DSL, I got constant network probes from worms that were trying to break in; fortunately, my firewall was blocking the worms and logging the probes. At one point, it was so bad that I started sending lists of IP addresses to my ISP so that they could tell the other users on their network that their machines were infected.

As for (1), who knows, who cares. Any hotspot could have this problem, not just Nova’s.[/quote]

I understand that network-based programs exist to break into computers. Caution is always advised with anti-virus/firewall security. What I want more information is on the motivations of Nova. I’m a little uncomfortable of someone coming in an saying “this” or “that” place is corrupted because of some converstation I had with some guy. I could have made the same post about HiNet’s WLAN hostposts … hit and run accusation, tainting faith in HiNet as an organization. I wan’t a bit more due dilligence on the “Nova” aspect. For all we know, it could be one sigle vendor or kiosk in Nova. It could be a hotspot at an unrelated establishment next door. The guy Naruwa was talking to could be lying, or as in most cases in Taiwan, someone just making stuff up to look smart … In any case, if it were me at Nova, and I heard something like this, I’d ask many more questions about the nature of this situation before implying essentially to be careful because “Nova provides free hotspots that will wipe your system.”

I understand your skepticism, but I can’t see any motivation in this person trying to pull one over on me. We were speaking in Chinese, the guy had a straight face, etc.

The person was a first floor vendor selling me a PCM-CIA wireless network card. Basically he could have scared me away with that info. His colleague agreed with the risk of Nova and other hotspots. The way I see it, they were trying to educate me, encourage me to have the latest NAV and Win updates installed, etc. I can’t see why they’d be making this stuff up (and I’m not just off the boat, by the way. :wink: )

I have no doubt there are loads of worms floating around a place like Nova and the rest of Taipei. Of course, it’s not Nova management doing it. And, who knows, maybe from time to time they clean the area up. But why take the chance?

BTW, the vendor said that once one has the updates and such installed, it’s safe to go on-line in Nova. Again, seems like a pretty straightforward (and rather kind, really) piece of advice.

But whether or not it’s true, it is a truism that the first thing anyone should do with a new system, Centrino chipset or otherwise, is install a firewall and suite of security programs and download all the updates, as well as the Windows updates.

pinesay: “wiped out” is probably not the best way to describe it. But virused, hacked, trojaned, etc are all ways I would describe un-updated computers that have been on that network.

This will happen on any network with a large amount of unmanaged users. In Taiwan, this means cable modem networks, open wireless lans and dorm networks are rife with viruses/trojans etc.

Do NOT every connect to a network without having all your updates and a firewall. You’ll be infected within 5 minutes (cleaning up the computers was basically all I did at my job in Berkeley), before you can even finish downloading Windows Updates.

If you decide to, it’s basically like having unprotected sex with someone you know has some STD, you’re basically asking for it.

I would hope that ADSL lines are relatively secure, otherwise how can perform the initial software updates wihtout being attacked?

Best thing to do is to get an actual firewall (Linksys, NetGear, whatever) between your ADSL modem and your internal computers before attempting to use your new computer on the network. After the spate of worms last year, even Microsfot started recommending a seperate firewall. Monitoring my firewall logs on my Hinet ADSL line, I can see a lot of activity on the network that you really wouldn’t want interacting with your Windows machine.

Or I could go with the flame bait and just say, switch to Linux/Unix/BSD/OS X and you won’t have nearly the headache.

Do you reckon having firewall software (eg, Norton) will do the trick? Sorry, I’m not familiar with Linksys and NetGear. Could you say a bit more about them?

In my view, it really depends on the situation. For getting your system up on the network, I will not say don’t use the software firewalls. The real issue with software firewalls comes with performance degradation to your system. If you are going to be traveling a lot and hooking to foreign networks quite often, the trade off between performance and security is definitely worth it – go with the software firewall. If your computer is going to remain in your apartment most of the time, you might as well invest in a hardware firewall, such as netgear.com/products/routers/firewallvpn.php (not a recommendation, just an example). The hardware firewall will give you protection, without the possible performance degradation of the software firewall. Also, if you have a roommate, or multiple computers, you can use the firewalls to share the single connection to the Internet.

The real point: The thread name is “Warning about Nova”. Nova is a business. Until we can confirm that “Nova” is responsible for putting up irresponsible wireless access, then we shouldn’t warn people about them. It detracts from their image without suffiencient evidence to back it up, and it quasi-violates the forum guidelines I set up a really long time ago about making tech claims against tech companies that can’t really be substantiated. So, no offense Naruwa. I trust that your advice is correct about the setting at Nova. However, your advice is actually general and applies to ANY public 802.11 network, nothing at all specific to Nova. Warning people about “Nova” singles them out and discourages people from doing business with Nova altogether, especially for non-tech people. Not everyone is like yourself that understands the bigger picture. Seems like a small thing, but not if you were the owner of the Nova complex.

Yah, that kind of confused me also. “Warning about Nova’s Wireless Network” might be a better subject. Overall, I think Nova’s a great place to shop for laptops.

ADSL lines aren’t much more secure because of the way viruses spread to random IP address. If you don’t have a hardware ip-sharing device(router), you’re pretty done for. Software firewalls on Windows computers offer minimal protection to unpatched computers, especially because they don’t come on until AFTER your network connection is enabled. Windows XP SP2 will change this.

beatnikmao: Switching an operating system doesn’t solve your headaches, it just transfers the problem to a different part of the head. Most of the average computer users I know who installed Linux ended getting hacked within a few days. Probably the only safe bet right now is Mac OS X, and only before it gains any significant market share.

My question is this: Let’s say you have a simple cable modem and then an NAT server box (bascially a firmware DHCP router) connected to that. It is also wireless. Assuming that an attacker would be unsuccessful in identifying virutual IPs behind real IP address of the NAT server, what could other computers in that network do to each other??? I’ve got an Apple AirPort 802.11b/g wireless hub that plugs into my ADSL modem. I use it with my Windows XP and Mac OS X machines. What if I had a friend come over and connect to my little network? Could his viruses start looking to break into the virtual IPs in my network. I assume the answer would be “yes”, as it would be easy for a robot/virus to determine the IP of the gateway and then from there go from 1 to 255. My question then would be, what network (especially wireless) wouldn’t be exteremely vulnerable with all the different kinds of unknown computers connected at any given time?

You are correct, just switching the operating system will not help against people attacking your system, every system has a flaw somewhere, but it will help defend against the virus, worms, and the like. Because a vast majority of the worms and viruses are written to exploit MS, and with a majority of the machines on the networks at hotspots are MS machines, the chance of coming across a system carrying a virus or worm that will effect your machine are greater.

But as I said, if someone is going to be using hotspots a lot, the only viable option is firewall software. For home use, such as ADSL a hardware firewall should be used no matter what OS is sitting behind it. It takes knowledge to harden any OS, especially if the users want to enable network features beyond web-browsing. No OS is totally secure by default, except maybe for OpenBSD if their hype is true.

No real problem with the name change, though I agree with answerer it should say something like “Problem with Nova’s wireless network,” which is pretty much the original point of the thread and doesn’t disparage Nova. However, I do like the direction it has taken and feel everyone (including myself) can benefit from increased knowledge on Net security, and wireless in particular.

I can’t say I follow the most detailed of the tech talk on networks and such - but hopefully enough for basic protection.

I’m going to look into getting a hardware firewall.

Question: If I install one, and I already have Norton Firewall sitting behind it, plus the upcoming XP SP2, is that all going to ‘get along,’ or will there be piss fights between them?

I agree with the name change, and if we want to head into a discussion of network security, wireless or otherwise, that’s great with me. Just to give you an idea of where I am coming from, my DSL modem feeds into a firewall from which I run a wireless access point. All five computers in my home are running wireless. To secure my network I use WEP (Wireless Encryption Protocol) as well as MAC address filtering. In the mix, I have BSD, Linux, and of course Windows.

Yes, they could and they would. Most current worms/viruses spread by trying the local subnet first. It’s exactly because of this that unknown computers are the bane of network adminstrators around the world.

Just last week, two guys in Taipei were caught jumping onto people’s unsecured wireless networks, stealing credit card #s, usernames, etc and then using those connections to do illegal activity.

Was that in the paper or news? Got a reference for that? Thanks.

I think security wise, one can’t do enough really. But there’s always the price-point to consider.