InterceptRadio.com Forums

Is there a way to secure a Nokia 810? Not sure if there is something else to do.
Comments on Wi-Max security?
I'm thinking about one of these for my summer trip:
http://www.nseries.com/index.html#l=products,n810_wme

Ahh so they are using what is called a captive portal, MAC address filtering or DNS redirection. They truly are open. so if you use some common tricks to go around the portal you can just get internet for free.

lets say it was WPA and the key was "tacotime" well a bad guy can get that key log in and just decrypt the traffic as easy as if there was no password.

as for your PPTP tunnel with windows server, you can crack it as it uses older encryption technology that can be broken. However I have not heard of common use of PPTP tunnel cracking in place as anything good is typically in a IPSEC. the thing is that you have one up on the guy next to you and a hacker will just mess with the easy target first. If you notice your tunnel drop for no good reason a bunch might be time to stop the use of the bank account.

_________________
If I had an antenna, I would; but I can only transmit on 160 meters.
_____
DE K7MHI

dont take this as definitive I only researched for about 2 mins...


If I were looking for ways to secure this for a customer I would suggest a SSL-VPN solution. It appears that nokia has some VPN client for the phone but i didnt figure out what for (nokia routers?) but in the corporate market things like the F5FirePass or JuniperSA, or CiscoASA5500 all have the ability to load up a java vpn client and move your gateway thru a tunnel.

This is the way that I have deployed to windowsCE/mobile phone for customers before. However I have never had any experience with nokia smart phones.


you can get a ASA5505 for around $500-800 I personally run one at home and they are AWESOME! you get 2 VPN licenses with the base product. so you can SSL or IPSEC all with the same client that most corporations use.

Iam 99% sure that there is a opensource project using openSSL for a web-SSL vpn product that you could implement for free with *nix but lets face it free stuff dont pay the bills :) for further research I would suggest hitting up the hacker boards as this phone is very popular with the ubuntu and hacker world.

_________________
If I had an antenna, I would; but I can only transmit on 160 meters.
_____
DE K7MHI

Looks like a neat little device...

Wireless security is what you make it. If your not using security then assume you are being watched. If the "hotspot" your using isnt using security, then your not gonna either. This is where a VPN comes in handy. A free hotspot using a wep or wpa key would be a waste of time and would give a false sense of security.

A practice by some is to visit an establishment with a laptop or other equipment and impersonate the establishments wifi. Its a type of "Man in the Middle" attack. This system acts as a proxy and passes all your information through to the establishment or other connection. The perp then harvests any user passwords and associated sites. Being that he is probably right out in the customer area near you your "product" may pick his signal first due to the stronger signal.

In talking about private networks...
We've gone back and forth here a little on WPA security and whether its hackable or not. The truth is that the only way so far its been hacked is by brute force of the passphrase. But its a matter of time. You have to make things hard enough to cause those who would try to move on to the next not so secure wifi.


Jay- this is kinda the original reason for this post... So that someone going out of his area could easily find a hotspot if needed without having to look to hard. Im glad the security was brought up though. But if you need to get to Mapquest, hopefully this helps... :)

Now I gotta get to work... :mrgreen:

_________________
"A well regulated breakfast, being necessary to the healthy start of the day, the right of the people to keep and eat food shall not be infringed."

to keep back on topic there are hundreds of sites that googlemap locations or just print up this list

http://www.wififreespot.com/wa.html

as for the the attack you purposed,

when the hacker comes in with a laptop faking a ESSID of tac0bell when the ESSID is actually tacobell (he replaced a zero for the 'oh') that would be a social engineering hack as he didnt do anything but trick people.

he then could proxy all traffic and collect information as a man in the middle.

the better way to do this man in the middle is just to ARP poison the ESSID tacobell so that people legitimately connect to the network and with out knowing it they pass all the traffic to me. want to do that? check out ettercap for starters but dont run it on anything but a test network you can nicely take down your corporate network it works that well, but your IT department wont enjoy a bunch of switches with messed up ARP tables.

_________________
If I had an antenna, I would; but I can only transmit on 160 meters.
_____
DE K7MHI

Comment;
It's refreshing to see this thread take off like it did.
It's gets kinda dull talking about which freq's the balloons are on this summer.

hehe, yea I do a lot of security work with computers, just got back from a TLA agency giving them some presentations on the same crap.

_________________
If I had an antenna, I would; but I can only transmit on 160 meters.
_____
DE K7MHI