Reply
Thread Tools
Posts: 271 | Thanked: 10 times | Joined on Mar 2007 @ Finland
#11
Ok. So its not good idea enter passwords to open wlan connection..

Then I cant use Skype either.. When it comes..

But.. If I only read newspapers etc.. Is it safe so no one could login to my N800, download information pics, docs etc, or damage it somehow..

It would have been cool use Skype on the road when we get it to N800.

Did anyone try Shields up?
 
Posts: 428 | Thanked: 54 times | Joined on Mar 2006 @ Washington DC
#12
I wouldn't be logging into bank sites, or anything that required private information on an open hotspot unless it was on a SSL/https site.

I usually assume that if I'm on an open WiFi, there could someone potentially sniffing/listening in.
 
einstein's Avatar
Posts: 18 | Thanked: 1 time | Joined on Mar 2007 @ A moon of planet Nokia
#13
hehe, no just a friendly honeypot. I want to know what going on, nothing more.

Last edited by einstein; 2007-03-22 at 15:30.
 
Posts: 209 | Thanked: 8 times | Joined on Nov 2005 @ Fishers, Indiana
#14
I would assume as a matter of course that any hotspot you connect to is going to be monitored and that there are potentially unfriendly people trying to sniff that information. Whenever I'm out and about I surf sites for fun and news and never do anything I wouldn't want exposed. I'm not worried about my n800 being hacked since there really aren't any ports open except SSH.

Larry
 
Posts: 27 | Thanked: 0 times | Joined on Feb 2007
#15
Hello
From my research Make sure you use HTTPS:// websites and the "lock" icon is visible on the bottom right of every webpage!!

Stephen

http://askbobrankin.com/is_public_wifi_access_safe.html
SAYS:
First, be aware that (almost) ANYTHING that you type or any info that appears on your screen while you're using a wireless connection can be seen by others nearby.

If you are accessing a page that requires a login and password, or if you are entering ANY personal data (credit card, SSN, etc) make sure that you are on a secure site. That's easy enough -- just check that the web address begins with https instead of the usual http -- and your information will be safely encrypted before transmission. As long as you're on a page with an address that begins with https, the data you send and receive is protected from sniffers and snoopers.

But be on your guard, some web-based email providers have a secure login page, but after you're logged in the access reverts to normal non-encrypted mode. So any email you send or receive while on a wireless connection is out in the clear. Google's GMail and Yahoo Mail are examples of webmail services that work this way. Until recently Hotmail didn't even offer a secure login option. So look for the link or checkbox for the secure login when accessing your web-based email. If your service doesn't offer one, consider switching or decide to live with the security exposure.
 
Posts: 3,841 | Thanked: 1,079 times | Joined on Nov 2006
#16
First, if you install the dropbear- server or openssh server then you'll need to change your root password right away, or anyone else on that hotspot network can log in (after all that's how I do serious work on my n800 - I log in from another computer on the wi-fi). Any password should be changed from the default one of course.

Other than that: The default gmail bookmark on the N800 is not recommended if you're on a wi-fi network, because it uses the URL that'll only give you encryption during the login phase. (Last I checked, anyway.) Instead, set up your own gmail bookmark, with https://mail.google.com/ -- this will encrypt the whole session, which is preferable IMO.

Other than that (taking measures if you install servers, and encrypting any serious communication) you shouldn't have any particular worries about hotspots. It's not like someone can virus-infect you just by you being on the network, as such.
__________________
N800/OS2007|N900/Maemo5
-- Metalayer-crawler delenda est.
-- Current state: Fed up with everything MeeGo.

Last edited by TA-t3; 2007-03-23 at 11:42.
 
brendan's Avatar
Posts: 531 | Thanked: 79 times | Joined on Oct 2006 @ This side of insane, that side of genius
#17
while changing the root password is a good practice in theory, i would guess that fewer that 7% of the user base would change it to a "strong" password, which is nearly as bad as not changing it at all.

anyone with an ssh server that is accessible by way of the internet should look at a few of the logs...

lastb -a |more
lastb -a -f /var/log/wtmp.1 |more
lastb -a -f /var/log/wtmp.2 |more
...


i have scrolled through this and found over 347 consecutive attempts from only one IP address attempting to log in as root or other assorted id's, some well known backdoor accounts, too. this was only one persons bot'ed machine. literally hunderds of machines have tried to do this to me.

i found a project on sourceforge.net that gleaned IPs out of /var/log/secure (and /var/log/messages, i think) for bad auth attempts. when 3 are found from an IP not in the exempt list, it appends a rule to my firewall that drops any further attempts at login. an `iptables -nL` on my machine shows 163 IP addresses banned thus far, and i blew it away and rebuilt it less than 3 months ago. look for daemonshield on sf.net

with bot'ed machines, and a weak password, your n800 is more likely to be comprimised when on an open wifi network. using key-based two factor authentication methods will significantly reduce the exposure to unwanted access.

as a good rule of thumb, you should never use a root password unless you are on console. you should ssh as a user and `sudo` or `su -` into the root account.
__________________
Nokia n800
OS 2008
Pharos iGPS 360-BT
ElmScan 5 BlueTooth
BlackBerry Bold (9000)
AT&T Wireless
 
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 09:19.