Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

DominikHoffmann

macrumors 6502a
Original poster
Jan 15, 2007
537
530
Indiana
As I was thinking about network security, what came to mind was the threat posed by someone impersonating a public WiFi hotspot with his own hardware and running a man-in-the-middle attack on my system. The way this would work is that my laptop would connect to the impostor hotspot, because it has the same SSID, the impostor simply forwards all traffic to the valid hotspot, but allows the person running the impostor to monitor traffic. If passwords are sent in the clear, he can see them.

Is there an accepted and relatively easy way to guard against these kinds of scenarios?
 
As I was thinking about network security, what came to mind was the threat posed by someone impersonating a public WiFi hotspot with his own hardware and running a man-in-the-middle attack on my system. The way this would work is that my laptop would connect to the impostor hotspot, because it has the same SSID, the impostor simply forwards all traffic to the valid hotspot, but allows the person running the impostor to monitor traffic. If passwords are sent in the clear, he can see them.

Is there an accepted and relatively easy way to guard against these kinds of scenarios?
Any public network should be regarded as insecure from the outset. If passwords are sent in clear text, that's a bigger problem that affects not only the public network, but every network.
Otherwise, when using a public network, a (secure) VPN would address your concerns.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.