[Owasp-singapore] [security-77] Fake Wireless at SG AP at AMK?

Donald Ong donald.ong at gmail.com
Mon Jun 1 02:33:30 EDT 2009


Hi Ray,

I see. How is it going so far?


Regards,
Donald

Ray <gunblad3 at gmail.com> wrote:

>The one that Frenky was organizing a while back, that we go around
>wardriving for open WiFi networks and demo to TV crew for public education
>purposes.
>
>Ray.
>
>On Mon, Jun 1, 2009 at 12:52 PM, Donald Ong <donald.ong at gmail.com> wrote:
>
>> Hi Ray,
>>
>> What the "TV show" you talking about?
>>
>>
>> Regards,
>> Donald
>>
>> Ray <gunblad3 at gmail.com> wrote:
>>
>> >Maybe the scanning for rogue Wireless at SG APs can be part of the "TV show"
>> >that we were talking about, would fit in well with the educating of the
>> >public users.
>> >
>> >Ray.
>> >
>> >On Mon, Jun 1, 2009 at 10:53 AM, <Winston.Leong at sg.ey.com> wrote:
>> >
>> >> Since the Wireless at SG was brought up, I might as well mention here that
>> I
>> >> had encounter at least 2 Rouge AP running with the same SSID. One of
>> them
>> >> is within City Hall and the other is in CBD area close to some banks.
>> >>
>> >> The interesting part is that one of them does not have the standard
>> login
>> >> at all. Free internet so to speak.
>> >>
>> >> The other is more malicious in design. It has the exact same page copied
>> >> from the original site, including the login. I only spotted it because
>> it
>> >> looks different on my specific device. The Rouge AP installer probably
>> did
>> >> not expect me to use this device to browse to his AP. In his case, I did
>> >> not log in for obvious reasons.
>> >>
>> >> So I urges everyone to be extra careful in using free wifi and assume at
>> >> all times free wifi cannot be trusted and you should not submit any
>> >> information what may compromise yourself over these networks.
>> >>
>> >> Regards, Winston Leong
>> >>
>> >>  (Embedded image moved   Winston Leong | Technology and Security Risk
>> >> Services
>> >>  to file: pic13452.gif)
>> >>
>> >>                         Ernst & Young Risk Advisory Services Pte. Ltd
>> >>
>> >>                         One Raffles Quay, North Tower, Level 18,
>> Singapore
>> >> 048583
>> >>
>> >>                         Office: +65 6309 6766 | Fax: +65 6532 7662
>> >>
>> >>                         Website: www.ey.com
>> >>
>> >>                         Thank you for considering the environmental
>> impact
>> >> of printing emails.
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> The information contained in this communication is intended solely for
>> the
>> >> use of the individual or entity to whom it is addressed and others
>> >> authorized to receive it. It may contain confidential or legally
>> privileged
>> >> information. If you are not the intended recipient you are hereby
>> notified
>> >> that any disclosure, copying, distribution or taking any action in
>> reliance
>> >> on the contents of this information is strictly prohibited and may be
>> >> unlawful. If you have received this communication in error, please
>> notify
>> >> us immediately by responding to this email and then delete it from your
>> >> system. We are neither liable for the proper and complete transmission
>> of
>> >> the information contained in this communication nor for any delay in its
>> >> receipt.
>> >>
>> >> Ernst & Young LLP (UEN T08LL0859H) is an accounting limited
>> >> liability partnership registered in Singapore under the Limited
>> Liability
>> >> Partnerships Act (Chapter 163A). On 1 July 2008, it was converted from a
>> >> firm to a limited liability partnership.
>> >>
>> >> Ernst & Young Solutions LLP (UEN T08LL0784H) is a limited
>> >> liability partnership registered in Singapore under the Limited
>> Liability
>> >> Partnerships Act (Chapter 163A).
>> >>
>> >> Ernst & Young Associates Pte Ltd is a company incorporated in Singapore
>> >> with UEN 198905395E.
>> >>
>> >> Ernst & Young Corporate Finance Pte Ltd is a company incorporated in
>> >> Singapore with UEN 199702967E.
>> >>
>> >> Ernst & Young Risk Advisory Services Pte. Ltd. is a company incorporated
>> in
>> >> Singapore with UEN 200202390R.
>> >>
>> >> Ernst & Young Customs & International Trade Services Private Limited is
>> a
>> >> company incorporated in Singapore with UEN 200206660G.
>> >>
>> >>
>> >>             Wong Onn Chee
>> >>             <ocwong at usa.net>
>> >>              Sent by:
>> To
>> >>             owasp-singapore-b         security-77 at meetup.com,
>> >>             ounces at lists.owas         owasp-singapore at lists.owasp.org
>> >>             p.org
>>  cc
>> >>
>> >>
>> Subject
>> >>             30/05/2009 06:27          Re: [Owasp-singapore]
>> [security-77]
>> >>             PM                        Fake Wireless at SG AP at AMK?
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> Hi Ray,
>> >>
>> >> I will strongly recommend against using Wireless at SG, as anyone can
>> >> masquerade their rogue AP as Wireless at SG.
>> >>
>> >> 3G broadband is a much safer option.
>> >>
>> >> Again, pardon my limited legal knowledge, but it may not be an offence
>> >> to masquerade Wireless at SG unless IDA or the providers complain.
>> >> Akin to our previous thread on the cyber-squatting of domain names.
>> >>
>> >>
>> >> Ray Foo wrote:
>> >> > Nope, I don't even get the login page.
>> >> >
>> >> > Ray.
>> >> >
>> >> > On 5/30/09, Frenky Tjioe <tjioefrenky at gmail.com> wrote:
>> >> >
>> >> >> Did you test the "fake" Wireless at SG with wrong password?  If it's
>> fake,
>> >> it
>> >> >> won't be able to tell whether your password is wrong.
>> >> >>
>> >> >> Regards,
>> >> >>
>> >> >> On Sat, May 30, 2009 at 12:19 PM, Ray Foo <gunblad3 at gmail.com>
>> wrote:
>> >> >>
>> >> >>
>> >> >>> Hi guys,
>> >> >>>
>> >> >>> Was at AMK (hawker center behind Jubilee, not the S11) where I found
>> >> >>> something weird when I was surfing around on Wireless at SG, not sure
>> >> >>> whether it's a fake AP, but it definitely isn't normal.
>> >> >>>
>> >> >>> I didn't seem to have authenticated properly (my initial oversight),
>> >> >>> but when surfing later, HTTP sites all were served ok, but all HTTPS
>> >> >>> sites (including Gmail) returned a cert error.  Can anyone confirm
>> >> >>> this?
>> >> >>>
>> >> >>> I wasn't able to check the cert details as I was using my iPod Touch
>> >> >>> then, and I didn't want to accept the wrong cert to find out what
>> >> >>> happens...
>> >> >>>
>> >> >>> Hope someone's not running a fake AP, it'd be pretty dangerous...Fyi
>> >> >>> the range of the AP was detectable for a pretty large area in AMK
>> >> >>> central as I was walking around.
>> >> >>>
>> >> >>> Ray.
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>> --
>> >> >>> Please Note: If you hit "REPLY", your message will be sent to
>> everyone
>> >> on
>> >> >>> this mailing list (security-77 at meetup.com)
>> >> >>> http://security.meetup.com/77/
>> >> >>> This message was sent by Ray Foo (gunblad3 at gmail.com) from The
>> >> Singapore
>> >> >>> Security Meetup Group.
>> >> >>> To learn more about Ray Foo, visit his/her member profile:
>> >> >>> http://security.meetup.com/77/members/5643827/
>> >> >>> To unsubscribe or to update your mailing list settings, click here:
>> >> >>> http://www.meetup.com/account/comm/
>> >> >>> Meetup Support: support at meetup.com
>> >> >>> 632 Broadway, New York, NY 10012 USA
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Please Note: If you hit "REPLY", your message will be sent to everyone
>> on
>> >> this mailing list (security-77 at meetup.com)
>> >> > http://security.meetup.com/77/
>> >> > This message was sent by Ray Foo (gunblad3 at gmail.com) from The
>> Singapore
>> >> Security Meetup Group.
>> >> > To learn more about Ray Foo, visit his/her member profile:
>> >> http://security.meetup.com/77/members/5643827/
>> >> > To unsubscribe or to update your mailing list settings, click here:
>> >> http://www.meetup.com/account/comm/
>> >> > Meetup Support: support at meetup.com
>> >> > 632 Broadway, New York, NY 10012 USA
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >> _______________________________________________
>> >> Owasp-singapore mailing list
>> >> Owasp-singapore at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>> >>
>> >> _______________________________________________
>> >> Owasp-singapore mailing list
>> >> Owasp-singapore at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>> >>
>> >>
>> >_______________________________________________
>> >Owasp-singapore mailing list
>> >Owasp-singapore at lists.owasp.org
>> >https://lists.owasp.org/mailman/listinfo/owasp-singapore
>>


More information about the Owasp-singapore mailing list