[Owasp-singapore] [security-77] Fake Wireless at SG AP at AMK?

Winston.Leong at sg.ey.com Winston.Leong at sg.ey.com
Sun May 31 22:53:05 EDT 2009


Since the Wireless at SG was brought up, I might as well mention here that I
had encounter at least 2 Rouge AP running with the same SSID. One of them
is within City Hall and the other is in CBD area close to some banks.

The interesting part is that one of them does not have the standard login
at all. Free internet so to speak.

The other is more malicious in design. It has the exact same page copied
from the original site, including the login. I only spotted it because it
looks different on my specific device. The Rouge AP installer probably did
not expect me to use this device to browse to his AP. In his case, I did
not log in for obvious reasons.

So I urges everyone to be extra careful in using free wifi and assume at
all times free wifi cannot be trusted and you should not submit any
information what may compromise yourself over these networks.

Regards, Winston Leong
                                                                                                      
 (Embedded image moved   Winston Leong | Technology and Security Risk Services                        
 to file: pic13452.gif)                                                                               
                                                                                                      
                         Ernst & Young Risk Advisory Services Pte. Ltd                                
                                                                                                      
                         One Raffles Quay, North Tower, Level 18, Singapore 048583                    
                                                                                                      
                         Office: +65 6309 6766 | Fax: +65 6532 7662                                   
                                                                                                      
                         Website: www.ey.com                                                          
                                                                                                      
                         Thank you for considering the environmental impact of printing emails.       
                                                                                                      





The information contained in this communication is intended solely for the
use of the individual or entity to whom it is addressed and others
authorized to receive it. It may contain confidential or legally privileged
information. If you are not the intended recipient you are hereby notified
that any disclosure, copying, distribution or taking any action in reliance
on the contents of this information is strictly prohibited and may be
unlawful. If you have received this communication in error, please notify
us immediately by responding to this email and then delete it from your
system. We are neither liable for the proper and complete transmission of
the information contained in this communication nor for any delay in its
receipt.

Ernst & Young LLP (UEN T08LL0859H) is an accounting limited
liability partnership registered in Singapore under the Limited Liability
Partnerships Act (Chapter 163A). On 1 July 2008, it was converted from a
firm to a limited liability partnership.

Ernst & Young Solutions LLP (UEN T08LL0784H) is a limited
liability partnership registered in Singapore under the Limited Liability
Partnerships Act (Chapter 163A).

Ernst & Young Associates Pte Ltd is a company incorporated in Singapore
with UEN 198905395E.

Ernst & Young Corporate Finance Pte Ltd is a company incorporated in
Singapore with UEN 199702967E.

Ernst & Young Risk Advisory Services Pte. Ltd. is a company incorporated in
Singapore with UEN 200202390R.

Ernst & Young Customs & International Trade Services Private Limited is a
company incorporated in Singapore with UEN 200206660G.

                                                                           
             Wong Onn Chee                                                 
             <ocwong at usa.net>                                              
             Sent by:                                                   To 
             owasp-singapore-b         security-77 at meetup.com,             
             ounces at lists.owas         owasp-singapore at lists.owasp.org     
             p.org                                                      cc 
                                                                           
                                                                   Subject 
             30/05/2009 06:27          Re: [Owasp-singapore] [security-77] 
             PM                        Fake Wireless at SG AP at AMK?         
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




Hi Ray,

I will strongly recommend against using Wireless at SG, as anyone can
masquerade their rogue AP as Wireless at SG.

3G broadband is a much safer option.

Again, pardon my limited legal knowledge, but it may not be an offence
to masquerade Wireless at SG unless IDA or the providers complain.
Akin to our previous thread on the cyber-squatting of domain names.


Ray Foo wrote:
> Nope, I don't even get the login page.
>
> Ray.
>
> On 5/30/09, Frenky Tjioe <tjioefrenky at gmail.com> wrote:
>
>> Did you test the "fake" Wireless at SG with wrong password?  If it's fake,
it
>> won't be able to tell whether your password is wrong.
>>
>> Regards,
>>
>> On Sat, May 30, 2009 at 12:19 PM, Ray Foo <gunblad3 at gmail.com> wrote:
>>
>>
>>> Hi guys,
>>>
>>> Was at AMK (hawker center behind Jubilee, not the S11) where I found
>>> something weird when I was surfing around on Wireless at SG, not sure
>>> whether it's a fake AP, but it definitely isn't normal.
>>>
>>> I didn't seem to have authenticated properly (my initial oversight),
>>> but when surfing later, HTTP sites all were served ok, but all HTTPS
>>> sites (including Gmail) returned a cert error.  Can anyone confirm
>>> this?
>>>
>>> I wasn't able to check the cert details as I was using my iPod Touch
>>> then, and I didn't want to accept the wrong cert to find out what
>>> happens...
>>>
>>> Hope someone's not running a fake AP, it'd be pretty dangerous...Fyi
>>> the range of the AP was detectable for a pretty large area in AMK
>>> central as I was walking around.
>>>
>>> Ray.
>>>
>>>
>>>
>>> --
>>> Please Note: If you hit "REPLY", your message will be sent to everyone
on
>>> this mailing list (security-77 at meetup.com)
>>> http://security.meetup.com/77/
>>> This message was sent by Ray Foo (gunblad3 at gmail.com) from The
Singapore
>>> Security Meetup Group.
>>> To learn more about Ray Foo, visit his/her member profile:
>>> http://security.meetup.com/77/members/5643827/
>>> To unsubscribe or to update your mailing list settings, click here:
>>> http://www.meetup.com/account/comm/
>>> Meetup Support: support at meetup.com
>>> 632 Broadway, New York, NY 10012 USA
>>>
>>>
>>>
>
>
>
> --
> Please Note: If you hit "REPLY", your message will be sent to everyone on
this mailing list (security-77 at meetup.com)
> http://security.meetup.com/77/
> This message was sent by Ray Foo (gunblad3 at gmail.com) from The Singapore
Security Meetup Group.
> To learn more about Ray Foo, visit his/her member profile:
http://security.meetup.com/77/members/5643827/
> To unsubscribe or to update your mailing list settings, click here:
http://www.meetup.com/account/comm/
> Meetup Support: support at meetup.com
> 632 Broadway, New York, NY 10012 USA
>
>
>
>

_______________________________________________
Owasp-singapore mailing list
Owasp-singapore at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-singapore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic13452.gif
Type: image/gif
Size: 2521 bytes
Desc: not available
Url : https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090601/7867365e/attachment.gif 


More information about the Owasp-singapore mailing list