[Owasp-singapore] [security-77] Fake Wireless at SG AP at AMK?

Ray gunblad3 at gmail.com
Sun May 31 23:01:29 EDT 2009


Maybe the scanning for rogue Wireless at SG APs can be part of the "TV show"
that we were talking about, would fit in well with the educating of the
public users.

Ray.

On Mon, Jun 1, 2009 at 10:53 AM, <Winston.Leong at sg.ey.com> wrote:

> Since the Wireless at SG was brought up, I might as well mention here that I
> had encounter at least 2 Rouge AP running with the same SSID. One of them
> is within City Hall and the other is in CBD area close to some banks.
>
> The interesting part is that one of them does not have the standard login
> at all. Free internet so to speak.
>
> The other is more malicious in design. It has the exact same page copied
> from the original site, including the login. I only spotted it because it
> looks different on my specific device. The Rouge AP installer probably did
> not expect me to use this device to browse to his AP. In his case, I did
> not log in for obvious reasons.
>
> So I urges everyone to be extra careful in using free wifi and assume at
> all times free wifi cannot be trusted and you should not submit any
> information what may compromise yourself over these networks.
>
> Regards, Winston Leong
>
>  (Embedded image moved   Winston Leong | Technology and Security Risk
> Services
>  to file: pic13452.gif)
>
>                         Ernst & Young Risk Advisory Services Pte. Ltd
>
>                         One Raffles Quay, North Tower, Level 18, Singapore
> 048583
>
>                         Office: +65 6309 6766 | Fax: +65 6532 7662
>
>                         Website: www.ey.com
>
>                         Thank you for considering the environmental impact
> of printing emails.
>
>
>
>
>
>
> The information contained in this communication is intended solely for the
> use of the individual or entity to whom it is addressed and others
> authorized to receive it. It may contain confidential or legally privileged
> information. If you are not the intended recipient you are hereby notified
> that any disclosure, copying, distribution or taking any action in reliance
> on the contents of this information is strictly prohibited and may be
> unlawful. If you have received this communication in error, please notify
> us immediately by responding to this email and then delete it from your
> system. We are neither liable for the proper and complete transmission of
> the information contained in this communication nor for any delay in its
> receipt.
>
> Ernst & Young LLP (UEN T08LL0859H) is an accounting limited
> liability partnership registered in Singapore under the Limited Liability
> Partnerships Act (Chapter 163A). On 1 July 2008, it was converted from a
> firm to a limited liability partnership.
>
> Ernst & Young Solutions LLP (UEN T08LL0784H) is a limited
> liability partnership registered in Singapore under the Limited Liability
> Partnerships Act (Chapter 163A).
>
> Ernst & Young Associates Pte Ltd is a company incorporated in Singapore
> with UEN 198905395E.
>
> Ernst & Young Corporate Finance Pte Ltd is a company incorporated in
> Singapore with UEN 199702967E.
>
> Ernst & Young Risk Advisory Services Pte. Ltd. is a company incorporated in
> Singapore with UEN 200202390R.
>
> Ernst & Young Customs & International Trade Services Private Limited is a
> company incorporated in Singapore with UEN 200206660G.
>
>
>             Wong Onn Chee
>             <ocwong at usa.net>
>              Sent by:                                                   To
>             owasp-singapore-b         security-77 at meetup.com,
>             ounces at lists.owas         owasp-singapore at lists.owasp.org
>             p.org                                                      cc
>
>                                                                   Subject
>             30/05/2009 06:27          Re: [Owasp-singapore] [security-77]
>             PM                        Fake Wireless at SG AP at AMK?
>
>
>
>
>
>
>
>
>
>
> Hi Ray,
>
> I will strongly recommend against using Wireless at SG, as anyone can
> masquerade their rogue AP as Wireless at SG.
>
> 3G broadband is a much safer option.
>
> Again, pardon my limited legal knowledge, but it may not be an offence
> to masquerade Wireless at SG unless IDA or the providers complain.
> Akin to our previous thread on the cyber-squatting of domain names.
>
>
> Ray Foo wrote:
> > Nope, I don't even get the login page.
> >
> > Ray.
> >
> > On 5/30/09, Frenky Tjioe <tjioefrenky at gmail.com> wrote:
> >
> >> Did you test the "fake" Wireless at SG with wrong password?  If it's fake,
> it
> >> won't be able to tell whether your password is wrong.
> >>
> >> Regards,
> >>
> >> On Sat, May 30, 2009 at 12:19 PM, Ray Foo <gunblad3 at gmail.com> wrote:
> >>
> >>
> >>> Hi guys,
> >>>
> >>> Was at AMK (hawker center behind Jubilee, not the S11) where I found
> >>> something weird when I was surfing around on Wireless at SG, not sure
> >>> whether it's a fake AP, but it definitely isn't normal.
> >>>
> >>> I didn't seem to have authenticated properly (my initial oversight),
> >>> but when surfing later, HTTP sites all were served ok, but all HTTPS
> >>> sites (including Gmail) returned a cert error.  Can anyone confirm
> >>> this?
> >>>
> >>> I wasn't able to check the cert details as I was using my iPod Touch
> >>> then, and I didn't want to accept the wrong cert to find out what
> >>> happens...
> >>>
> >>> Hope someone's not running a fake AP, it'd be pretty dangerous...Fyi
> >>> the range of the AP was detectable for a pretty large area in AMK
> >>> central as I was walking around.
> >>>
> >>> Ray.
> >>>
> >>>
> >>>
> >>> --
> >>> Please Note: If you hit "REPLY", your message will be sent to everyone
> on
> >>> this mailing list (security-77 at meetup.com)
> >>> http://security.meetup.com/77/
> >>> This message was sent by Ray Foo (gunblad3 at gmail.com) from The
> Singapore
> >>> Security Meetup Group.
> >>> To learn more about Ray Foo, visit his/her member profile:
> >>> http://security.meetup.com/77/members/5643827/
> >>> To unsubscribe or to update your mailing list settings, click here:
> >>> http://www.meetup.com/account/comm/
> >>> Meetup Support: support at meetup.com
> >>> 632 Broadway, New York, NY 10012 USA
> >>>
> >>>
> >>>
> >
> >
> >
> > --
> > Please Note: If you hit "REPLY", your message will be sent to everyone on
> this mailing list (security-77 at meetup.com)
> > http://security.meetup.com/77/
> > This message was sent by Ray Foo (gunblad3 at gmail.com) from The Singapore
> Security Meetup Group.
> > To learn more about Ray Foo, visit his/her member profile:
> http://security.meetup.com/77/members/5643827/
> > To unsubscribe or to update your mailing list settings, click here:
> http://www.meetup.com/account/comm/
> > Meetup Support: support at meetup.com
> > 632 Broadway, New York, NY 10012 USA
> >
> >
> >
> >
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090601/226260cd/attachment-0001.html 


More information about the Owasp-singapore mailing list