Saturday, 23 December 2017

how to be safe on free wifi

  /   No comments   


How to be safe on free wifi networks: 

hack on free wifi


Generally, the free wifi is really attracting one in nowadays. the free wifi was offered in generally some coffee shops restaurants or some public places

The users can easily connect the wifi to the device and browse freely. But they don't know that's behind risk.


Why this is insecure?

Our all network packets(requests, response) are transmitted between your network router and internet
It can someone watch and also take a log your all internet packets, and even he can manipulate them.

it is done by the network packet analyzer tools like Wireshark

if that hacker connected to the same network and  he has a Wireshark tool they can sniff you all your unencrypted network packets

What is the Wireshark?

Wireshark is the free and open source network packet analyzer, it is used for analyzing the network packet, troubleshooting, communication protocol developments and education purpose 

It is the big chapter to learn the Wireshark but in this time we learn how to filter the HTTP request and view the unencrypted packets details only.

get the Wireshark on your pc. it can available many platforms 

If you using Linux,  Open a terminal  type "sudo apt-get install Wireshark"

How to steal information using free wifi?

disclaimer: it is for fully education purpose only. don't do any illegal purpose

First, you need to connect that wifi network to your pc 

Open your Wireshark, if you're using Linux operating system open in as a superuser

choose your interface

click the capture option at the top of the Wireshark

Now the Wireshark captures all network packets transmitting on that network

the main thing of the Wireshark you need to know how to filter that packet what to you need


 The login request is called as the post request 

so in the filter bar type that code

http.request.method =="post"

now it shows the unencrypted login request details.

choose that packet  to right-click that and select the follow option  and select the TCP stream

Then it shows the full information about the packet, check it has a username and password on that


Note: it is only worked in HTTP unencrypted sites only. 

In HTTPS encrypted site all the information are encrypted so you cannot view any information from that

Most of the internet users use the same login information like usernames and passwords in all Important websites, if you have done in sniffing in HTTP website, then try in other SSL protection websites 

How to be secure from that?

I am already said the Wireshark could not capture the HTTPS (Encrypted) packets
they cannot decrypt the traffic without the decryption key

So while using public wifi use only HTTPS sites,
Nowadays most of the website turned to HTTPS protocol, example facebook google and most of the banking website
but some of the websites do not give an https connection at the condition you can use HTTPS everywhere extension on your browser.

that extension encrypt your packets on the internet 


Or use Virtual Private Network (VPN) when you connect the internet, that VPN encrypts all your connection between your system to device so no one can't steal your packets

 And main security point is "Don't use same Login information on all websites" If your anyone login request gets compromised, It will affect your another account 

 Do not to be a Victim

thank for reading my blog I hope this post solve security risks on the free wifi, but it, not an end, most of the serious cyber attacks are did in free wifi, follow my Blog continuously in future I will try to cover more over the security information

don't forget to like my Facebook page 

                                  https://www.facebook.com/smartmovingforward/

0 comments:

Post a Comment