Ask Roger: Wireless Hotspots

Dear Roger, Our users are taking the provided laptop on the road with them, and they would like to connect to wirelessly to the hotel network. I’ve heard somewhere recently that wireless access via hotspots introduce new/different vulnerabilities. I dont want these people or their computers ๐Ÿ™‚ catching some virus on the road and brining it back to infect the corporation. Should I just disable the wireless cards and be done with it?
There are several problems that you should be aware of when using a wireless hotspot.
1. The Evil Twin. How do you know that the wireless access point you are using actually belongs to the hotel network? It it a fake access point in the next room belonging to someone who wants to look at your data?
Solution: A lot of this is knowing what too look for and being suspicious. Dont provide any information unless you are convinced that it is a legitimate connection. For example if you are required to register, make sure its a valid SSL certificate that is signed by a root CA. If you dont have to authenticate or provide a credit card number, then use the connection but treat it as untrusted.
If its work related, you may have a national carrier such as T-Mobile or AT&T. Perhaps that client is used to set up these connections in a trusted manner.
2. Lets say you avoid the evil twin. Do you trust your network provider and those working for him. You dont know if they are flaunting the law and collecting passwords.
Solution: Not much you can do about this other than treat the network as untrusted. Only authenticate through encrypted channels (SSL or VPN). Remember that if you open your mail client, it may have a password saved in there that it will send in clear text. You dont want the attacker to get your username and password.
3. The hotel network may not be set up properly. An article last fall revealed that test showed a significant percentage of hotel networks are not switched. This means that anyone on the network could see anyone else’s traffic. Anyone in the hotel could look at the traffic you were sending. So you need to worry about protecting against everyone not just the network owner.
Solution: Same advice as number 2. You may just want to do everything over the VPN if possible.
4. The hotel isn’t using a WEP key. To use it you configured your laptop to connect to a SSID, lets say its THEHOTEL. Now your computer is always looking for a network named THEHOTEL as long as your wireless card is enabled. All an attacker would need to do is name their access point THEHOTEL, and they are connected to your computer over a wireless network, and you probably wouldn’t even notice.
Solution: Configure your Wireless card to only configure to encrypted networks when you are done using this network. This is a manual process. If you are really lucky your wireless drivers can be configured to only connect with access points with specific hardware addresses. Of course that could be spoofed as well.
As always good computer security practices can help to mitigate your exposure. Personal firewalls, common sense, Antivirus.