GoGo (MTM) man in the middle attack possible

Discussion in 'General Discussion | Travel' started by Switch2, Sep 18, 2013.  |  Print Topic

  1. Switch2

    Switch2 Silver Member

    Messages:
    265
    Likes Received:
    407
    Status Points:
    520
    uggboy likes this.
  2. viguera
    Original Member

    viguera Gold Member

    Messages:
    4,737
    Likes Received:
    6,913
    Status Points:
    4,745
    Yeah the old session hijacking trick... this is why people need SSL everywhere. People give up security for convenience (which is why things like FireSheep exist).

    The fact that AP isolation is turned off in a plane full of people with minimal security is scary, at best. :)
     
    Switch2 and uggboy like this.
  3. anileze

    anileze Gold Member

    Messages:
    4,965
    Likes Received:
    12,801
    Status Points:
    10,675
    That is why you need to install VPN on all devices. If you have the stomach, roll your own; or pick one of the many. /Hotspot Shield/Security Kiss/Strong VPN/ or use your company's VPN. It is best not to mix work and play ;)
     
    Switch2 likes this.
  4. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,220
    Likes Received:
    61,766
    Status Points:
    20,020
    A bit surprising to me on two fronts.
    1) Why do you need to replay the session if you're just going to hijack the MAC address which is used to handle the authentication on the server?
    2) Multiple devices using the same MAC address on a single network rarely works very well.
     
    StevenGerrard likes this.

Share This Page