[LINK] The Degree of Peril in an Insecure Wifi Network

[Paul Brooks]

On 16/07/2011 11:16 AM, Roger Clarke wrote:
> ''All of the detrimental effects of being hacked will then follow, 
> except the hacker has been given an easy and exploitable way into the 
> network,'' Dr Gregory said.
>
> [Isn't Gregory confusing rather separate things here?  Is it 
> significantly easier to break into a device via a wifi network than 
> over the Internet connection?  And even if it is, does that approach 
> scale sufficiently to make it worth a miscreant's while using this 
> approach rather than mounting the attack over the Internet?]
Yes. Over the WIFI link the attacker is coming from inside the firewall/NAT device,
whereas over the Internet the attacker is coming from outside the firewall/NAT device.
Most devices - of all operating systems - provide significantly greater numbers of
exploitable open ports and services visible to other devices on 'the local LAN', and
far greater level of trust, to devices with IP addresses in the same subnet. They
don't also have to worry about bypassing the one-way-valve of an intermediate firewall
which helps reduce the visibility of much of the exploitable openings of the devices
inside, especially if they don't communicate with the open Internet.
(Which avenue would be easier to compromise my ethernet-connected HP printer, DVD
player, or IP-connected television - each of which only communicates with other
devices inside my network?)


> [I couldn't quickly locate any sources on the extent to which legal 
> compulsion exists to secure a wife network.  Does anyone know the 
> story?
Not in Australia, but in Germany earlier this year....

http://www.infosecurity-magazine.com/view/9457/german-courts-may-fine-users-for-unsecured-wlans/

P.