WiFi Hotspot, WiFi Sharing, WiFi Public / Private
I've been seeing a trend that is really cool but also really bad.
Sharing your WiFi connections with friends that come over is really cool.
Asking them to connect without a passphrase is not.
Most people don't think about the "Man in the Middle" hack.
That's that person that knows how to read your usernames and passwords from free WiFi Hotspots.
They don't have to be near you to do it because it's not your computer they connect with. It's the Hotspot just like you but they are running different software that allows them to record what sites you visit and what logins you use.
Rule of thumb, never connect to any unsecured Wireless Network.
You can see if it's secure or not really easy.
If it doesn't require any type of secret passphrase it's not secure.
WiFi Hotspots should at least use the following rule.
The SSID or the name you see in your wireless connection box should be the same name used as the passphrase.
Example: FreeWiFi as your SSID would have a passphrase of FreeWiFi.
For my network I like using PirateRadio which matches the pirate flag I have on my custom made PVC 20 foot WiFi mast. ($14.95 in materials and it held up to 50mph winds!)
Now set your SSID and Passphase the same.
If you have one of those 4G or 3G wireless cards you're not going to be able to do that in some cases.
I would like to see more people use the PirateRadio SSID so I we can give some of our friends WiFi when they need it.
Now, how to protect your internal network from these Free WiFi users might be a bit tricky so let me offer you some tips.
First of all, you need to allow yourself a special path when using your wireless. I have a MAC filter that allows me to be assigned a specific IP address each time I connect. That IP is then routed to my networks internal router and it gives me access to my NAS and other computers.
My Friends only need the internet so all other traffic is routed out to my external connection or internet connection.
Next I lock a few things down by allowing only ports 80, 443 for my visitors. Why would I allow P2P games or Torrents ? That's a bad thing and your ISP will tell you.
You can adjust your open and closed ports to match your needs.
Now when you see a SSID that looks a bit different try using it as the connection Passphrase.
One of the funniest SSID's I have seen was "DontHackMe" which happened to be the passphrase as well.