Risks while Tethering

Discussion in 'other firewalls' started by mikeo1313, Apr 20, 2009.

Thread Status:
Not open for further replies.
  1. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    Some time ago, on this forum I read how if @ hotel or anywhere using a public wifi connection you should have a firewall that protects you against ARP poisoning. I can be wrong.

    HOW ABOUT, when you connect to the internet via (bluetooth or USB) using your cellular EVDO, HSPAA or 1xo_O??

    1. On comodo and like any other network that it detects I check being able to be discoverable, which I think is a mistake on my part since I use vpn software (hamachi &/or easyvpn) while away from my home network.

    2. Another mistake I think I made is
    On vista, the network I choose it to be "private" when considering the former I think I should change it to "public",,,

    3. Allot of people are proponents of SPI, but when your accessing the internet from a pda's internet connection I imagine the risk goes up, how can you mitiage it?


    Any comments on my hunches or any suggestions?
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    On a public network then I certainly agree that protection for ARP should be there. Unfortunately the automatic type of protection I have seen in the firewalls I have tested I have been able to easily bypass and cause re-direct and/or DOS. I also see many problems where this type of protection actually causes the gateway to be blocked, so the firewall actually DOS itself.

    The main problem is the fact that when entering a LAN that ARP broadcast/announcements are made and anyone listening can see you and can set up an attack.

    - Stem
     
  3. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    What would you suggest as a best method for protection?
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I know very little of ARP protocol. Read some stuff on it a few years ago and played with some 'super stealth' plugins for outpost, which blocked ARP packets. But I am wondering, do all firewalls need to handle that protocol? Behind a router, maybe it is not critical. Have you ever played with SoftPerfect firewall? It has ARP protocol to make rules for. IPsec does not have ARP protocol, or you could use it as a straight up filter without the tunneling/key stuff. But there is a list of protocols for IPSec that I don't know what many of them are.

    Neat stuff.

    Sul.
     
Thread Status:
Not open for further replies.