Love the 'already exchanged key' portion of this. 

-----Original Message-----
From: plug-discuss-bounces@lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of
Erich Newell
Sent: Monday, January 07, 2008 11:31 AM
To: Main PLUG discussion list
Subject: Re: Strange Redirect - Omaha Airport

What Tony describes is correct, the cause of which is of course
suspect. I don't mean to be alarmist or to even say what was going on
was definitively nefarious, but I can say with certainty that airports
are rife with hackers or wanna-be hackers testing their mettle and
tools. Please beware.

For instance, if I were to setup a fake access point and only want IE
users to route through it, I might have any browser that doesn't
detect accordingly do something similar to the above. It is a good way
to limit your dataset to what you need without overly raising
suspicion. Further, I'll bet that at least 50% of the users simply
switch over to the (hopefully) vulnerable version of IE and continue
on their happy way.

Never use wifi that you don't have end to end control over without an
encrypted tunneling solution whose endpoints are outside the suspect
network and whose keys have already been exchanged. (VPN / SSH )

- Erich


-- 
"A man is defined by the questions that he asks; and the way he goes
about finding the answers to those questions is the way he goes
through life."
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss