Re: What are "computer-to-computer (ad-hoc) networks"? -- PCTECH

I would be suspect of the motivation of someone offering their PC (not
their WAP) as a gateway to the Internet.  Besides giving away bandwidth,
which would be the case on an unsecured WAP, they are chewing through at
least some or their PC's resources.

Consider that consumer grade WAPs/routers don't do data packet captures
but a PC can.  If the FIA PC is capturing the data you send through it
to the 'net (receive packet, copy it to local storage, forward it to the
'net gateway), then it could potentially glean info about you, your 'net
habits, maybe a password or two that don't get sent encrypted, etc.
 
Also, as I noted, if you connect to the FIA PC as a peer, the FIA PC can
try to exploit Windows (or other OS) vulnerabilities on your PC for the
purposes of installing viruses/spyware/rootkits/other malware.  When you
go through a router you're decently protected from that sort of thing by
the router's internal firewall.  In an ad hoc network, the ad hoc peers
are not blocked by a firewall (unless you've a software firewall in
place).  And if you think you don't have any valuable data on your PC,
think again.  Think of what's in the cookies and browser cache and other
browser settings (saved login info) and not just My Documents.

The risk does not justify the reward.

John A. Jones, CISSP
Americas Information Security Officer
Jones Lang LaSalle, Inc.
V: +1-630-455-2787 F: +1-312-601-1782
john.jones@xxxxxxxxxx

-----Original Message-----
From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx]
On Behalf Of Dan
Sent: Thursday, June 15, 2006 12:59 PM
To: PC Technical Discussion for iSeries Users
Subject: Re: [PCTECH] What are "computer-to-computer (ad-hoc) networks"?

Thanks guys!

On 6/15/06, Jones, John (US) <John.Jones@xxxxxxxxxx> wrote:


The "Free Internet Access" peer sounds rather suspicious to me.  I 
would avoid it as it would be possible that the peer device would be 
doing more than passing along your data - it could be logging your 
sessions and could also use the new path to your PC as an attack 
vector as there would be no firewall in place (unless you're using a 
software firewall on your PC).



My ears "tinged" on that, too.  But does using an unsecured ad-hoc
connection make me any more vulnerable than using an unsecured wireless
network?


On 6/15/06, David Gibbs <david@xxxxxxxxxxxx> wrote:Dan wrote:

What should I make of one that's called "Free Internet Access"?

Is this showing up in the available wireless network list?



Yes.

- Dan
--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list To post a message email: PcTech@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/pctech.


This email is for the use of the intended recipient(s) only.  If you have 
received this email in error, please notify the sender immediately and then 
delete it.  If you are not the intended recipient, you must not keep, use, 
disclose, copy or distribute this email without the author's prior permission.  
We have taken precautions to minimize the risk of transmitting software 
viruses, but we advise you to carry out your own virus checks on any attachment 
to this message.  We cannot accept liability for any loss or damage caused by 
software viruses.  The information contained in this communication may be 
confidential and may be subject to the attorney-client privilege. If you are 
the intended recipient and you do not wish to receive similar electronic 
messages from us in the future then please respond to the sender to this effect.