This attack is not a new attack for who works in the internet security, but it’s diffusing day after day.
It’s name is “evil twin attack” and it’s target is our wireless lan and our private informations.
How this evil twin attack works?
Well, is very simple but at the same time very dangerous for our privacy.One of the most important security’s expert – Phil Cracknell, president of UK’s Information
Systems Security Association, claims that “evil twin” attacks are more easy and quick to perpetrate than a traditional phishing schemes.
This means that an attacker could discover a lot of information about not only one victim but a lot of victmis in very few time.Two steps are required by an attacker in order to execute this evil twin attack. They are:1) Setting your wi-fi lan open ( = no password).2) Start a packet sniffing (sniffer) software like Pcap, ettercap, ethereal, Ngrep etc…Setting wifi open allows people to connect to your lan free but… you could examine through a packet sniffer tool their traffics and at the same time you could discover a lot of private information about all the people that are connected with your wi-fi lan.With Ruby and it’s libraries for libpcap, everybody could create a software that logs specific kind of infos in a very easy way.The question is: How to protect our privacy from this attack?
Big enterprises could uses VPN (virtual private network) but the rest of us have to take care about free hotspots.