.

Securing MIFIs

<<

hgrantham

Newbie
Newbie

Posts: 2

Joined: Sat Feb 06, 2010 7:01 pm

Post Sun Feb 07, 2010 9:48 am

Securing MIFIs

What is the best way to secure the MIFI wireless?
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Feb 08, 2010 4:19 am

Re: Securing MIFIs

Be interested to hear from anyone on this, and what MIFI device they are using.

I have been considering getting a MIFI device of some sort in the future when I change phones.

Look forward to the info.
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Mon Feb 08, 2010 6:57 am

Re: Securing MIFIs

Make sure you are not using Verizon Wireless' MIFI device, http://www.engadget.com/2010/01/18/nova ... ac/.&nbsp; They are releasing a patch, but it is still scary.

In regards to actual security, I would be just as scared to connect to the MIFI point, as any wireless network.  I believe some of the same measures would be able to provide security.

For example, using openVPN (encryption) to connect back to a VPN server for surfing.  Disabling the SSID (trivial security through obfuscation), using a strong authentication algorithm to MIFI point, carry your very own faraday cage.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

Otter

Newbie
Newbie

Posts: 41

Joined: Tue Jul 03, 2007 1:03 pm

Post Mon Feb 08, 2010 10:44 am

Re: Securing MIFIs

I've now seen 2 hacks for the mifi. 

First is one against the pre-set  WPA-TKIP PSK's that are based on the mac address of the access point, and have limited entropy.    That one is something you can completely mitigate by doing the usual smart thing of changing your SSID to something unique (for which no one is likely to have precomputed PSK hashes lying around cn their hard drive), and setting a strong, long, random pre-shared key.  For bonus points, strengthening your config with WPA2-AES vs the default WPA-TKIP gives and extra cushion.

As for the admin interaface hack linked earlier, that one is going to require a firmware update, best I can tell once they come out.  NoScript would be well advised of course, but even it won't be complete protection. 

I need to get more familiar with the admin interface hack before saying much more though.

Return to Wireless

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software