How easy/hard hard is it for someone to hack into a laptop on a public network?

T

TommyT

Weaksauce
Joined
Jan 24, 2002
Messages
92
How easy/hard hard is it for someone to hack into a laptop on a public network? I'm running Win7 and my Windows Firewall is on but I'm not running Zone Alarm. I have all my public access points set as such. I'm also running MSE but don't know if that has intrusion detection.

Today I was sitting in my favorite Starbucks where I go to do work once or twice a week and brows the net when after a few minutes the bandwidth got real slow. Normally, I don't have any bandwidth issues at that Starbucks nor with the sites visited. There where also about the same amount of customers with laptops in the store as usual.

Sitting across from me and about 20 feet away where two "nerdy looking ;)" (for lack of a better term) teen boys. They where facing away from me but I could see most of their laptop screen. There where constantly looking over their shoulder like they where paranoid and up to no good. I could see them switching between a youtube screen, a windows explorer type screen and a simple black screen like a (command prompt screen) that just had lines of something written on them. I could see them occasionally typing on the black screen and into another small black window. It seemed like when they thought no one was watching they would stay on either the black screens or the explorer screen but as soon as someone approached them they would switch back to the youtube screen.

Am I being paranoid? If they did get into my system and where downloading something to slow down the bandwidth, what would they want from me? The games I have they probably already have anyway, music, movies? Seems to me there are easier ways to get those files.

Should I get Zone Alarm or similar. I found ZA to be more of a PIA years ago and stopped using it.
 
I wouldn't worry about it too much. As long as you're up to date on patches and the Firewall is on and your network is set to Public, I wouldn't worry.
 
If i remember well, using ubuntu without any special setting ( all default ) could allow you to see files from an ms machine that is running without user authentication( both machines on the same lan ). I don't know if that's the case when both clients are fed by the same AP ( my netwoking is a little rusty )
 
Last edited:
I'm with /usr/home on this one. Unless you had opened your system up there is little that they could do unless they've uncovered one heck of a zero-day exploit. I would bet they were looking for open systems to mess with and it sounds like you were less a target that most.
 
I would worry more about what you were doing on unencrypted wireless....

People could easily MITM and attack your browser, sniff data, run sslstrip.

Using open wireless with out some sort of VPN is sketchy
 
New at this and possibly mistaken but article I recall sugguested that anyone with access to "wifi" computer could access any computer using that system.
If the "boys" hacked access to the Starbucks Computer they could acess anyone using that connection to web. Was article on Yahoo, I believe.
Also possible they were using your computer as there web acess.
My only experience is with acess to home networks without passwords.
 
Many of those "hacking" articles on Yahoo and the like are breathless sensationalism. Yes, if you using an unsecured public access point and visiting unencrypted sites then anyone and their mom can see what you are doing. Does that mean they own your box? No.
 
It's good that you're not using ZoneAlarm.....I've seen that junky software ruin more systems than I care to remember. Windows firewall is fine. Your security depends on your settings. Is your firewall enabled? Is it set for a public spot? Windows 7 default settings for Admin account is fine, but in prior versions of Windows as long as you don't leave your Admin account with a blank password. Maintain your Microsoft updates. Sit back and enjoy. Some kids goofing off with their computer at the local java house...no surprise, probably torrenting away, they'll do what they can to use and abuse any bandwidth.
 
but op stated that he had seen them on a black screen.which like he stated was a command prompt. maybe they were doing something like trying to shut down your machine remotely.
 
Given the fact that the network was running slow, I'm guessing they were trying to do a DNS attack on something. I think we're giving them too much credit.
 
Most likely they were using the public wifi to download or attack something remotely. Hell, I bet the command prompt was just IRC. It doesn't sound like an internal attack.

They were just using public wifi to do something they couldn't do at home.
 
This is not any different then being connected directly to the internet. Though with the firewall on and no major open ports I would not worry too much. Obviously, don't do unencrypted credit card transactions and stuff of the sort.
 
When a couple of nerds
Who were up to no good
Startin making trouble in my neighborhood ... starbucks

the moral of the story when using public wifi is always; user beware.

Hell, I bet the command prompt was just IRC
Click to expand...
do kids these days even know what IRC is?
 
Thanks guys for your replies. I feel relieved knowing that my laptop is secure from script kiddies :D

Merry Christmas...
 
Watch out for hackers on steroids...they are still a problem!
 
I can't say about hacking, but I can tell you that for whatever reason, my traveling users have a much, much higher chance of contracting Malware if they connect to a Hotel's wireless system.

I guess the IT Department (aka Housekeeping) doesn't know how to secure their networks properly.
 
TechLarry said:
I guess the IT Department (aka Housekeeping) doesn't know how to secure their networks properly.
Click to expand...

Understatement of the century. My firm recently got called in by a local hilton because their lobby printer was printing slowly. Because the printer was owned by the hotel and on the "customer" network the corporate IT wouldn't help, so we had to come in and do the work. What a friggen mess that place was. They have a corporaite network, a office network (basically because the hotel isn't owned by hilton it is a standalone franchise they have their own back office network) and a customer network (for the great unwashed masses). The corp network was locked down pretty well, and the office network was also pretty decent, however the customer network was just a huge free for all. No monitoring, no port security, nothing stopping me from getting on there one night and just wreaking havoc on anyone I could find.

Needless to say it has reminded me why the extra $10 a month I pay to tether is well worth it to keep off public networks.
 
You must log in or register to reply here.
Back
Top