How risky is an Insecure Wifi Network?

  Рет қаралды 14,143

Eric Parker

Eric Parker

Күн бұрын

Пікірлер: 102
@vladsafronov7642
@vladsafronov7642 6 ай бұрын
no wifi should feel insecure... network bullying is NOT okay
@PuceGaming445
@PuceGaming445 6 ай бұрын
negawatt
@kevinwong_2016
@kevinwong_2016 6 ай бұрын
Fr💀
@twinkl3s
@twinkl3s 6 ай бұрын
​@@PuceGaming445huhhhh
@LuigiCotocea
@LuigiCotocea 6 ай бұрын
Bro mas mixed his thoughts 💀
@Cartiisthegoat29
@Cartiisthegoat29 6 ай бұрын
I once connected to McDonald's free Wi-Fi and before I knew it, Anonymous hacked my entire family tree :(
@savagecorn1739
@savagecorn1739 6 ай бұрын
L
@hiddenguy67
@hiddenguy67 6 ай бұрын
darn it!
@varteo
@varteo 6 ай бұрын
one of the best IT youtubers rn
@budgetarms
@budgetarms 6 ай бұрын
He will be big, not extremely fast, but also not slowly
@pepeshopping
@pepeshopping 6 ай бұрын
Says more about you than him...
@Coral_pepe
@Coral_pepe 6 ай бұрын
Agreed
@KoDi82
@KoDi82 6 ай бұрын
Ever since he took out the background music for sure
@CongruentYT
@CongruentYT 6 ай бұрын
6:19 Leak
@Win_7
@Win_7 6 ай бұрын
it may be intentional by him
@Alex-ll3df
@Alex-ll3df 6 ай бұрын
​@@Win_7 Whats the point of that 💀
@EricParker
@EricParker 6 ай бұрын
Thanks for pointing out.
@phecdaDia
@phecdaDia 6 ай бұрын
@@EricParker It's still visible, before it's censored out
@KiwifruitDev
@KiwifruitDev 6 ай бұрын
I went to it just now and realized that my ip address might make its way into the video, oops
@noderunner_
@noderunner_ 6 ай бұрын
I think a misconception is that you have to be on an "insecure" network to have a security problem. Being on any network with other users is a risk. Maybe you trust that both your device and the network itself is secure, which is not always the case, but what about anyone else on the network? They're probably not a malicious actor, it's more likely they're computer illiterate, which means they've probably clicked the wrong thing and their box is already pwned by malicious actor(s) who can then use their machine to attack you.
@JessicaFEREM
@JessicaFEREM 6 ай бұрын
this is one of the 2 cases where using a commercial VPN is a good idea. something like mullvad or proton should work and be more trustworthy than the rebranding of 1000 VPNs that usually happens since they don't do that. (and make sure to turn on disable traffic if not connected to VPN before you connect to the wifi network) the other case being piracy.
@volodumurkalunyak4651
@volodumurkalunyak4651 6 ай бұрын
There is VERY SIMPLE RULE: 1. Don't go to non-encrypted sites over public WI-FI. 2. That is all. No VPN necsessary unless you have to go to non-encrypted sites.
@goresunstrider6272
@goresunstrider6272 6 ай бұрын
don't use WiFi outside of the company one at all. Easy
@biorix9704
@biorix9704 5 ай бұрын
@@goresunstrider6272 or the home one, obviously
@orondf343
@orondf343 6 ай бұрын
Wouldn't DNS over HTTPS also solve the issues that you demonstrated were solved by the VPN?
@Dynamit008
@Dynamit008 6 ай бұрын
I was not suprised at all, but good that you learned. by the way WPS Pin that you did talk about sucks when it comes to security. it almost as horrible as having UPNP on the router enabled
@awesomeguysuncle
@awesomeguysuncle 6 ай бұрын
YOUR UPLOADS ARE SO FAST AFTER YOU POST SNEEK PEEKS THANKS MAN
@jcxtra
@jcxtra 6 ай бұрын
Hmm. If a captive portal uses a self-signed certificate it's definitely not secure, since someone could easily just spoof the page, but I expect it's a little more difficult if a system uses a properly trusted certificate... but if there's someone malicious they could just SSL strip the page and MITM it anyway and unless you were looking out for "hmm why is the login page plain text" (which most users probably wouldn't). Do you happen to know what effect opportunistic encryption (OWE) has for open networks and sniffing from the air? I'm guessing given that you can just pull it from the air and connect you may be able to figure stuff out, but I'm not so familiar with OWE maybe the encryption is per device which would make it a bit difficult. I'd test but I've no wireless cards I can get to work in promiscuous mode yet. Been following your videos since the XP online one got some traction and gotta say I really enjoy your content and look forward to seeing them (but I don't comment all that much) :>
@S-axle
@S-axle 6 ай бұрын
Nice Video. How about cellular networks? Are mobile networks more secure (AT&T, Verizon, etc)? Any other phones reachable on like a mobile LAN?
@EricParker
@EricParker 6 ай бұрын
My understanding is no such sniffing is possible. In theory ina roaming situation there could be a malicious tower but I’ve never heard of it
@peulleieoyukino6369
@peulleieoyukino6369 6 ай бұрын
there were some nasty mitm attacks possible back in the GSM/3G era, where one could take control of a tower or access the unencrypted payload on the backbone nowadays, with 4 and 5G, and better monitoring from ISP, not so sure, especially given the backbone may be ISP dependant, and with it the attack vector
@jackssrt
@jackssrt 6 ай бұрын
at 6:20 you can see through the censor
@Win_7
@Win_7 6 ай бұрын
it may be intentional by him
@EricParker
@EricParker 6 ай бұрын
Editing pending, was not intentional. I can't stop people but seriously I am not trying to setup a CTF / ARG type of thing, looking ot see what automated vuln software does.
@SKlESYT
@SKlESYT 6 ай бұрын
Hey Erik! I love the channel! Could you make a video on the Roblox chrome extension BTRoblox? It has permissions to read data which could mean account cookies. Thanks! Keep making great content
@hiddenguy67
@hiddenguy67 6 ай бұрын
btroblox is pretty fine for me personally and i think it uses reading data to see prices of robux and stuf on items
@ギコ
@ギコ 6 ай бұрын
it's literally open source
@hiddenguy67
@hiddenguy67 6 ай бұрын
👍
@kavylavx
@kavylavx 6 ай бұрын
sorry but thats normal.. btroblox ive been using for more then 1year, nothing happened. also ropro does the same
@traffictraffic
@traffictraffic 6 ай бұрын
This was the video I've been looking for. I have always wondered if vpns really do work and this videos shows that they most certainly do and to what extent. Thanks!
@goldencheats23
@goldencheats23 6 ай бұрын
What if we connect this to windows xp?
@JohannesThies32
@JohannesThies32 6 ай бұрын
What about the AP isolation / SSID isolation feature in professional access points?
@EricParker
@EricParker 6 ай бұрын
Depends on the setup. AP isolation is mostly to prevent networking across guests (in a LAN sense).
@pepeshopping
@pepeshopping 6 ай бұрын
Ahhhhh. Somebody that actually knows and thinks! Any time anybody answers your challenge with: "mostly" yiu know they don't truly understand low level stuff!
@pepeshopping
@pepeshopping 6 ай бұрын
​@@EricParkerdetails, details! Cmon, TEACH US!
@juanmondragon
@juanmondragon 6 ай бұрын
​@@pepeshoppingand yet you have fallen on the same boat
@nordlawt8242
@nordlawt8242 6 ай бұрын
Is there any major security difference with Ethernet if you plug directly into the modem vs plug it into the router?
@KiwifruitDev
@KiwifruitDev 6 ай бұрын
Would you be able to test an open VNC connection? Like no password and all? I once had my PC set up this way in high school because the school PCs didn't allow me to enter a VNC password through the browser, but I removed it once I saw my mouse moving on its own one day.
@felixbemme7257
@felixbemme7257 6 ай бұрын
Isnt there a Method to logout users from a current network? Then just let them connect to an evil clone with a custom dns server which serves a phishing Page instead of the actual requested one?
@Amonimus
@Amonimus 6 ай бұрын
Interested in that private VPS thing. It sounded like any vpn is better than no vpn, but then there's a question if you trust the vpn more than the wifi provider. Also this won't help much if wifi provider blocks wireguard and other vpn protocols because as a public service they'd really be just as interested in seeing what you're doing as any sniffer.
@EricParker
@EricParker 6 ай бұрын
If your wifi provider blocks VPNs your wifi provider is malicious, full stop. There is actually a way to mask a VPN as a DNS server that they are unlikely to catch, but it would be limited to ~ 1 mbps.
@incandescentwithrage
@incandescentwithrage 6 ай бұрын
​@@EricParkerI've seen VPN traffic blocked on hotel WiFi. Having a VPN back to your home router using port 443 gets around it. A lot of enterprise firewalls use "SSL VPN" (just their own OpenVPN implementation) on 443 for this reason. You can do all this with openWRT and similar.
@goresunstrider6272
@goresunstrider6272 6 ай бұрын
Hello Sir WPA3 is no longer operating with PSK, it instead operates with SAE, so even if you got the password, you dont have the encryption key. good videos :)
@BlackRedandDEad
@BlackRedandDEad 6 ай бұрын
What video are you referring to at 5:10?
@kylewm
@kylewm 6 ай бұрын
likely an upcoming one that was mentioned in a previous video.
@MickmickWashesThings_Official
@MickmickWashesThings_Official 6 ай бұрын
Interresting, that's why they say, "insecure", when connecting using a resent OS. Also why am i the only one that made a real comment ? (right now)
@EricParker
@EricParker 6 ай бұрын
Because most of those were posted within a 1 or 2 minutes of posting. They couldn't have watched the video yet.
@PerMejdal
@PerMejdal 6 ай бұрын
It does not matter that the captive portal login is encrypted. As an attacker, I will spoof my the login page, and wait for someone to login. If that login is used else ware, like email, the fun really begins.
@5GIlYsq2fmZYv8pIAnR2b6jiu
@5GIlYsq2fmZYv8pIAnR2b6jiu 6 ай бұрын
ok Per Mejdal
@MickmickWashesThings_Official
@MickmickWashesThings_Official 6 ай бұрын
This is interresting ! I was wondering this for a long time, the hospital i went to one day, and used a captive portal
@Zer0-Day
@Zer0-Day 6 ай бұрын
Can you do a man in the middle attack next and see if it's possible to see the packets
@EricParker
@EricParker 6 ай бұрын
If you have watched any of the network analysis malware videos I have done, or the "What does windows collect" those all use MITM, but it requires the system installing an SSL cert. There are definitely problems like this possible with a malicious hotspot. What I show here doesn't require the hotspot be malicious.
@vladislavkaras491
@vladislavkaras491 6 ай бұрын
Great video! Thanks!
@the-answer-is-42
@the-answer-is-42 6 ай бұрын
The VPN thing reminds me of an attack I heard of recently that could bypass VPNs using (if I remember correctly) a DHCP server and admin access to the router, but I forgot the details. Think it was called "TunnelVision". So even with a VPN you might not be safe. I honestly refuse to use public wifi because I don't trust them, but I'm probably too paranoid 😂
@hiddenguy67
@hiddenguy67 6 ай бұрын
personally I just use mobile data, never will trust them
@Darkregen9545
@Darkregen9545 6 ай бұрын
Glad to know VPNs hide the information i request and send on public wifis thanks.
@Deniil2000
@Deniil2000 6 ай бұрын
time to do wireguard over WLAN
@Floofie_boi
@Floofie_boi 6 ай бұрын
You can't get any of my data I use a VPN
@superstar64
@superstar64 6 ай бұрын
Not sponsored by NordVPN, but if you WERE...
@danielk7165
@danielk7165 6 ай бұрын
Another great video, Brother
@MNMLSTN
@MNMLSTN 6 ай бұрын
finally a wifi network I can relate to
@mariocamspam72
@mariocamspam72 6 ай бұрын
This thumbnail is like something from a roblox porn scam, please go back to the old ones haha
@realvercy
@realvercy 6 ай бұрын
Hello, do you remember hearting my comment in the video about the OS when i said i was the 10th comment?, I was actually the 10th comment in that video!
@Tsiikki
@Tsiikki 6 ай бұрын
Fun is over now ;) Well, enjoy the cat.
@mamba3968
@mamba3968 6 ай бұрын
Currently in a no Password (and no WPA) wifi. I just love my VPN
@davel4030
@davel4030 6 ай бұрын
How risky is hooking up with somebody at the hospital? 😂
@SametKaratas-db1xu
@SametKaratas-db1xu 6 ай бұрын
Ethernet is better than Wi-Fi
@hiddenguy67
@hiddenguy67 6 ай бұрын
Yes, it is
@SteveSteeleSoundSymphony
@SteveSteeleSoundSymphony 6 ай бұрын
Always
@xtrxplex117
@xtrxplex117 6 ай бұрын
Brother i love your vids, but i just realised, you sound like tristan tate 😂😂
@IAmMarvel1
@IAmMarvel1 4 ай бұрын
Sniff sniff
@mtt69420
@mtt69420 6 ай бұрын
:(
@surcohh
@surcohh 6 ай бұрын
secon d
@JagArFlicka
@JagArFlicka 6 ай бұрын
@Daniel636-j7l
@Daniel636-j7l 6 ай бұрын
First
@lucymorrison
@lucymorrison 6 ай бұрын
happy pride month everyone
@GeorgeSukFuk
@GeorgeSukFuk 6 ай бұрын
Lmao omg
@sauliusvitkauskas8741
@sauliusvitkauskas8741 6 ай бұрын
pride is a sin
@Magiczny-Krzysztof
@Magiczny-Krzysztof 6 ай бұрын
​@@sauliusvitkauskas8741shut up
@ColaTai
@ColaTai 6 ай бұрын
Bro why the gays get a whole month
@Magiczny-Krzysztof
@Magiczny-Krzysztof 6 ай бұрын
@@sauliusvitkauskas8741 shut up
@cesarstwounderwersu8423
@cesarstwounderwersu8423 6 ай бұрын
fifth
@pepeshopping
@pepeshopping 6 ай бұрын
Wrong. A wifi, with a known shared password CAN BE FULLY SAFE by simply implementing SEGMENTATION for ALL the clients! What does that mean? Gp find out if you just believe these exaggerated youtubers. But what exactly do you expect from THESE people that use a VPN, for "protection"!
The Malware that Hacked Disney
19:03
Eric Parker
Рет қаралды 54 М.
They tried to hack me with UNDETECTED Malware
20:19
Eric Parker
Рет қаралды 58 М.
Правильный подход к детям
00:18
Beatrise
Рет қаралды 11 МЛН
Support each other🤝
00:31
ISSEI / いっせい
Рет қаралды 81 МЛН
The Best Band 😅 #toshleh #viralshort
00:11
Toshleh
Рет қаралды 22 МЛН
What happens if you connect Windows 2000 to the Internet in 2024?
14:02
What happens if you Expose 14 yr old Linux to the Internet?
9:56
Privilege Escalation Maintain Access Clear Tracks
26:11
Shimaz Tech
Рет қаралды 277
Diy a simple spot welding at home with capacitors just with 2$
13:47
How bad is Windows spying?
13:13
Eric Parker
Рет қаралды 215 М.
Getting Started with the RSC Step Attenuator
11:58
Rohde Schwarz
Рет қаралды 278
Can you get Hacked by just clicking a Link?
10:46
Eric Parker
Рет қаралды 152 М.
What Enterprise-Grade malware looks like
20:09
Eric Parker
Рет қаралды 70 М.