Jump to content

Recommended Posts

Hello,

Could someone please explain the reason for why it is dangerous to perform Connected Home scans on networks not marked as "Home" / "Private"? I am visiting close relatives and am using the WiFi as a "Public" network to be on the safe side. The WiFi password is not being shared with anyone and is strong/secure, so as a baseline assumption only those in the house are connected. I would like to use ESET Connected Home from my laptop to perform a scan on the WiFi network to see if there are any vulnerabilities that I might have missed. I already checked the router settings, and everything to my (limited) understanding looks secure (UPnP disabled, all possible firewall options enabled etc.)

What happens if I do perform a Connected Home with the network marked as "Public"? Wil my laptop send information to a potentially unsafe device on the network (which I might not know about) and compromise my laptop's security? As a side point, I checked all connected devices via the router settings and it lists all the devices that I can identify by MAC address (TV, smart phones etc.). Is it possible for someone to be connected to WiFi and not be shown in the device list at all?

Thanks!

Link to comment
Share on other sites

  • Administrators

Because network scans perform actual attacks and attempt tonexploit knwon vulnerabilities which is obviously not a wanted behavior in foreign networks.

Link to comment
Share on other sites

Thanks, Marcos. So in the case of this local/home WiFi network where assumingly all devices connected are known (again I am making this assumption on the basis of the list of devices connected to the router which I cross-verified against the MAC addresses - is this a correct assumption to make, i.e. a device cannot be connected AND hidden from the connected devices list?), it would be safe for me to proceed and run the Connected Home process? If yes, can I leave the connection as Public or will ESET force me to switch it to Private/Known first?

Link to comment
Share on other sites

2 hours ago, rememberSiberia said:

Could someone please explain the reason for why it is dangerous to perform Connected Home scans on networks not marked as "Home" / "Private"?

I will also add that a scan of for example a coffee shop public wi-fi network could also inform anyone attached to that network they are being scanned. This would make them aware of your device on the same network. They in turn could launch an attack against your device.

Edited by itman
Link to comment
Share on other sites

Posted (edited)
3 minutes ago, itman said:

I will also add that a scan of for example a coffee shop public wi-fi network could also inform anyone attached to that network they are being scanned. This would make them aware of your device on the same network. They in turn could launch an attack against your device.

Thanks a lot for the explanation. That was my assumption as well, i.e. I would be effectively saying "Hey look at me, I'm scanning you". But again, my questions actually boils down to - having checked the list of connected devices in the router settings and having cross-checked against the devices actually running/on (they all match), is there a possibility that there are other devices (malicious) on the WiFi network which do not show up on the list of connected devices and therefore I will make them aware of my 'scanning presence' as you explained?

Edited by rememberSiberia
Link to comment
Share on other sites

4 minutes ago, rememberSiberia said:

is there a possibility that there are other devices (malicious) on the WiFi network which do not show up on the list of connected devices and therefore I will make them aware of my 'scanning presence' as you explained?

Refer to this: https://help.eset.com/eis/14/en-US/idh_page_homenetwork_protection.html .

My understanding of this feature is scanning is performed once. Thereafter, it will inform of any new device connection being established. Obviously if you use it on a commercial wi-fi public network, you will be "bombarded" with connecting device notifications.

Link to comment
Share on other sites

8 minutes ago, itman said:

Refer to this: https://help.eset.com/eis/14/en-US/idh_page_homenetwork_protection.html .

My understanding of this feature is scanning is performed once. Thereafter, it will inform of any new device connection being established. Obviously if you use it on a commercial wi-fi public network, you will be "bombarded" with connecting device notifications.

That's helpful, thanks. Is this scan 'fool proof' in the sense that no device is able to mask itself as hidden from such a scan?

Link to comment
Share on other sites

29 minutes ago, rememberSiberia said:

That's helpful, thanks. Is this scan 'fool proof' in the sense that no device is able to mask itself as hidden from such a scan?

I assume Connected Home Monitor is vulnerable to the same techniques other network monitors are:

Quote

Limitations

A thing is linked to a mac-address of a device. Nowadays some devices, like iphones, change their mac-address once in a while to make tracking difficult. This is a great privacy feature, but it may also hinder this add-ons ability to track (i)phone presence.

https://github.com/flatsiedatsie/webthings-network-presence-detection/

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...