Full Disclosure mailing list archives
Hotel Network Security: A Study of Computer Networks in U.S. Hotels
From: Josh Ogle <jdo24 () cornell edu>
Date: Thu, 02 Oct 2008 11:02:43 -0400
Hey guys, I recently completed a research paper through Cornell concerning the security of hotel computer networks across the US. I cite this mailing list in it. If you all have any criticism or input (or an open position at your workplace? I'm a jobless new graduate!), I'd love to be in contact. You can find the paper here: http://www.hotelschool.cornell.edu/research/chr/pubs/reports/abstract-14928.html (registration required, sorry) Executive Summary: A study of 147 U.S. hotels finds a mixed picture with regard to the security of guests’ connections to the hotels’ network, whether by cable or Wi-Fi. Since many business travelers connect remotely to continue working while on the road, the potential for theft of corporate information exists. Some hotels still rely on relatively rudimentary hub technology for their networks, and these are particularly subject to hacking. Others have upgraded to more secure switches or routers. Even better is encryption for Wi-Fi connections, but that still does not prevent malicious users from intercepting guests’ transmissions. An example of a best practice is presented in the case of the W Dallas Hotel—Victory, which has set up virtual local area networks (VLANs) for all of its users. The VLAN inhibits attackers from using their computer to imitate the hotel’s main server, which is the mechanism most would use to intercept other people’s data. Given that the technology exists to increase a hotel network’s security, a hotel could potentially be considered at fault for not taking the necessary precautions to protect their guests from hackers. -Josh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Hotel Network Security: A Study of Computer Networks in U.S. Hotels Josh Ogle (Oct 02)
- Re: Hotel Network Security: A Study of Computer Networks in U.S. Hotels J. Oquendo (Oct 02)
- Re: Hotel Network Security: A Study of Computer Networks in U.S. Hotels Josh Ogle (Oct 02)
- Re: Hotel Network Security: A Study of Computer Networks in U.S. Hotels James Matthews (Oct 02)
- Re: Hotel Network Security: A Study of Computer Networks in U.S. Hotels Josh Ogle (Oct 02)
- Re: Hotel Network Security: A Study of Computer Networks in U.S. Hotels J. Oquendo (Oct 02)