This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WiFi Security Background Check for Android

I'm curious, does anyone know if Sophos is the only company that has a WiFi background check type of thing in it's anti-malware suite? I've looked at several other apps/suites for Android and it seems that Sophos is the only company that has that feature. There also seems to be a lack of info on what is actually does specifically, I'm not a super techie and am trying to understand what it does exactly. Thanks in advance



This thread was automatically locked due to age.
Parents
  • Hi Christopher McBride,

    The Wifi Security checks your Wi-Fi connection for network-based threats.

    Sophos Mobile Security detects the following issues:

    1. ARP spoofing: ARP spoofing is where an attacker sends malicious Address Resolution Protocol (ARP) messages to your computer, making it believe the attacker’s MAC address is associated with the IP address of your network gateway. This allows them to access your private network, steal sensitive data, and launch additional attacks like denial-of-service or man-in-the-middle attacks.
    2. Captive portal: Captive portal is a way for public Wi-Fi networks to ask for authentication before granting access to the network. Because all traffic is redirected to the captive portal, Sophos Mobile Security might show additional warnings.
    3. Content manipulation: Content manipulation is where an attacker manipulates a website’s content to force you to do harmful actions. This allows them to do such things as bypass authentication or delete data.
    4. SSL interception: SSL interception is where an attacker uses a false server certificate to intercept the secured connection between your computer and a website. The attacker can decrypt sensitive data while letting you believe your connection is still secure.
    5. SSL stripping: SSL stripping is where an attacker downgrades the connection to a website from secure HTTPS to insecure HTTP. The attacker can redirect all traffic between your computer and the website via their own proxy server. This allows them to decrypt sensitive data while letting you believe you’re still connected via HTTPS.

    You also do have the option to set it automatically scan in Background whenever you connect to a wifi network or manually do it as per your requirement. 

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • Hi Christopher McBride,

    The Wifi Security checks your Wi-Fi connection for network-based threats.

    Sophos Mobile Security detects the following issues:

    1. ARP spoofing: ARP spoofing is where an attacker sends malicious Address Resolution Protocol (ARP) messages to your computer, making it believe the attacker’s MAC address is associated with the IP address of your network gateway. This allows them to access your private network, steal sensitive data, and launch additional attacks like denial-of-service or man-in-the-middle attacks.
    2. Captive portal: Captive portal is a way for public Wi-Fi networks to ask for authentication before granting access to the network. Because all traffic is redirected to the captive portal, Sophos Mobile Security might show additional warnings.
    3. Content manipulation: Content manipulation is where an attacker manipulates a website’s content to force you to do harmful actions. This allows them to do such things as bypass authentication or delete data.
    4. SSL interception: SSL interception is where an attacker uses a false server certificate to intercept the secured connection between your computer and a website. The attacker can decrypt sensitive data while letting you believe your connection is still secure.
    5. SSL stripping: SSL stripping is where an attacker downgrades the connection to a website from secure HTTPS to insecure HTTP. The attacker can redirect all traffic between your computer and the website via their own proxy server. This allows them to decrypt sensitive data while letting you believe you’re still connected via HTTPS.

    You also do have the option to set it automatically scan in Background whenever you connect to a wifi network or manually do it as per your requirement. 

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
No Data