Monday, November 12, 2007

Wi Fi Hotspot Security

You've set up your Boingo account, you're hanging out at the Home Turf sports bar in LAX and you figure you'll do a little business or check your e-mail while sipping a Chardonnay. Well, that's the point of Wi-Fi hotspots; being able to take care of a few things while in a relaxing atmosphere.

Don't, however, get so relaxed that you ignore security and give all your confidential information to some unscrupulous hacker. Yeah, you see the guy. He's over in the corner wearing that fake nose and glasses with the ridiculous Bozo the Clown cap. Yep, drinking a Blatz. Dead give away.

Sorry, they won't be that obvious, I doubt they ever drink Blatz and very seldom wear clown caps. When you're thinking back, trying to remember who was around when your password was stolen, you probably won't remember the woman in the tastefully tailored business suit, and if, by chance, you do, she won't be the one you suspect. The best defense is to implement some simple security practices and measures that will safeguard your business and personal information.

Hot Spot Security: Simple Stuff

Be aware of those around you.

When you're considering Wi-Fi security in public places one of the first safeguards is anything but high tech. Remember a few years ago when people were getting huge phone bills because someone was watching as they keyed in pass codes? It's still happening to Wi-Fi network subscribers. Do what you can to keep prying eyes from your keyboard and screen. You pay good money for your monthly subscription and there's no reason to let anyone piggyback or steal your credit card number as you sign up for a daily use fee at Starbucks.

Speaking of passwords:

Those of us who toil and travel are prime targets for those who may be of the persuasion to purloin. In other words, it's quite possible to be targeted for laptop theft. Use a complex password to protect your files, folders and laptop from access by those villains of concourse and lobby.

Don't Share!

Yes, I know, mothers have been telling us to share for centuries but, at least while using a Wi-Fi hotspot, make sure you disable file sharing. It might be great for the home and good at the office but it's disaster in the making at your favorite coffee house.

Use a Personal Firewall.

If you're using a corporate laptop make sure you talk to your IT department before you install any firewalls but if the laptop you're using is your own let me suggest downloading a copy of ZoneAlarm. There are others of course but, for personal use, since ZoneAlarm is free and seems to test better than the rest I can't see a reason to recommend another.

Most of the reasons for using a firewall should be self-evident but, to say the least, you'll want to be made aware of any traffic coming or going and any unusual communication between applications.

Hot Spot Security: Less Simple Stuff

Beware the Evil Twin

Otherwise known as 'Rogue Hotspots' or the 'soft AP attack' this Wi-Fi version of the e-mail Phishing scam is perpetrated by hackers who jam and mimic the signal and SSID of a legitimate hotspot. They then serve up a sign-in page garnering usernames, passwords and, in some cases, credit card numbers. If they go so far as to allow a connection to the Internet they're then in the position to intercept unencrypted traffic as well as any files open to sharing (Don't Share!).

There are a few things you can do to protect yourself from 'Evil Twins':

  • Don't set your Wi-Fi card to allow automatic connection to any available network.
  • Check the list of available SSIDs to make sure you're connecting to the right one.
  • Turn off the ad-hoc mode allowing other clients to connect directly to you.
  • Turn off your Wi-Fi card entirely as soon as you're finished.
  • Use the personal or enterprise version of 'AirDefense', whichever may be appropriate.
  • Although a firewall won't keep you from connecting to an 'Evil Twin' it will help to safeguard your information should you inadvertently fall victim.

Encrypt Confidential Information

Data that's transmitted between yourself and a secure Web site can be counted on to be safe from the Starbucks Snidely Whiplash so when you're purchasing goods, or banking on-line, you can do so without fear. When you're logging onto the secure portion of the site, however, you may be doing so without the protection of security so be careful to note whether or not the sign in page is secured (https).

When sending e-mail there are a few things you can do to safeguard yourself. For example, instead of using Outlook or Thunderbird, take advantage of your ISP's Web interface which, in most cases, will be secure and should protect your data during transmission.

If you frequently encounter the need to send large files via e-mail then using a compression program will meet your need to reduce the size of the file and most compression programs will also secure the data with encryption.

Another option is to use a free encryption program like Cryptainer LE. Cryptainer LE can encrypt any or all the files stored on your hard drive, protecting them in case your laptop is stolen or compromised, as well as allow you to e-mail them with the security of encryption. Cryptainer PE is also offered for enterprise applications.

Use a Virtual Private Network

Think of a virtual private network (VPN) as a solid conduit, or tunnel, between your laptop and your company's network. By using a VPN your communications will be as secure as they would be if you were sitting at your desk.

Mac OS X?, Windows? 2000 and Windows? XP have built in VPN clients and if you're a user of Windows? 98, ME or NT you can download the free Microsoft® L2TP/IPSec VPN Client from Microsoft®. If you're a Linux user you can download the free S/WAN VPN client.

While the use of a VPN is one of the best ways to protect your confidential data when you're using a Wi-Fi hotspot it is, unfortunately, limited to communication between your laptop and your company's server. If you want to conduct personal business with similar security levels the best solution may be the award winning GoToMyPC software.

Use Anti-Virus Software

It's somewhat surprising that so many people are aware of the dangers of 'net borne viruses and, yet, so many either fail to incorporate anti-virus programs like McAfee & Norton or fail to keep them up to date. When you're using a public hotspot it's more important than ever to have anti virus software installed.

Once you've got the software up and running make sure that it's updated on a regular basis and update it anytime you hear about a new virus or a new version of an old virus. If you've got an auto-update feature built into your program make sure you take advantage of it.

Conclusion

By following these security measures you should be able to enjoy, with the confidence that your private information will remain private, your favorite Wi-Fi hotspots around the world.

Phil Haley is a technical writer and the editor of Refurbished Laptop Computer Info. For more information regarding buying, maintaining, upgrading or enjoying a laptop computer visit Refurbished Laptop Computer Info where you'll also find the complete Great Wi-Fi Guide.

No comments: