|
As more and more people acquire wireless notebooks and logon to the
Internet at their favorite public Wi-Fi hotspot, hackers lie in wait,
anxious to exploit the vast security vulnerabilities inherent in Wi-Fi.
The following article discusses four tips that you can use to fortify your
defenses while continuing to enjoy the benefits of public Wi-Fi.
(PRWEB) September 5, 2005 -- As more and more people acquire wireless
notebooks and logon to the Internet at their favorite public Wi-Fi
hotspot, hackers lie in wait, anxious to exploit the vast security
vulnerabilities inherent in Wi-Fi. The following article discusses four
tips that you can use to fortify your defenses while continuing to enjoy
the benefits of public Wi-Fi.
Four Tips to Enhance Your Security at
Public Wi-Fi Hotspots:
Tip #1
Beware the “Evil Twin”. An
“Evil Twin” is a hacker operated hotspot designed to trick users into
believing it is a legitimate public hotspot by mimicking the legitimate
public hotspot's network name and login page (if applicable). Once the
user has connected to the “rogue” hotspot, the hacker may even go as far
as mimicking login pages for popular email and banking sites thereby
stealing the user's most valued login credentials.
A standard
protection against this type of attack is to only use public hotspots that
provide an SSL-encrypted login connection which has been certified as
legitimate by a trusted third party such as Thawte or Verisign. If the
login page's URL begins with “https” versus “http” and you see a “lock”
icon in the lower right hand corner of your web browser, it is
SSL-encrypted. You can view the SSL certificate from your web browser by
clicking File > Properties > Certificates
Tip #2
Act
as if someone is looking over your shoulder. Existing wireless security
standards that use secret network keys (WEP, WPA) are useless at public
hotspots as one user's network key can be used by a hacker to decrypt the
entire network's traffic. As such, virtually all public hotspots disable
WEP and WPA to provide a hassle free login for users. What this means is
that your data is not encrypted as it travels through the air and can be
read by a hacker using standard command line utilities found in certain
operating systems. Unless your company provides you with a VPN (Virtual
Private Network), your best bet is to act as if there is always someone
looking over your shoulder because someone might be. If you intend to
perform financial transactions, ensure that you are doing so over an
SSL-encrypted connection.
Tip #3
Configure your wireless
network settings as follows in order to prevent a hacker on the local
network from obtaining direct access to your computer:
Turn your
firewall on: Start > Settings > Network Connections > Wireless
Network Connection > Change Advanced Settings > Advanced Tab >
Windows Firewall Settings > Select “On” > OK
Turn ad-hoc mode
off: Start > Settings > Network Connections > Wireless Network
Connection > Change Advanced Settings > Wireless Networks Tab >
Select Network > Properties > Uncheck “This is a
computer-to-computer (ad-hoc) network” > OK
Disable file
sharing: Start > Settings > Network Connections > Wireless
Network Connection > Change Advanced Settings > Uncheck “File and
Printer Sharing” > OK
Tip #4
Keep both your operating
system and anti-virus software current with the latest updates. Operating
system security vulnerabilities are being exposed almost as frequently as
new viruses are being unleashed on the Internet. Fortunately, the major
brands in both product categories offer an automatic update feature which
makes receiving the required updates almost effortless.
By
employing these four security tips, your data will stay out of the wrong
hands while you continue to enjoy the benefits of public Wi-Fi.
About The Author:
Wade McMunn is President of 82nd Street
Wireless which provides managed Wi-Fi at hospitality industry locations
throughout the United States and Canada.
Contact:
Wade McMunn,
President
82nd Street Wireless
(204) 475-4525
http://www.82ndstreetwireless.com
# # #
Source : http://www.prweb.com/releases/2005/9/prweb280361.htm
|