Hello All,
Jon made some excellent points. Just a few things to add. If you run
XP, enable the built-in firewall, doesn't hurt.
Also there is another option besides SSH, and it's SSL. Outlook
Express (and numerous other email apps on Windows and the Mac OS) include
the ability to encrypt your POP3/SMTP/IMAP [email] traffic over SSL simply
by clicking the option (under Accounts->Advanced) and having an ISP's email
server that also supports it. Similar to the way people use SSL for
ecommerce, you should use SSL for your email on open public hotspots. Or
make sure you use SSL when logging into your Web Mail.
-Ben
----- Original Message -----
From: "Jon Baer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 15, 2003 6:07 PM
Subject: Re: [nycwireless] Wi-Fi security for my notebook - what can i do?
> from my experiences, there are a few windows related items you should do
> before hopping onto a public network:
>
> 1. turn off file/printer sharing (available in your network adapters
> properties) ... this will cut off netbios/microsoft sharing over certains
> ports on your laptop. if you do not do it and someone scans ur IP for
> active ports (135/139/145) then getting into ur shares is as simple as
> putting ur ip into explorer \\YOUR_IP
>
> if you do keep shares open on ur laptop i beleive you can rename them
ending
> with "$" and they will not show up, better than nothing. if you can (as a
> good general security thumb, kill any services that you really don't need
> when ur on a public wifi connection)
>
> 2. kill any connection made to hotmail/real/yahoo/gnutella/etc ... the
worst
> part about being on a public network is not knowing what your laptop is
> actually doing on the network. in some cases you might have it setup to
> check mail x seconds and everything will be sent out in the clear without
> you clicking a button.
>
> 3. ask your isp for an ssh account even if you dont know what it is.
> someone can always show u how to set it up using your email. this is
> important if using pop3 or imap or connecting to ur workplace
independently
> without a vpn. (i think the boingo client comes w/ a vpn, not sure).
>
> 4. the firewall software most likely crashes because microsoft already
> includes it own, under network properties in the advanced tab, there is
the
> internet connection firewall which should always be active. the bad part
> about using it is that there is no notifications like other 3rd party aps,
> so you won't know someone is accessing your ports. probably the best part
> about the 3rd part fw solutions is that they also notify you on outbound
> connections (so you can tell it when an app should *not* transmit over the
> network)
>
> the best tip (for the ultra paranoid) is to not stay idle for a long time,
> if you need something just get it, unplug ur card or disable tcp/ip in
> network card configuration or disable the device. there are also other
> small but pretty important hacker items that u'll never see like arp
> poisoning and rouge devices/laptops ...
>
> if anyone has more opinions please post ...
>
> - jon
>
> pgp key: http://www.jonbaer.net/jonbaer.asc
> fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
>
>
> ----- Original Message -----
> From: "Laura Andriani" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, July 15, 2003 9:21 AM
> Subject: [nycwireless] Wi-Fi security for my notebook - what can i do?
>
>
> > Hi everyone,
> >
> > I'm new to wi-fi but love it already. I've been reading tons online and
> in
> > print about security issues, however.
> >
> > I'm kinda freaked out at this point. Not that I use my notebook to do a
> lot
> > of super-secure stuff, but what can I do specifically on my notebook
> (Compaq
> > running XP home) to amp-up the safety and security while I'm on a
wireless
> > network at the park, at a cafe, at the airport, etc. etc.
> >
> > Is configuring my settings enough, or should I download/purchase more
> > software like Norton or Zone Alarm Pro (though i have mixed feelings
since
> > many people complain these two often crash your system)? I'm willing to
> > spend some extra money to ensure I'm not open to hackers, but I dont
want
> to
> > invest in crap that won't help. Any advice??
>
> --
> NYCwireless - http://www.nycwireless.net/
> Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
> Archives: http://lists.nycwireless.net/pipermail/nycwireless/
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/
