Saturday, September 12, 2009

Stay safe on a public wireless network


A few precautions to take when using wireless hotspots, to ensure that your computer’s security doesn’t land in a spot. Like everything technological, wireless hotspots are a boon and a bane. While they ensure quick and easy Internet access, they also pose big risks for your laptop.

First, communication over most public wireless networks is unencrypted, so that anyone on the same network can use some tools to read the data you transfer. Unless you’re communicating with your office via VPN (Virtual Private Network), which ensures a secure, encrypted channel even over the public network.

Second, rogue attacks are very easily executed on the public wireless network. One of these is the ‘evil twin’ attack. In this case, the attacker uses a laptop or other mobile device to place a wireless access point (WAP) close to your computer, one that gives a more powerful signal than the access point you intend to connect to. The name of such a ‘rogue’ network would probably be a known name, such as Linksys, so that you wouldn’t be suspicious about connecting. Once you do connect, all your data will flow through the attacker’s laptop to the Internet.

The third big risk is ‘over the shoulder’. Say you’re checking email or shopping online at a crowded café or hotel lounge. There are chances of someone peeking at your usernames, passwords, and credit-card details as you enter them.

Here are a few ways in which you can guard against these risks.

• Take care while browsing
Public hotspots are definitely much less secure than your office networks. So try to avoid using them for transactions that require high levels of security, such as online banking or shopping. Reserve these for when you’re in a more secure environment.

• Use secure means
As far as possible, use VPNs for secure communication. Access email via Secure Socket Layer (SSL) sessions—many email providers support these. You could also avoid going to websites that require you to send sensitive information in clear-text, unencrypted format.

• Avoid evil twin attacks
To guard yourself against an evil twin attack while you’re trying to connect to a public network, carefully observe the icons on the screen that shows available network connections. If any icon shows two computers connected together, it’s a peer-to-peer network, something that’s used in evil twin attacks. Do not connect to such a network—the legitimate network would have the icon of a light beacon, and if it supports encryption, you will also see a padlock icon next to it. Prefer to connect to such an access point.

You can also tweak your Windows settings to avoid evil twin attacks. From the Wireless Networks panel, you can disable automatic connections; you can also configure your machine to “Connect to access point (infrastructure) networks only”. You could also give your home network a distinct name that cannot be confused with the names of other networks, so that there is less possibility of connecting to an ‘evil twin’ from home.

• Turn off all sharing
Your laptop may be configured for file and printer sharing. You should turn that off when you’re using a public hotspot. If you use share programs such as iTunes or have other shared directories on your laptop, you should turn those off too, unless you want to share your music and other preferences with a lot of strangers.

• Remember the basics
As always, the last line of defense is on your machine—a personal firewall and anti-virus and anti-spyware software are crucial. You should also have applied all the latest security patches to update

No comments:

Post a Comment