Winter 2009
Seven tips for wi-fi security on the road
- Do not assume that public hotspots are secure. Asume that other people in cafes, hotels, libraries, airports and other public places can access any information you see or send over a public wireless network. Don't work with sensitive information, such as credit card and bank account numbers, visit password-protected websites, or connect to your corporate network while you are connected to a public network.
- Do not connect to unsecured wireless networks. If you don't need a password to connect, the Bad Guys don't either. When you ask your computer to search for Wi-Fi networks, you will see a list of those that are available along with a note that tells you whether a network is secured or unsecured.
- Scrutinize that hotspot before you connect. It's a simple thing for a hacker to mimic the name of a familiar hotspot and set a trap for you. For example, if you work for ABC Corporation and, while you are at Starbucks, your computer asks if you want to connect to a network called "ABC Corporate Network," it's a pretty safe bet that it's a scam. Don't connect to it.
- Do not allow automatic connections. Make sure that your computer settings do not allow automatic connections to hotspots. Chances are that there are several wireless networks anywhere you're trying to connect. Configure your computer to let you approve access points before you connect.
- Use a software firewall. Personal firewall software should be installed and working on your computer. If you rely on a firewall that is pre-installed on the computer when you purchase it, be sure the firewall is turned on.
Disable file and printer sharing. File and printer sharing are features that enable other computers on a network to access resources on your computer. When you are using a public hotspot, it's best to disable file and printer sharing. When enabled, they can make your computer vulnerable to hackers.
- Consider removing sensitive information from your notebook. Take sensitive information that you won't be needing off your notebook altogether before you go on the road.
More information: http://www.microsoft.com/atwork/remotely/hotspots.aspx
Copyright 2009, SANS Institute ( http://www.sans.org) Editorial Board: Bill Wyman, Alan Reichert, Walt Scrivens, Barbara Rietveld, Alan Paller. Permission is hereby granted for any person to redistribute this in whole or in part to any other persons as long as the distribution is not being made as part of any commercial service or as part of a promotion or marketing effort for any commercial service or product. We request that redistributions include attribution for the source of the material. Readers are invited to subscribe for free at https://www.sans.org/newsletters/ouch
