CASEScontact - solutions, tools & skills against latest security, cybercrime, hacking & malware threats

What's up?

Real life scenario

Internet & PC scenario

What is the threat or vulnerability?

People lock their apartment door, as well as windows when leaving the house.

Similarly, a person parking a Ferrari on the Reperbahn (Hamburg), will look doors and windows before walking away to the next bar.

The risk that perhaps someone may know the activation code for the radio and could, therefore, decide to steal it from the car while she is having a drink at a nearby bar is relatively small.

Whenever you use a public hotspot, it is like parking your car on a public street.... don't forget to lock doors and windows before leaving.

The information you're going to transmit at the hotspot is of no interest to anybody in the world except your Grandma, to whom you're sending those photographs.

However, reducing the risks for a possible disaster requires that you take some precautions, thereby making your notebook 'hotspotworthy' Our complete guide to Wi-Fi security below will help you protect your laptop without getting paranoid.

Problem & Solution

Admin

4 golden rules for getting the most out of our tips:

except if you are on CASEScontact.org, click on the URL or link above to make sure you have the latest version in front of you - to reduce your inbound traffic we do not always send updates unless they are REALLY necessary,
browse the tip and check for FREE tools (below) ... invest 10 minutes it's definitely worth your time,
do something good today, share the tip with one of your friends, because she will probably appreciate the help and support you have given her by doing this and finally,
unless you got this via e-mail, how about doing yourself a favor while making your life a bit less complicated by subscribing yourself to receive these tips via e-mail - you will be glad you did.

PS. Save time and hassles by using an e-mail address to which you have access to from home as well as after you may have changed employer or completed your university studies?

What does it mean to me? Am I vulnerable?

So why should you care about security when accessing a wi-fi hotspot? Because: With little effort you can protect your system against intruders that may do a lot of damage to your hardware, software, information that could result in identity theft or credit card fraud.

The Threat May come in a variety of forms, including someone just looking over your shoulder whilst you are accessing the Internet at the airport or train station.
Vulnerability Is that such mishaps can happen to all of us. Nonetheless, it is necessary to be prepared and to reduce the risk for such a possible disaster by making one's notebook 'hotspotworthy.'
Impact Is severe, since a person might get access to the email you send/receive or even to your directories on your hard-drive, unless you follow the easy to implement tips as outlined below.

If I fix the problem - will it help me?
How

Wireless access is now ubiquitous at major airports, coffee shops, hotels, and other public venues. While convenient, public access points are – obviously – public. To protect yourself and your personal information, take the precautions with public wireless access as outlined below and get the free tools NOW.

How can one describe the solution?

There are some basic things you should do before you try to connect to any hotspot, which means that before leaving home or the office, do the following:

Most newer laptops have a button you can push that disables the built-in wireless feature until you hit that button again. Hence, this switch should be turned off whenever you are not using the wireless connection and, as importantly, when you shut down your computer. This increases security for your laptop AND reduces the drain on your battery. So this switch must remain turned off unless you want to connect to a hotspot right now, and we mean right now.
Change the setting on the computer's wireless card to connect only to "infrastructure networks" -- real wireless access points that actually allow you to surf the Web. To do this, go to:
1. Click on Start, and go to
2. Control Panel > Network Connections ==> then right click on the entry labeled
3. Wireless Networks Connections and select "Properties" from the drop down menu,
4. click on the "Wireless Networks" tab, and then on the "Advanced" tab at the lower right bottom of that window, thereafter
5. a box should pop up that gives you three buttons to choose from: select the one next to "Access point (infrastructure) networks only",
'Disable File and Printer sharing' and 'Client for Microsoft Networks' on your wireless adapter if you have them enabled. Unfortunately, not all public wireless hotspots use technology that prevents such wireless client-to-client communication. Accordingly, your drive(s) and folders could become accessible to other users and their computers using the same hotspot. To safeguard against this threat do as follows:
- follow points 1-3 as outlined above, therafter
- click on the "General" tab, and then
- unmark "Client for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks."
The above might require that you turn printer sharing and client for Microsoft Networks on again when going back to the office (e.g., to connect to the network or for using networked printers).
Sign up for wireless service from home or the office. This is more secure for creating a login and supplying personal information as required by the hotspot provider. Please, refrain from using the sign-up page when you are on-the-road trying to connect to a particular hotspot - this is not secure.

Where can I get more help?

Here you can find a very good FAQ that will answer most of your questions that you might have using easy to understand non-technical language: Wireless Security FAQ - 2006-02-08

What is the solution to this problem ?

Tip 1		The most important tip is to use a virtual private network (VPN) when connecting to the Internet via a hotspot. While your firm's laptop connecting to your employer's system via a public hotspot uses a VPN, the latter does not protect you if you connect to read your web-based email or news on a website. In turn, you need a VPN to protect your information transfer from your notebook to the other party. You might ask why do I need VPN? Well, using WPA (WiFi Protected Access) encryption itself protects your data while they are "in the air." Unfortunately, it offers no protection at all if the hotspot itself is corrupted. A VPN solution makes it such that your data pass through the hotspot and remain encrypted, thereby making an 'evil twin' attack (see glossary section for definitions) less likely to succeed. You can get a freeware VPN program for Windows here that runs on the Windows XP, 2000 etc. operating systems.

Tip 2		So how can one reduce the risk for becoming a victim of an attack through a rogue hotspot, or a hacker sitting in the same hotel lobby where you two are sharing the hotel's hotspot? This free tool allows monitoring your laptop's wireless connection for potential security risks, while being connected to a hotspot. Hence, using this tool enables you to close the wireless connection if a security threat is discovered by the program.

Tip 3		But how can one check one's email securely even whilst using the public hotspot at a coffee shop. Whilst still at home, you have to decide how you prefer to read and send your e-mail whilst being connected to a public hotspot, namely: using an email program running on your computer (e.g., Outlook, Outlook Express, Apple Mail, Thunderbird, Eudora, and others), or using your web browser sending and reading email securely (don't use Internet Explorer! but Firefox or Opera instead). The above two links provide the practical steps on how you can read your email more securely, while using a public hotspot.

Take another 2 minutes - More tricks to safeguard your information better

Tidbit 1		Are you an Instant Messaging (IM) user? If the answer is yes and you intend using IM, while accessing a public hotspot, you are exposing yourself to some risks. However, you can reduce the chance for a disaster remarkably by following the two steps outlined below by: Download and install GAIM - an open source program - for your IM activities, and download and install either one of two encryption plug-ins offered for GAIM in order to protect your IM sessions against snooping GAIM as well as the two plug-ins above interface with all the popular programs (e.g., Aim, MS Instant Messenger and Yahoo! without a hidge. This also means that your friends do not have to install GAIM to be able to chat with you.
Tidbit 2		If you try to connect to a public hotspot at a Starbucks or using the Fon network (free or 2 Euro a day only) you must be aware that using VPN as well as other technology (see Tips 1 & 2 above) can cause some problems to log onto the public hotspot-supported network. Thus you should do as follows: Start our laptop while still having the wireless adaptor turned off, make sure that neither your freeware VPN (Tip 1) nor your wireless security monitoring program (Tip 2) is running, if either one is running, it could prevent you from connecting so we recommend you exit both first and then proceed to point 4, turn on your wireless adaptor and connect to the public hotspot using https and sign in, thereafter, launch your wireless security monitoring program (Tip 2) and your freeware VPN (Tip 1) immediately Now you can enjoy happy & safe surfing.
Tidbit 3		Pay Attention to Dialog Boxes: Pop-up warnings are there for a reason--to protect you. If you are lucky enough to have not clicked the "never show this again" option, make sure you read these warnings carefully before agreeing to send information. Conduct Private Business in Private: Restrict your public surfing to Web pages you don't mind a stranger reading along with you, there is little an evil twin attacker can do to harm you. Hence, online stock trading or banking should be done from home only and not a public hotspot.
Watch out		Remember, not having your firewall up and running. The Windows XP firewall will not do - get a free one as recommended by experts here with CT210001: Update 4 - Martina Hingis: Princess of the WTA & Angelina Jolie ==> they are already inside - best ways for using a firewall to protect your PC 2006-02-10 If you are using dial-up and VPN together, your overall connection speed will be almost halved.

CYTRAP resources - check it out - because it will help you better protect yourself

Related tips		CT210014: 10 commandments for more secure online banking 2005-12-30
Glossary		Please either sign in by clicking on 'Login as a guest' to get the definition, no registration required or else get a free registration to get access, its worth it. What is wi-fi?, Defining the term hotspot What is an evil twin hotspot? What is Access point phishing (AP phishing)?
Additional risk minimization		Make sure that you: use a firewall CT210001: Update 4 - Martina Hingis: Princess of the WTA & Angelina Jolie ==> they are already inside - best ways for using a firewall to protect your PC 2006-02-10 update your operating system regularly CT210009: Windows XP 101 - PART 2 - Paris Hilton Knows CyTRAP's THREE Rules for Better Securing her PC with Windows Update 2005-10-24, have your anti-virus software updated at least once a week CT210006: VIRUSES - UPDATE 1 - How to Minimize Your Risks by Using Your In-Born Smarts 2005-07-10 Also please be aware that in public hotspots, it is prudent to be off-line until you actually need to be connected to the internet. Enable your wireless adapter only when you are ready to be on-line. If the public network is acting unusual, assume it’s compromised. Get off the network and disable your wireless connection.
Del.icio.us		Was this tip helpful to you? If yes, why not bookmark it at Del.icio.us

Technorati tags		Technorati tags: AntiVirus, Apple, CASEScontact.org, computers and Internet, CyTRAP labs, CyTRAP labs RiskIT, CyTRAP labs StratMedia, hacking, information-security, Internet, intrusion detection, law, legal, Linux, malware, Microsoft, privacy, rootkit, security, software, spyware, tech, Windows, worm, hotspot, Wi-Fi

Administrative

Author		Urs E. Gattiker - CyTRAP Labs

Revisions		1.0 - 2006-03-10 - First Version
Contact details		Web: http://CASEScontact.org E-mail: support01@CASEScontact.org Tel: +41(0)76-200-7778 or + 44(0)70-9237-6036 Fax: +44(0)70-9237-6036, dial 3 send fax

--END of ADVISORY - Important Info Below--

We recommend that you VERIFY ALL ADVISORIES you receive IMMEDIATELY, by clicking on the link provided at the top of this alert.

NO WARRANTY Any material furnished by CASEScontact.org is furnished on an 'as is' basis. CASEScontact.org, writers & sponsors make no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material.

Ride the rollercoaster successfully by subscribing to our alerts, tips, tools and skills training receiving them either via: 1) e-mail 2) RSS feeds, or else, just get a 3) free skills tune-up

NO WARRANTY Any material furnished by CASEScontact.org is furnished on an 'as is' basis. CASEScontact.org, writers & sponsors make no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material.

CASES writers & sponsors do not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. Full DISCLAIMER notice at: http://www.casescontact.org/terms.php

UNSUBSCRIBE If you no longer wish to receive this TIP ADVISORY, please Unsubscribe at: http://www.casescontact.org/unsubscribe.php QUESTIONS, comments, ideas? Cheer us up at:Tips-Comments at CASEScontact.org CASEScontact.org -- Threat Alerts and Security Notices --clear and precise, no compromise - --currently hosted by Flashcable

-- END of TIP & Tricks ADVISORY-- Copyright (c) 2007 by CyTRAP labs - Urs E. Gattiker. All rights reserved.

Just the facts

Title		CASEScontact.org - Sensible precautions for securing your public hotspot experience - making your laptop 'hotspotworthy'
Description		The complete guide to Wi-Fi security including free software tools, tips and tricks
CyTRAP LABs ID		CT210020
Date		2006-03-10
Systems affected		Windows/2000/NT/XP etc. Mac OS 10.xx (Jaguar, Panther)
Select language
Version number		1.0
ISSN		1603-9866
Verify tip		http://casescontact.org/tips/210020
Risk assessment		High
Impact/Severity		High
Audio/Podcast files		CyTRAP PodCast show - Protecting your digital assets - Friday, March 10, 2006

Why not get new tips and alerts by e-mail directly to your in-box? It's much more convenient: Your email: or press here.