According to a recent Infonetics study, the U.S. leads the world in the number of public wireless hot spots, the majority of which use 802.11b technology to make Internet access available to roving wireless PCs within their coverage domains. Anybody who wants to start networking wirelessly in public will benefit by taking steps to prevent public access to wireless services from turning into "open season" on their machines and whatever contents they carry.
Ideally, individuals who plan to use public wireless networks should lock down their PCs to prevent unwanted access. At a bare minimum, this means following the Microsoft dictums presented so well in Protect your PC:
- Use an Internet firewall: Your firewall should not only be installed and enabled, but as locked down as it gets, with NetBIOS, LDAP and other vulnerable protocols and associated ports shut down to public access. Scan your machine from a public hot spot using something like the Symantec or the Gibson Research scanners to make sure you're sufficiently locked down.
- Get computer updates: Subscribe to Microsoft (and other vendors') automatic update services, and make sure you install all Critical and Important patches and fixes as soon as you can after they're released.
- Use up-to-date antivirus software: make sure you've got good antivirus protection, and that it scans all incoming files, messages and active Web content. (Microsoft now offers pointers to discounted or free antivirus products from partners on its Web site).
It's also important to make sure that file-sharing and other forms of "easy access" (no password for common remote access programs like PCAnywhere, for example) are turned off on your machine.
Beyond these routine forms of protection, you'll want to consider using only more secure methods to access private networks or sensitive resources while you're in a wireless hot spot -- or follow Department of Defense guidelines to avoid such access under those circumstances. If you can't forgo such access altogether, this means installing and using a virtual private network (VPN) of some kind, preferably in tandem with more secure protocols like IP Security (IPSec).
Other key recommendations for safe wireless computing, courtesy of Wireless LAN security provider AirDefense at the recent Atlanta CTIA conference, include:
- Use encrypted e-mail to avoid transmitting messages in the clear
- Avoid insecure protocols and services (like FTP or Telnet, which also transmit entirely in the clear)
- Think defensively about what you're doing when using public networks
If you're going to take your computer out into public hot spots, these few simple precautions can save you a world of trouble that might otherwise force its way into or onto your PC.
Ed Tittel is a full-time writer, trainer and consultant. He's written widely on security topics, including security policy tips for SearchSecurity.com, certification prep books for TICSA, CISSP and Security+, and as a contributing editor for Certification magazine. E-mail Ed at etittel@yahoo.com.
