Wi-Fi hot spots in airports, restaurants, cafes and even downtown locations have turned Internet access into an always-on, ubiquitous experience. Unfortunately, that also means always-on, ubiquitous security risks.
Connecting to a hot spot can be an open invitation to danger. Hot spots are public, open networks that practically invite hacking and snooping. They use unencrypted, insecure connections, but most people treat them as if they are secure private networks.
This could allow anyone nearby to capture your packets and snoop on everything you do when online, including stealing passwords and private information. In addition, it could also allow an intruder to break into your PC without your knowledge.
But there’s plenty you can do to keep yourself safe — and I’ll show you how to do that in this article. If you follow these tips, you’ll be able to make secure connections at any hot spot.
Disable ad hoc mode
Little-known fact:
You don’t need a hot spot or wireless router in order to create or connect to a wireless network. You can also create one using ad hoc mode, in which you directly connect wirelessly to another nearby PC.
If your PC is set to run in ad hoc mode, someone nearby could establish an ad hoc connection to your PC without you knowing about it.
They could then possibly wreak havoc on your system and steal files and personal information.
The fix is simple: Turn off ad hoc mode. Normally it’s not enabled, but it’s possible that it’s turned on without your knowledge. To turn it off in Windows XP:
1. Right-click the wireless icon in the System Tray.
2. Choose Status.
3. Click Properties
4. Select the Wireless Networks tab.
5. Select your current network connection.
6. Click Properties, then click the Association tab.
7. Uncheck the box next to “This is a computer-to-computer (ad hoc) network.”
8. Click OK, and keep clicking OK until the dialog boxes disappear.
In Windows Vista, there’s no need to do this, because you have to take manual steps in order to connect to an ad hoc network; there’s no setting to leave it turned on by default.
Turn off file sharing
Depending on the network you use at work or at home, you may use file sharing to make it easier to share files, folders and resources. That’s great for when you’re on a secure network. But when you’re at a hot spot, it’s like hanging out a sign saying, “Come on in; take whatever you want.”
So make sure that you turn off file sharing before you connect to a hot spot. To turn it off in Windows XP, run Windows Explorer, right-click on the drives or folders you share, choose the Sharing and Security tab, and uncheck the box next to “Share this folder on the network.”
If you’re a Windows Vista user, it’s even easier to turn off file sharing. When you connect to a hot spot, designate it as Public. When you do that, Windows Vista automatically turns off file sharing. You can also turn off file sharing manually. Choose Control Panel–>Set up file sharing, click “File sharing,” select “Turn off file sharing,” and click Apply. Then click “Password protected sharing,” select “Turn off password protected file sharing,” and click Apply.
Turn off network discovery
If you’re a Vista user, a feature called Network Discovery makes your PC visible on a network so that other users can see it and try to connect to it. On a private network, this is useful; at a public hot spot, it’s a security risk. When you connect to a hot spot and designate the network as Public, Network Discovery is turned off, so again, make sure to designate any hot spot as Public.
However, you can also make sure that Network Discovery is turned off for your hot spot connection. When you’re connected, choose ControlPanel–>View network status and tasks. Then in the Sharing and Discover section, click the Network Discovery button, choose “Turn off network discovery,” and click Apply.
Encrypt your e-mail
When you send an e-mail at a hot spot, it goes out “in the clear” — in other words, unencrypted — so that anyone can read it. A lot of e-mail software allows you to encrypt outgoing messages and attachments. Check how to use yours, and then use it at a hot spot. In Outlook 2003, select Options from the Tools menu, click the Security tab, and then check the box next to “Encrypt contents and attachments for outgoing messages.” Then click OK.
Carry an encrypted USB flash drive
USB flash drives are cheap, and getting cheaper by the day. For about $50, you can buy a 2GB flash drive, which is more than enough space to carry Windows, the applications you use and the data you need. Make sure to get a drive that can use encryption. Then install Windows, your applications and your data on it. On your laptop, keep no private data on your hard drive. When you connect at a hot spot, boot from your USB drive. That way, even if someone somehow gets into your PC, they won’t be able to read or alter any of your data, because the data is encrypted on the USB drive.
Protect yourself with a virtual private network
Most hot spots are not secure and don’t use encryption. That means anyone with a software sniffer can see all of the packets you send and receive.
But you don’t need to rely on the hot spot for encryption. For a fee, you can use a virtual private wireless network that encrypts your connection. There are several available, but the one I’ve been using for years is hotspotVPN, and it hasn’t failed me yet.
No special VPN software is needed; you can use XP’s or Vista’s built-in VPN capabilities. The service costs $8.88 (Can$10.35) per month, or is available in one-, three- and seven-day increments for $3.88 (Can$4.52), $5.88 (Can$6.85) and $6.88 (Can$8.23). You can also get more secure VPN encryption from the service for between $10.88 (Can$12.68) and $13.88 (Can$16.18) per month.
Once you subscribe, you’ll get a username, password and IP address of a wireless VPN server. At that point, you run a Windows network connection wizard, fill in the username, password and IP address information, and you’ll be ready to go. In Windows XP, choose Control Panel–>Network and Internet Connections–>Create a connection to the network at your workplace. From the screen that appears, choose the virtual private network connection, and follow the wizard.
In Windows Vista, choose ControlPanel–>View network status and tasks. Then click “Set up a connection or network,” and then choose “Connect to a workplace” and then “Use my Internet connection (VPN).” Follow the wizard after that.
Disable your wireless adapter
There may be times when you’re at a hot spot when you actually don’t want to connect to the Internet. In that case, you can guarantee absolute safety — disable your wireless adapter so you can’t connect. If you have a wireless PC card, you can simply remove it, of course. If you have a wireless adapter built in to your PC, you can disable it. In XP, right-click the wireless icon, and choose Disable. If you’re using the adapter’s software to manage your connection, check the documentation to find out how to disable it.
If you’re using Windows Vista, choose ControlPanel–>Network and Sharing Center. Then in the Connection area, click “View status,” and fr
