Security for mynotebook on public wireless

I haved searched and read and pretty much understand about security for my home wireless network. Lots of info available about that.

However I can not seem to find information or recommendations about making sure my notebook and data is safe when I connect to a pubic wireless network like at our public library or at some cafes.

I want to make sure my computer is protected when connected to these public networks.

Can anyone direct me to, or post some links to information on this?

Thanks!

Reply to
shepard
Loading thread data ...

Reply to
miso

Thanks. At home I use a wireless router. I have read that Zone Alarm be a problem with that setup. I have also read that Zone Alarm has become as impossible to uninstall as Norton AntiVirus. It digs it's tentacles so deep that uninstalling it is almost impossible. I don't know if this is correct information, but I have had so much trouble with NAV, I would not want to install another product with similar tendencies.

My main concern is that while on a public wireless network, I don't have the incoming protection I have at home with my router. I suppose I could just turn on Windows firewall whenever I use the notebook away from home and turn it off when connecting through my router.

I do have file sharing turned off.

snipped-for-privacy@sushi.com wrote:

Reply to
shepard

Thanks. At home I use a wireless router. I have read that Zone Alarm can be a problem with that setup. I have also read that Zone Alarm has become as impossible to uninstall as Norton AntiVirus. It digs it's tentacles so deep that uninstalling it is almost impossible. I don't know if this is correct information, but I have had so much trouble with NAV, I would not want to install another product with similar tendencies.

My main concern is that while on a public wireless network, I don't have the incoming protection I have at home with my router. I suppose I could just turn on Windows firewall whenever I use the notebook away from home and turn it off when connecting through my router.

I do have file sharing turned off.

Reply to
shepard

The buck stops with the O/S and it doesn't stop anywhere else. If I were going into a public situation with a wireless machine to access that wireless network, I would configure the O/S or harden the O/S to attack as much as possible. But that's just me.

formatting link
If I needed to secure my wireless data being transmitted in a public situation, I would use a VPN service solution, like the on in the link or others.

formatting link
Duane :)

Reply to
Duane Arnold

"shepard" hath wroth:

Norton Internet Security and Norton Anti-Virus 2004-2006 were a serious problem with uninstallation. In the past, I've had to manually hack my may through the registry, removing all traces of NIS and NAV. I think there were something like 3000 entries. Symantec finally got the clue and has supplied uninstall tools for the past year or so.

formatting link
's not exactly trivial to uninstall properly, but the proceedure does work if followed exactly. There are also other uninstallers for other similar products.

McAfee Anti-Virus products have similar problems. I don't recall the exact version numbers, but I recently did battle with one OEM pre-installed version on a Dell something, that had 4 different modules, that had to be uninstalled in exactly the right (unspecified) order, or it would leave a mess. I eventually had to reinstall from cdrom, and try the uninstall in a different order, before I found the secret method.

When I finally got it uninstalled, I found that it still had some junk running on startup. I had to use Startup Inspector for Windoze:

formatting link
disable and remove those. Yech.

Recently, I noticed that McAfee Anti-Virus now has a single entry under add-remove software on a new Dell something. It uninstalled quite easily. Progress methinks.

The free version of ZoneAlarm was a problem with uninstallation as it would also leave some programs in startup. I again had to use Startup Inspector for Windoze to remove those. After that, no problems with removal.

With the full collection of add-ons and plug-ins, ZoneAlarm begins to resemble NIS, System Works, and McAfee Internet Suite. Same with Trend Micro's PC-cillin Internet Security. Plenty of things to go wrong. I don't have much experience with these, but they don't seem any worse than the others.

My biggest current headaches with various anti-virus and firewall products are the corporate editions. They usually require a password to remove them, which is all to often lost. Removing the product without the password invariably involves registry hacking which is no fun.

Most of my customers have the Windoze firewall turned on all the time. It's fairly smart about dealing with incoming junk. All you have to do is turn on or off the File and Print Sharing exception.

Leave it off along with everything else that's not needed.

Reply to
Jeff Liebermann

Thanks for the information. I guess the reason I have the Windows firewall turned off is that up to now, I have only used the notebook at home with a router. Nothing seems to get in through that. I tend to turn off anything that I don't think I need. I guess computers are faster today, but in the past, I have found that the more stuff running, the slower the computer. If there is no downside to having the XP firewall on, I'll turn it on?

One question about the "labmice.techtarget" link. It has some good info, but has not been updated in over 2 years. Does anyone have any other more recent links on this subject? I do like to read and learn from sires like that.

Thanks!

Reply to
shepard

"shepard" hath wroth:

It's 3 years and 4 months old. So far, it's the best checklist I've seen (although I don't agree with all it's suggestions).

There's always the official line for Microsoft:

formatting link
formatting link
's have been aged for less than a year.

If you're a government type, there's always the NIST's checklist and suggestions:

formatting link
gets kinda complicated but makes interesting reading.

Then, there's the security documents from SANS:

formatting link
formatting link
formatting link
of checklists and articles to dig through. This one on Wireless Security is a good start, although it's very Microsoft ISA centric:
formatting link
1 year old.

If you have XP or W2K you might wanna look at:

formatting link
free version, plus the CIS security check update from:
formatting link
formatting link
give you an overly detailed list of things to secure. Here's a sample from my W2K box:
formatting link
pass/fail icons are missing (too lazy to edit the HTML) but if you look at the scores, I missed on about half of the security tests.

Of course, none of these checklists are worth much unless you TEST for security problems. You may think you've done all the right things, but the latest greated update, fix, utility, or spyware you've installed, can easily undo your efforts.

Disclaimer: I'm not a security expert.

Reply to
Jeff Liebermann

formatting link
The above link was the best of them all. It's gone now and it's a shame.

Duane :)

Reply to
Duane Arnold

Not everyone is running XP, which I think is the only OS with the MS Zone Alarm rip off. [X64 has the MS ZA rip off too.]

Jeff Liebermann wrote:

Reply to
miso

snipped-for-privacy@sushi.com hath wroth:

Huh? Most people also don't bother mentioning what operating system they are running. I usually just assume XP Home as the most common guess. My comments were in reference to uninstallation problems with various security products.

Microsoft does not supply Zone Alarm. It comes from ZoneLabs (Check Point Software):

formatting link
free version of ZoneAlarm is quite superior to the firewall included with Windoze XP.

By "rip off", do you mean that the user is being ripped off, or that Microsoft "ripped off" ZoneAlarm for implimenting the MS personal firewall? I don't think either is the case but would welcome a suitable conspiracy theory. The MS firewall only deals with incoming threats and does nothing for spyware and worms that generate outgoing traffic. The free version of ZoneAlarm isn't perfect or complete and is quite different from the MS firewall.

Again, this has nothing to do with uninstallation problems.

Reply to
Jeff Liebermann
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

The Windows XP firewall is actually pretty good for inbound protection. It's main weakness is outbound protection.

Leave it on all the time.

Reply to
John Navas

I had ZoneAlarm installed. The only problem that I could see with a home router is that Zone Alarm allows you to bless a particular network. If your home router is at the default 192.168.whatever, and you bless that subnet, you would be blessing any other same-numbered subnet that you happened to connect to.

I didn't notice that... maybe it's still lurking ;-)

I would leave the firewall on all the time. There's no harm in it, and if someone does manage to get onto your home wireless network, they are on your side of any hardware firewall that your router provides.

I use the Windows firewall from WinXP-SP2, and no longer use ZoneAlarm.

Reply to
dold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.