Should I avoid public hotspots without WPA?

Not true. Not even close. Most (not all) public hot spots use no encryption at all. They wouldn't be public if they did. Some coffee shops, that charge for wireless service, do use WEP64 or WEP128 encryption. When a customer pays, he gets told the secret WEP key of the day. That's not much security if everyone in the coffee shop knows the encryption key.

Your main risk in such a public hot spot is sniffing. An evil person, such as myself, can sniff your traffic and extract your email, logins, passwords, and such. If you're concerned about security, it's best to check if your ISP has a VPN server available, and do all your surfing through the encrypted VPN tunnel. 2nd best is checking your email via SSH2, SSL, or other form of web browser encryption. That means using webmail instead of a MUA such as Eudora, Thunderbird, Outlook or, Outlook Express.

damn, jeff, thats sweet. tell it like it is and be truthful(an evil person, such as myself). hell, ain't nothin' wrong with hackin'. its good for security. America needs more like you. LOL

--redpIll

You can find an VPN ISP that you can use and set-up a software VPN solution between the client VPN software on you machine and the VPN sever software at the ISP for a secure wireless connection.

Duane :)

Other than T-Mobile, I don't think there are any public hotspots that use WPA or WPA2. Most are wide open, so people can connect easily.

Boingo.com and sonic.net offer VPN, which secures your traffic from the laptop to their server. This would work even if you were connecting via someone else's hotspot. This protects against someone hacking the coffeeshop infrastructure. You might have access to a VPN connection at your work.

You should always run a personal firewall to help prevent someone from attacking your system while connected directly to the internet. Most hotspots already provide some hardware firewall between you and the internet. Your personal firewall would also protect you from certain people on the same hotspot.

With the exception of being targeted for sniffing purposes, don't be afraid of wireless public hotspots. Most of them do not provide encryption. With that in mind, if you do decide to surf the internet via a public hotspot, please make sure that you don not have "file and print sharing" enabled. If you do, make sure you have it set up to where a username and password is required to access the shares.