How to Prevent Wi-Fi Hotspot Attacks: Page 2

Posted December 18, 2008

Eric Geier

Eric Geier

(Page 2 of 2)

Stopping Internet and Wi-Fi invasions

Now to prevent unauthorized access to your computer or device, make sure you follow each of these practices:

Disable sharing: Some hotspots don’t block communication between connected users. Therefore, you should always disable file sharing while surfing at public locations. In Windows XP, double-click the wireless icon in the system tray, click the Properties button, uncheck the File and Printer Sharing option (see Figure 1), and click OK. In Windows Vista, you should use the new network classification scheme. After connecting to the hotspot, select Public for the network type or location (see Figure 2); this automatically disables sharing.

Keep Windows firewall enabled and safe: This blocks the ports people could use to intrude on your computer. You might also think about checking the Don’t allow exceptions option while connected to open networks, or at least review the programs and ports on the exceptions list.

Keep your computer or device up-to-date: This ensures your computer is plugging the latest security holes that have been found in the operating system or your software.

Watching out for the evil-twins

Now here are a few things you can do to ensure you are connecting to a real hotspot:

Check in with the business hosting the hotspot: If you find a hotspot, try to identify who is hosting it and ask about the service. You might find discrepancies that are alarming, such as they don’t really offer Wi-Fi. Plus, if the hotspot seems to be a part of a network or multi-location provider, check to see if their hotspot directory lists the given location.

Sign up for hotspot service at home: Just to be on the safe side, don’t sign up for hotspot service directly from hotspots. That way an evil-twin hotspot can’t get your credit card information.

Make sure SSL is used for hotspot: payments/billing: If you must sign up for hotspot service while on the go, make sure any payment and billing forms you fill out are protected with an SSL connection. Plus watch out for SSL certificates with errors, which Internet Explorer should notify you of. Fake hotspots may not use proper certificates or SSL at all.

Don’t connect to ad hoc connections: Any ad hoc connections (computers allowing people to connect to them) should be considered as evil-twin setups or a misconfiguration of wireless settings in XP. In other words, wireless Internet is rarely provided via these computer-to-computer connections.

You’re protected now!

If you follow the tips and techniques we discussed, your computer, data, and identity should be just fine. Remember the three risks. To protect your Wi-Fi packets, use at least one encryption method. For hacking prevention, think sharing and firewall. Finally, be careful to make sure you don’t get duped by a Wi-Fi criminal.

We’ll leave you with a few last quick tips:

• Keep your eye on your tech toys when in public—all this tech talk and someone can just swipe your stuff.

• Disable the automatically connect option in the properties of your networks.

• Remove any ad hoc networks from the Windows list.

• Disable your wireless adapter altogether when not actively surfing.

Eric Geier is the Founder and President of Sky-Nets, Ltd., a Wi-Fi Hotspot Network. He is also the author of many networking and computing books, including Home Networking All-in-One Desk Reference For Dummies (Wiley 2008) and Wi-Fi Hotspots: Setting Up Public Wireless Internet Access (Cisco Press 2006).

Page 2 of 2

Previous Page
1 2

Tags: browsers, security, server, wireless, Wi-Fi

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.