Security for mynotebook on public wireless

I haved searched and read and pretty much understand about security for
my home wireless network. Lots of info available about that.

However I can not seem to find information or recommendations about
making sure my notebook and data is safe when I connect to a pubic
wireless network like at our public library or at some cafes.

I want to make sure my computer is protected when connected to these
public networks.

Can anyone direct me to, or post some links to information on this?

Thanks!

For starts, you should run Zone Alarm. Also turn off file sharing.

shepard wrote:
> I haved searched and read and pretty much understand about security for
> my home wireless network. Lots of info available about that.
>
> However I can not seem to find information or recommendations about
> making sure my notebook and data is safe when I connect to a pubic
> wireless network like at our public library or at some cafes.
>
> I want to make sure my computer is protected when connected to these
> public networks.
>
> Can anyone direct me to, or post some links to information on this?
>
> Thanks!

Thanks. At home I use a wireless router. I have read that Zone Alarm
be a problem with that setup. I have also read that Zone Alarm has
become as impossible to uninstall as Norton AntiVirus. It digs it's
tentacles so deep that uninstalling it is almost impossible. I don't
know if this is correct information, but I have had so much trouble
with NAV, I would not want to install another product with similar
tendencies.

My main concern is that while on a public wireless network, I don't
have the incoming protection I have at home with my router. I suppose
I could just turn on Windows firewall whenever I use the notebook away
from home and turn it off when connecting through my router.

I do have file sharing turned off.


(E-Mail Removed) wrote:
> For starts, you should run Zone Alarm. Also turn off file sharing.

Thanks. At home I use a wireless router. I have read that Zone Alarm
can
be a problem with that setup. I have also read that Zone Alarm has
become as impossible to uninstall as Norton AntiVirus. It digs it's
tentacles so deep that uninstalling it is almost impossible. I don't
know if this is correct information, but I have had so much trouble
with NAV, I would not want to install another product with similar
tendencies.

My main concern is that while on a public wireless network, I don't
have the incoming protection I have at home with my router. I suppose
I could just turn on Windows firewall whenever I use the notebook away
from home and turn it off when connecting through my router.


I do have file sharing turned off.

shepard wrote:
> I haved searched and read and pretty much understand about security for
> my home wireless network. Lots of info available about that.
>
> However I can not seem to find information or recommendations about
> making sure my notebook and data is safe when I connect to a pubic
> wireless network like at our public library or at some cafes.
>
> I want to make sure my computer is protected when connected to these
> public networks.
>
> Can anyone direct me to, or post some links to information on this?
>
> Thanks!
>

The buck stops with the O/S and it doesn't stop anywhere else. If I were
going into a public situation with a wireless machine to access that
wireless network, I would configure the O/S or harden the O/S to attack
as much as possible. But that's just me.

http://labmice.techtarget.com/articl...ychecklist.htm

If I needed to secure my wireless data being transmitted in a public
situation, I would use a VPN service solution, like the on in the link
or others.

http://www.secureix.com/

Duane

"shepard" <(E-Mail Removed)> hath wroth:

>I have also read that Zone Alarm has
>become as impossible to uninstall as Norton AntiVirus. It digs it's
>tentacles so deep that uninstalling it is almost impossible. I don't
>know if this is correct information, but I have had so much trouble
>with NAV, I would not want to install another product with similar
>tendencies.

Norton Internet Security and Norton Anti-Virus 2004-2006 were a
serious problem with uninstallation. In the past, I've had to
manually hack my may through the registry, removing all traces of NIS
and NAV. I think there were something like 3000 entries. Symantec
finally got the clue and has supplied uninstall tools for the past
year or so.

http://service1.symantec.com/SUPPORT...05033108162039
It's not exactly trivial to uninstall properly, but the proceedure
does work if followed exactly. There are also other uninstallers for
other similar products.

McAfee Anti-Virus products have similar problems. I don't recall the
exact version numbers, but I recently did battle with one OEM
pre-installed version on a Dell something, that had 4 different
modules, that had to be uninstalled in exactly the right (unspecified)
order, or it would leave a mess. I eventually had to reinstall from
cdrom, and try the uninstall in a different order, before I found the
secret method.

When I finally got it uninstalled, I found that it still had some junk
running on startup. I had to use Startup Inspector for Windoze:
http://www.WindowsStartup.com
to disable and remove those. Yech.

Recently, I noticed that McAfee Anti-Virus now has a single entry
under add-remove software on a new Dell something. It uninstalled
quite easily. Progress methinks.

The free version of ZoneAlarm was a problem with uninstallation as it
would also leave some programs in startup. I again had to use Startup
Inspector for Windoze to remove those. After that, no problems with
removal.

With the full collection of add-ons and plug-ins, ZoneAlarm begins to
resemble NIS, System Works, and McAfee Internet Suite. Same with
Trend Micro's PC-cillin Internet Security. Plenty of things to go
wrong. I don't have much experience with these, but they don't seem
any worse than the others.

My biggest current headaches with various anti-virus and firewall
products are the corporate editions. They usually require a password
to remove them, which is all to often lost. Removing the product
without the password invariably involves registry hacking which is no
fun.

>My main concern is that while on a public wireless network, I don't
>have the incoming protection I have at home with my router. I suppose
>I could just turn on Windows firewall whenever I use the notebook away
>from home and turn it off when connecting through my router.

Most of my customers have the Windoze firewall turned on all the time.
It's fairly smart about dealing with incoming junk. All you have to
do is turn on or off the File and Print Sharing exception.

>I do have file sharing turned off.

Leave it off along with everything else that's not needed.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Thanks for the information. I guess the reason I have the Windows
firewall turned off is that up to now, I have only used the notebook at
home with a router. Nothing seems to get in through that. I tend to
turn off anything that I don't think I need. I guess computers are
faster today, but in the past, I have found that the more stuff
running, the slower the computer. If there is no downside to having
the XP firewall on, I'll turn it on?

One question about the "labmice.techtarget" link. It has some good
info, but has not been updated in over 2 years. Does anyone have any
other more recent links on this subject? I do like to read and learn
from sires like that.

Thanks!

"shepard" <(E-Mail Removed)> hath wroth:

>One question about the "labmice.techtarget" link. It has some good
>info, but has not been updated in over 2 years.

It's 3 years and 4 months old. So far, it's the best checklist I've
seen (although I don't agree with all it's suggestions).

There's always the official line for Microsoft:

http://www.microsoft.com/technet/arc....mspx?mfr=true

http://www.microsoft.com/technet/pro.../scthch07.mspx
There's have been aged for less than a year.

If you're a government type, there's always the NIST's checklist and
suggestions:
http://csrc.nist.gov/fasp/
This gets kinda complicated but makes interesting reading.

Then, there's the security documents from SANS:
http://www.sans.org/rr
http://www.sans.org/rr/whitepapers/wireless/
http://www.sans.org/rr/whitepapers/basics/
Lots of checklists and articles to dig through. This one on Wireless
Security is a good start, although it's very Microsoft ISA centric:
http://www.sans.org/rr/whitepapers/wireless/1619.php
Only 1 year old.

>Does anyone have any
>other more recent links on this subject? I do like to read and learn
>from sires like that.

If you have XP or W2K you might wanna look at:
http://www.belarc.com
The free version, plus the CIS security check update from:
http://www.belarc.com/advisor_update.html
http://www.cisecurity.org
will give you an overly detailed list of things to secure. Here's a
sample from my W2K box:
http://802.11junk.com/jeffl/crud/ch-sec.htm
The pass/fail icons are missing (too lazy to edit the HTML) but if you
look at the scores, I missed on about half of the security tests.

Of course, none of these checklists are worth much unless you TEST for
security problems. You may think you've done all the right things,
but the latest greated update, fix, utility, or spyware you've
installed, can easily undo your efforts.

Disclaimer: I'm not a security expert.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

http://www.uksecurityonline.com

The above link was the best of them all. It's gone now and it's a shame.

Duane

Not everyone is running XP, which I think is the only OS with the MS
Zone Alarm rip off. [X64 has the MS ZA rip off too.]


Jeff Liebermann wrote:
> "shepard" <(E-Mail Removed)> hath wroth:
>

>
> The free version of ZoneAlarm was a problem with uninstallation as it
> would also leave some programs in startup. I again had to use Startup
> Inspector for Windoze to remove those. After that, no problems with
> removal.
>
> With the full collection of add-ons and plug-ins, ZoneAlarm begins to
> resemble NIS, System Works, and McAfee Internet Suite. Same with
> Trend Micro's PC-cillin Internet Security. Plenty of things to go
> wrong. I don't have much experience with these, but they don't seem
> any worse than the others.
>
>
>
> --
> Jeff Liebermann (E-Mail Removed)
> 150 Felker St #D http://www.LearnByDestroying.com
> Santa Cruz CA 95060 http://802.11junk.com
> Skype: JeffLiebermann AE6KS 831-336-2558