A lot of service-oriented businesses provide Internet access via free public wireless networks. From airports to fast food chains, these access points, or Hot Spots as they are called, are even being implemented in government buildings such as libraries. This can be a real convenience to people on the go, someone waiting for a flight, or someone out of town that may need to get online with a good connection speed and not tie up their cell phone.
The ability to get online at one of these locations is just another exciting step towards technological advancement, but what are the security risks? Especially when these networks are set up with ease of use, not security, in mind. With the use of software called “packet sniffers” people can grab unencrypted data right out of the air and save to a log to view whenever they want.
So what does this mean? Well, let’s say you’re out of town and while at the airport you check on your Ebay bid or that you log on to your bank’s site to look at your account. You shut down your PC and grab your connecting flight, unaware that there was someone within the network’s signal strength with a packet sniffer. If this is the case he/she has just logged a bunch of personal information about you including username and passwords. This is just one scenario. If you don’t have your PC set up properly, a hacker could possibly get right into your PC, look at files, and change settings.
Needless to say there is some concern when it comes to connecting to a public network. This does not mean, however, that all of these Hot Spots are vulnerable to this level. Some facilities actually do provide some defensive measures such as air monitors to spot unusual actively on the network. I recommend being pro-active in your security, and these following recommendations are a great start:
1. Turn off the ad-hoc mode on your network card (allows peer-to-peer connection)
2. If you’re not online disable your network card
3. Make sure you have a firewall in place and running
4. If you are viewing email you might want to use digital signatures to authenticate and identify yourself.
5. I would suggest not using your credit card at one of these locations, but if you have to, make sure you’re on a secure connection (i.e. https://www.etc.com)
6. And of course it wouldn’t be a security article if I didn’t say, “Make sure your system is up-to-date”.
So make sure to have your system set up utilizing the practices above and be cautious, because the truth of the matter is, anyone around you could be attempting to hack into your machine or grab your transmissions.
Stay safe out there,
~ Chad