Sign in with
Sign up | Sign in
Your question

wireless security without a base station (newbie)

Tags:
  • Wireless
  • Security
  • Wireless Networking
Last response: in Wireless Networking
Share
July 7, 2004 11:49:14 AM

Archived from groups: alt.internet.wireless (More info?)

I just purchased a Netgear WG511T wireless PC card for my laptop, to
use while on vacation to get my work email and send files to a client.
I do not own a base station (I use CAT5 at home and at work), so the
card is only for use on the road, like pulling up to a Starbuck's and
getting online.

My question is about security... Do I have to set up any special
security measures for my laptop to be secure? I have a Dell w/ Win2000
Pro. I already have Norton Anti-virus and Internet Security running. I
have some shared folders which I can require passwords for. Does the
blinking wireless card pose any security threat? Anything I've read
about wireless security refers to setting up the base station.

Thanks in advance!

More about : wireless security base station newbie

July 7, 2004 7:40:27 PM

Archived from groups: alt.internet.wireless (More info?)

Yes, wifi is completely open without encryption. There are several widely
available freeware tools to monitor and record wifi traffic, and even to
crack WEP encryption keys. The safest alternative is WPA with AES
encryption, but regular WEP is acceptable for home/SOHO if the key is
changed frequently.

Any form of encryption has to be configured on both the AP and all clients.
When you're on the road, you'll find that most hotspots don't support
encryption. In this case, you should assume that anything you send or
receive is potentially being monitored by a third party. You're okay if
you're using secure http ("https" is in the URL), or a VPN. If you connect
to a POP server to read mail, almost certainly the account/password is
transmitted in the clear, so someone could grab it and use your email
account. I don't worry much about this, I just change the password
frequently. But remember, a third party can also intercept your email as you
read it.

You should get a wifi firewall, and disable shares when using a public
hotspots.

"Joel" <jm109@lycos.com> wrote in message
news:911f0744.0407070649.3d155363@posting.google.com...
> I just purchased a Netgear WG511T wireless PC card for my laptop, to
> use while on vacation to get my work email and send files to a client.
> I do not own a base station (I use CAT5 at home and at work), so the
> card is only for use on the road, like pulling up to a Starbuck's and
> getting online.
>
> My question is about security... Do I have to set up any special
> security measures for my laptop to be secure? I have a Dell w/ Win2000
> Pro. I already have Norton Anti-virus and Internet Security running. I
> have some shared folders which I can require passwords for. Does the
> blinking wireless card pose any security threat? Anything I've read
> about wireless security refers to setting up the base station.
>
> Thanks in advance!
Anonymous
a b F Wireless
a b 8 Security
July 7, 2004 8:45:35 PM

Archived from groups: alt.internet.wireless (More info?)

Norton Internet Security should suffice as your firewall. Strangely, your
credit cards are usually safe, even at Starbucks, because e-commerce sites
use TLS (SSL) to encrypt those connections. But as Gary said, other
traffic, such as your email passwords and text, are visible in plaintext.
You can compensate for this by establishing a VPN tunnel from your laptop to
anywhere that you have a VPN server (home, office [with permission]). I
would also configure XP (if that's what you're using) to allow only
infrastructure (access-point) connections, and not ad-hoc (computer to
computer) connections. Keep your wireless adapter disabled when you're not
using it. Better yet, see if the wireless driver allows you to power off
the adapter when you're not using it; that'll extend your battery life too.

Ron Bandes, CCNP, CTT+, etc.

"gary" <pleasenospam@sbcglobal.net> wrote in message
news:LPUGc.11793$kZ5.7457@newssvr24.news.prodigy.com...
> Yes, wifi is completely open without encryption. There are several widely
> available freeware tools to monitor and record wifi traffic, and even to
> crack WEP encryption keys. The safest alternative is WPA with AES
> encryption, but regular WEP is acceptable for home/SOHO if the key is
> changed frequently.
>
> Any form of encryption has to be configured on both the AP and all
clients.
> When you're on the road, you'll find that most hotspots don't support
> encryption. In this case, you should assume that anything you send or
> receive is potentially being monitored by a third party. You're okay if
> you're using secure http ("https" is in the URL), or a VPN. If you connect
> to a POP server to read mail, almost certainly the account/password is
> transmitted in the clear, so someone could grab it and use your email
> account. I don't worry much about this, I just change the password
> frequently. But remember, a third party can also intercept your email as
you
> read it.
>
> You should get a wifi firewall, and disable shares when using a public
> hotspots.
>
> "Joel" <jm109@lycos.com> wrote in message
> news:911f0744.0407070649.3d155363@posting.google.com...
> > I just purchased a Netgear WG511T wireless PC card for my laptop, to
> > use while on vacation to get my work email and send files to a client.
> > I do not own a base station (I use CAT5 at home and at work), so the
> > card is only for use on the road, like pulling up to a Starbuck's and
> > getting online.
> >
> > My question is about security... Do I have to set up any special
> > security measures for my laptop to be secure? I have a Dell w/ Win2000
> > Pro. I already have Norton Anti-virus and Internet Security running. I
> > have some shared folders which I can require passwords for. Does the
> > blinking wireless card pose any security threat? Anything I've read
> > about wireless security refers to setting up the base station.
> >
> > Thanks in advance!
>
>
Related resources
July 7, 2004 9:16:44 PM

Archived from groups: alt.internet.wireless (More info?)

Thanks for the info... I guess I was thinking in terms of opportunists
"finding my signal" (please excuse my ignorance) and hacking my laptop
while it's sitting there idle. But I never thought about the security
of data I'm transmitting, like email login info (!). I already noticed
that the tmobile hotspots (at Starbuck's) are not encrypted. Is there
any way to encrypt that information myself, like from MS Outlook? Or
can my POP provider do something on their end?
If all else fails I can set up a VPN to my office network. So then I
would be connecting to my office, which in turn would be supplying my
internet connection (and therefore email, etc.)?

Thanks again.

"Ron Bandes" <RunderscoreBandes @yah00.com> wrote in message news:<PMVGc.71782$kz.13927432@news4.srv.hcvlny.cv.net>...
> Norton Internet Security should suffice as your firewall. Strangely, your
> credit cards are usually safe, even at Starbucks, because e-commerce sites
> use TLS (SSL) to encrypt those connections. But as Gary said, other
> traffic, such as your email passwords and text, are visible in plaintext.
> You can compensate for this by establishing a VPN tunnel from your laptop to
> anywhere that you have a VPN server (home, office [with permission]). I
> would also configure XP (if that's what you're using) to allow only
> infrastructure (access-point) connections, and not ad-hoc (computer to
> computer) connections. Keep your wireless adapter disabled when you're not
> using it. Better yet, see if the wireless driver allows you to power off
> the adapter when you're not using it; that'll extend your battery life too.
>
> Ron Bandes, CCNP, CTT+, etc.
>
> "gary" <pleasenospam@sbcglobal.net> wrote in message
> news:LPUGc.11793$kZ5.7457@newssvr24.news.prodigy.com...
> > Yes, wifi is completely open without encryption. There are several widely
> > available freeware tools to monitor and record wifi traffic, and even to
> > crack WEP encryption keys. The safest alternative is WPA with AES
> > encryption, but regular WEP is acceptable for home/SOHO if the key is
> > changed frequently.
> >
> > Any form of encryption has to be configured on both the AP and all
> clients.
> > When you're on the road, you'll find that most hotspots don't support
> > encryption. In this case, you should assume that anything you send or
> > receive is potentially being monitored by a third party. You're okay if
> > you're using secure http ("https" is in the URL), or a VPN. If you connect
> > to a POP server to read mail, almost certainly the account/password is
> > transmitted in the clear, so someone could grab it and use your email
> > account. I don't worry much about this, I just change the password
> > frequently. But remember, a third party can also intercept your email as
> you
> > read it.
> >
> > You should get a wifi firewall, and disable shares when using a public
> > hotspots.
> >
> > "Joel" <jm109@lycos.com> wrote in message
> > news:911f0744.0407070649.3d155363@posting.google.com...
> > > I just purchased a Netgear WG511T wireless PC card for my laptop, to
> > > use while on vacation to get my work email and send files to a client.
> > > I do not own a base station (I use CAT5 at home and at work), so the
> > > card is only for use on the road, like pulling up to a Starbuck's and
> > > getting online.
> > >
> > > My question is about security... Do I have to set up any special
> > > security measures for my laptop to be secure? I have a Dell w/ Win2000
> > > Pro. I already have Norton Anti-virus and Internet Security running. I
> > > have some shared folders which I can require passwords for. Does the
> > > blinking wireless card pose any security threat? Anything I've read
> > > about wireless security refers to setting up the base station.
> > >
> > > Thanks in advance!
> >
> >
July 8, 2004 4:32:15 AM

Archived from groups: alt.internet.wireless (More info?)

"Joel" <jm109@lycos.com> wrote in message
news:911f0744.0407071616.62150e5a@posting.google.com...
> Thanks for the info... I guess I was thinking in terms of opportunists
> "finding my signal" (please excuse my ignorance) and hacking my laptop
> while it's sitting there idle. But I never thought about the security
> of data I'm transmitting, like email login info (!). I already noticed
> that the tmobile hotspots (at Starbuck's) are not encrypted. Is there
> any way to encrypt that information myself, like from MS Outlook? Or
> can my POP provider do something on their end?
> If all else fails I can set up a VPN to my office network. So then I
> would be connecting to my office, which in turn would be supplying my
> internet connection (and therefore email, etc.)?
>
> Thanks again.

Disable all shares of any kind when using a wifi net, and as Ron suggested,
make sure you never leave the adapter configured for ad-hoc (which would
allow other stations to connect directly to you). Also run a wifi firewall.
These things should prevent most people from hacking your laptop.

Privacy (and protection of your home connection to your ISP, if you have a
wifi router or AP) requires encryption. At open hotspots, you just have to
bite the bullet and watch what you do. Outlook lets you configure secure
authentication, but AFAIK, most POP servers don't support it. There's no way
you can do end-to-end encryption without both endpoints co-operating. As you
guessed, if you are using VPN to your office, you're in good shape. Anything
you do over the VPN connection is reasonably secure, including email.

>
> "Ron Bandes" <RunderscoreBandes @yah00.com> wrote in message
news:<PMVGc.71782$kz.13927432@news4.srv.hcvlny.cv.net>...
> > Norton Internet Security should suffice as your firewall. Strangely,
your
> > credit cards are usually safe, even at Starbucks, because e-commerce
sites
> > use TLS (SSL) to encrypt those connections. But as Gary said, other
> > traffic, such as your email passwords and text, are visible in
plaintext.
> > You can compensate for this by establishing a VPN tunnel from your
laptop to
> > anywhere that you have a VPN server (home, office [with permission]). I
> > would also configure XP (if that's what you're using) to allow only
> > infrastructure (access-point) connections, and not ad-hoc (computer to
> > computer) connections. Keep your wireless adapter disabled when you're
not
> > using it. Better yet, see if the wireless driver allows you to power
off
> > the adapter when you're not using it; that'll extend your battery life
too.
> >
> > Ron Bandes, CCNP, CTT+, etc.
> >
> > "gary" <pleasenospam@sbcglobal.net> wrote in message
> > news:LPUGc.11793$kZ5.7457@newssvr24.news.prodigy.com...
> > > Yes, wifi is completely open without encryption. There are several
widely
> > > available freeware tools to monitor and record wifi traffic, and even
to
> > > crack WEP encryption keys. The safest alternative is WPA with AES
> > > encryption, but regular WEP is acceptable for home/SOHO if the key is
> > > changed frequently.
> > >
> > > Any form of encryption has to be configured on both the AP and all
> > clients.
> > > When you're on the road, you'll find that most hotspots don't support
> > > encryption. In this case, you should assume that anything you send or
> > > receive is potentially being monitored by a third party. You're okay
if
> > > you're using secure http ("https" is in the URL), or a VPN. If you
connect
> > > to a POP server to read mail, almost certainly the account/password is
> > > transmitted in the clear, so someone could grab it and use your email
> > > account. I don't worry much about this, I just change the password
> > > frequently. But remember, a third party can also intercept your email
as
> > you
> > > read it.
> > >
> > > You should get a wifi firewall, and disable shares when using a public
> > > hotspots.
> > >
> > > "Joel" <jm109@lycos.com> wrote in message
> > > news:911f0744.0407070649.3d155363@posting.google.com...
> > > > I just purchased a Netgear WG511T wireless PC card for my laptop, to
> > > > use while on vacation to get my work email and send files to a
client.
> > > > I do not own a base station (I use CAT5 at home and at work), so the
> > > > card is only for use on the road, like pulling up to a Starbuck's
and
> > > > getting online.
> > > >
> > > > My question is about security... Do I have to set up any special
> > > > security measures for my laptop to be secure? I have a Dell w/
Win2000
> > > > Pro. I already have Norton Anti-virus and Internet Security running.
I
> > > > have some shared folders which I can require passwords for. Does the
> > > > blinking wireless card pose any security threat? Anything I've read
> > > > about wireless security refers to setting up the base station.
> > > >
> > > > Thanks in advance!
> > >
> > >
Anonymous
a b F Wireless
a b 8 Security
July 8, 2004 11:25:23 AM

Archived from groups: alt.internet.wireless (More info?)

"Joel" <jm109@lycos.com> wrote in message
news:911f0744.0407071616.62150e5a@posting.google.com...
> I can set up a VPN to my office network. So then I
> would be connecting to my office, which in turn would be supplying my
> internet connection (and therefore email, etc.)?

Your office would supply your connection to the Internet, but you can use
whatever service you want for email.

Ron Bandes, CCNP, CTT+, etc.
July 8, 2004 5:33:00 PM

Archived from groups: alt.internet.wireless (More info?)

Thank you both for the valuable advice...
!