There are several things you can do to ensure you keep the bad guys and their malicious software out of your system. For starters, keep up with patches -- either manually or via Automatic Updates or other automated patch management system. Also, have antivirus and antispyware software installed. Most people have the former type of protection but (still!) very few have the latter. If you're on a budget, at least check out Microsoft's AntiSpyware solution – it's has had good reviews, seems to do its job and it's free.
Protect the operating system
It's one thing to protect a communications link, but it's entirely another thing to protect your actual computer. Why? Well, that's where the "money" is -- files, password hashes and other stuff that tends to pique the interest of the bad guys.
Perhaps the most important piece of software to help protect your computer is a personal firewall. It is, hands down, the best way to protect your systems from remote access. Try Windows Firewall built into XP SP2 and later, or check out one of the freeware or commercial products like ZoneAlarm, from Zone Labs LLC or, my favorite, BlackICE from Internet Security Systems Inc. Once you install a personal firewall, just be careful about the rules you set up, as it's easy to tweak your system to inadvertently allow external Windows access.
Don't forget about ad-hoc
Many laptops with wireless cards are vulnerable even if they're not connected to a hotspot. These systems have their wireless network card running in what's called ad-hoc mode. Ad hoc, sometimes called peer-to-peer mode, enables wireless clients to communicate with each other without a wireless access point (AP) to facilitate everything. Check your wireless settings and ensure ad hoc is not enabled if you don't need it. Otherwise, it may be possible for an attacker to join your ad-hoc network and muck around on your system.
How to lock down laptops that connect to hotspots
Step 1: Understand what there is to lose and who's stealing the loot
Step 2: Secure your computer to prevent attacks in the first place
Step 3: Secure your communications link
Step 4: Tools you can use to test if you're vulnerable
|ABOUT THE AUTHOR:|
Kevin Beaver is an independent information security advisor with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. He has authored five information security-related books including Hacking For Dummies (Wiley), the brand new Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). You can reach Kevin Beaver at firstname.lastname@example.org.
Copyright 2005 TechTarget
This was first published in August 2005