Step 3: Secure your communications link

Wireless laptops are a huge security risk, especially when they connect to public hotspots.Contributor Kevin Beaver provides a step-by-step guide for locking down your laptops using a variety of firewalls, encryption and security protocols.

Wired Equivalent Privacy (WEP) and WiFi Protected Access (WPA) are nice but, unfortunately, most hotspots don't

support these security protocols. They're just too difficult to manage in a public environment. If you're connecting into your home or corporate computer from a hotspot, make sure you connect via Terminal Services, Remote Desktop Connection, or via a secure VPN -- not just some half-baked remote access software.

A great VPN solution that's free and easy to set up in Windows environments uses the point-to-point tunneling protocol (PPTP). It's built into Windows server-based systems and you may even be able to get it to work in Windows 2000 and XP Professional as well. Just keep in mind that there are plenty of PPTP hacking tools available. The same goes for IPsec even though it's generally more secure. Irregardless, these solutions are way more secure than not using a VPN at all. If you don't have the resources or gumption to setup a VPN, a couple of subscription-based VPN alternatives are HotSpotVPN and PublicVPN.

To protect your e-mail communications, enable S/MIME or PGP within your e-mail client. You can also use secure POP3 (via TCP port 995 instead of port 110) for e-mail downloads and secure SMTP (via TCP port 465 instead of port 25) for sending e-mail. Many current e-mail clients support these two types of secure e-mail links with the caveat being that the server on the other end has to support them as well. If instant messaging is your way of communicating, many IM clients allow for secure communications using digital certificates, Secure Sockets Layer/Transport Layer Security (SSL/TLS), and even using Pretty Good Privacy (PGP).

When it comes to Web browsing, a snooper can track most sites, sometimes even if you have a secure SSL/TLS connection. Speaking of that, before you submit any sensitive information to a Web site (i.e., from making a purchase or checking your bank statement), make sure that an encrypted link is in place. Just confirm that the lock icon is "locked" in your browser -- usually in the lower right corner of the window.


How to lock down laptops that connect to hotspots

 Home: Introduction
 Step 1: Understand what there is to lose and who's stealing the loot
 Step 2: Secure your computer to prevent attacks in the first place
 Step 3: Secure your communications link
 Step 4: Tools you can use to test if you're vulnerable

ABOUT THE AUTHOR:
Kevin Beaver
Kevin Beaver is an independent information security advisor with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. He has authored five information security-related books including Hacking For Dummies (Wiley), the brand new Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). You can reach Kevin Beaver at kbeaver@principlelogic.com.
Copyright 2005 TechTarget
This was first published in August 2005

Dig deeper on Windows Server and Network Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close