By Tim Cronin
Recently, NPR’s “All Tech Considered” posted a very good and concise article on securing WiFi technology. I would just like to add a few key points for those that concern themselves with network security.
First, when using a VPN on an un-trusted hotspot,make sure that it is a “full tunnel” VPN. Split tunnels work well for connecting with trusted networks (like your home network). Unfortunately, if you are on an un-trusted hotspot, then there is no guarantee that there is security on that hotspot and an attacker can use your PC to get access to your internal network.
Second, I would just like to point out that “Secure your home network” Is a huge point. Don’t just take advantage of encryption, MAC filtering and other ubiquitous measures. Also, reduce the size of your network to the minimum that is necessary for the amount of expected systems. And change the default network. Choose something not common. These steps may not be effective alone, but can certainly add to an overall secure environment.
SIDENOTE: MAC filtering and other security features have been shown to be inadequate when a skilled attacker targets your network. There is still not reason *not* to use them. The key is to make your network harder to get into than the ones around you, make it difficult enough so that the attacker loses interest or make it harder than his skill level to crack. An attacker will likely take the path of least resistance, after all. If your network proves to be difficult to hack, the hacker will move on.
Third, disable your wireless antenna when not in use. Most laptops have a button or switch that disables the antenna so that it’s easy to see that it is disabled. This is especially true on airplanes. There are many people that find it fun to browse others’ PCs while on board a plane.
Fourth, if you connect to an access point that you don’t intend to connect with often, delete it from your automatic wireless network list. This was shown to be a very large hole by HD Moore (with his “Evil eeePC”). Instructions here: