Wi-Fi - best protection?

Discussion in 'privacy technology' started by ykrapsp, Jan 18, 2012.

Thread Status:
Not open for further replies.
  1. ykrapsp
    Offline

    ykrapsp Registered Member

    Hey there,

    In february im moving to an new appartment. Unfortunately, I can only connect to the internet using a Wi-Fi connection. But you guessed it, it's shared with other students.

    How can I protect my laptop against potential internal and external attacks? All I know so far is that the Wi-Fi is protected with WPA2.

    I was thinking about using a VPN service to encrypt my external data traffic (prevent sniffers)? Do you guys have any recommendations on which provider I should choose?

    For internal attacks, I was thinking about closing and stopping unnecessary ports and services.

    Do you guys have any other suggestions? Thanks very much.
  2. Victek
    Offline

    Victek Registered Member

    Which OS? If you're using Vista/Seven you want to identify the wireless network as "Public" and make sure file & printer sharing are turned off. Make sure the Firewall is ON (you could also use a 3rd party firewall). That should make your computer inaccessible to anyone in the network. The WPA2 will protect your computer from snoops outside the network. I don't know that there would be any additional advantage to using a VPN. You would definitely want to use one on Open WiFi (Starbucks, etc).
  3. ams963
    Offline

    ams963 Registered Member

  4. Victek
    Offline

    Victek Registered Member

    CTC is certainly an affordable solution. Have you used it? I'm not finding a dedicated thread about CTC here. It would be nice to know more about it so maybe we should start one?
  5. RejZoR
    Offline

    RejZoR Polymorphic Sheep

    avast! will soon offer avast! SecureConnect service. It creates a secure connection between you and the target webpage. So even if you're on public WiFi, no one will be able to see what you're transmitting or receiving.
  6. Victek
    Offline

    Victek Registered Member

    Do you have any more information about Avast SecureConnect? I'm not seeing anything on their website. Regarding availability, how soon is "soon"? :)
  7. Searching_ _ _
    Offline

    Searching_ _ _ Registered Member

    ykrapsp doesn't control access to the Wi-Fi connection so should probably treat it as Open WiFi (Starbucks, etc).
  8. Victek
    Offline

    Victek Registered Member

    I guess it depends on who does control it and whether or not the OP trusts them. Since he mentioned "students" I wonder if this is a dorm where the connection is controlled by the school or if it's a home setup?
  9. TheKid7
    Offline

    TheKid7 Registered Member

    Is COMODO TrustConnect compatible with Sandboxie?
  10. LockBox
    Offline

    LockBox Registered Member

    A VPN would be a good solution. But there's no reason to focus on Comodo's product or one that's not even out yet (Avast) - a cursory glance at this sub-forum will give one a wealth of VPN choices. Thread after thread.
  11. siljaline
    Offline

    siljaline Registered Member

  12. ykrapsp
    Offline

    ykrapsp Registered Member

    Thanks for all the replies. Just to be clear. I do not control the Wi-Fi network and I'm about to speak to the owner who controls it. But yes, I can probably see this as an Open WiFi spot since I don't know if they monitor traffic or keep logs etc.
  13. ykrapsp
    Offline

    ykrapsp Registered Member

    Last edited: Jan 19, 2012
  14. siljaline
    Offline

    siljaline Registered Member

    You need data encryption as best pssible to avoid situations like piggybacking Call your ISP
  15. ams963
    Offline

    ams963 Registered Member

    @Victek123
    used it for some months last year......

    @TheKid7
    it used to be......don't use wifi so no cfc for me right now......
    Last edited: Jan 20, 2012
  16. Victek
    Offline

    Victek Registered Member

    WPA2 encrypts the connection between your computer and the router. If someone tried to "sniff" your wireless connection they would see encrypted traffic. Routers do allow communication between devices, but access through the firewall has to be intentionally given. Other people on the network should not be able to see you at all if you have file and printer sharing disabled and have a software firewall enabled that's closing/stealthing the ports. If the router has logging turned on there will be a record of IP traffic, but looking at my router log none of it appears to be "personal identifiable info". In other words if your computer is configured properly it should be secure (from others on the LAN) without a VPN. If you use a VPN then the traffic between your computer and through the LAN to the VPN server will be encrypted. That would pretty much guarantee that no one on your local network can access your traffic/information. Hope this helps.
    Last edited: Jan 19, 2012
  17. ykrapsp
    Offline

    ykrapsp Registered Member

    Hey there guys, thanks for the replies.

    An update:

    I spoke to the owner of the network and in order to get internet access I need to provide my Mac-Address. That because the firewall has a whitelist with allowed MAC-addresses...

    Are there any dangers involved when I'm providing my MAC-address?
  18. Palancar
    Offline

    Palancar Registered Member

    If I were in your building I could see every wireless MAC address that is currently being used. There is no danger in giving him your MAC. Wireless devices all communicate using MAC address protocol. Just because I can view your wireless clients doesn't mean that I can de-crypt the communication between them and the AP's they are associated with.

    Although somewhat useless against a hacker of any "salt" the owner is likely trying to prevent authorized users from giving passwords to others that could jump on the connection. The weakness comes from the fact that with the passphrase known I could then spoof my machine's MAC to that of one on the white list.

    Security - if you call it that - is a crap shoot when you have a bunch of dorm-rats sharing a connection.

    The posts above this one give some great directions for you to follow. My take would be to VPN through this connection and leave all the others in the dark as to where you surf. Any traffic through the router all the way to the VPN server is tunneled. No brainer from my perspective.
  19. Baserk
    Offline

    Baserk Registered Member

    If encryption of traffic is only needed to keep it private from the dorm wifi router admin, a free VPN like ad-supported HotSpotShield can suffice.
  20. Victek
    Offline

    Victek Registered Member

    I like SecurityKISS,which is free (and ad-free). There's a 300mb a day limit though.
Thread Status:
Not open for further replies.