Results 1 to 12 of 12
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Fresno, California, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts

    security for longish hotel stay

    I'll be staying in a hotel for a month, between homes. We'll be using the web heavily, including for banking, money transfers, etc. My wife and I use Firefox on Windows 7 and Mac OSX 10.7. What should we do to protect ourselves on the hotel's network?

  2. #2
    Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    64
    Thanks
    12
    Thanked 11 Times in 10 Posts
    Hello Vic2491:

    Will you be using the hotel's Wi-Fi or hardwired Internet access? WPA2 only for Wi-Fi?

    Please give us a moderate amount of information about your Windows 7 security arsenal. Do you use only a Limited User Account (LUA)? User Account Control (UAC)? Software Restriction Policy (SRP)? Could you do some/all of your work booted up from a Linux LiveCD?

    Can the Mac OS X 10.7 (Lion) be updated to 10.9.3 (Mavericks) or at least to 10.7.5 or greater? What additional full-time security has been installed?

    Do you have external full system back-ups for both computers? Do you both keep your OS, applications and utilities scrupulously up-to-date? Are you familiar with, and do you use, Virtual Private Networks (VPN)? Do you force your up-to-date browsers to use https connections, when available? Do you have Oracle's Java installed in either computer? Is Adobe Flash Player updated if used? Adobe Reader? Do you encrypt any of your personal files? Will your computers be physically secured (lock & key) in your absence? Do both of you have stronger than average passwords? Can you live without using social networking sites? Do either of you use file transfer torrents? Etc, etc...

    The devil is in the details.

    Thank you.
    Last edited by 1PW; 2014-06-20 at 08:17.
    1PW

  3. #3
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,530
    Thanks
    130
    Thanked 500 Times in 460 Posts
    VPN is most secure, but it'll take a bite out of most any wifi's speed.
    Outside of a VPN there is NO way to securely use wifi.

    When I'm on the road for extended periods I'll use my 4G Verizon USB modem exclusively for any banking and other secure usage (Amazon purchases).
    Cellular is much more secure than wifi alone. All secure usage should be strictly limited.

    Hotel or other wifi should be used for internet surfing only, and it should be LOGGED OFF when not in use, which means NO automatic logon.
    You should be cognizant of security at all times when on any wifi.

    A fully up to date browser, a strong computer logon password, and a limited user account are all must haves, as is a solid backup regimen
    which gets you up and running again, quickly, in most any situation.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Windows 8.1, 64 bit
    Motherboard: DX58SO2*Chipset: X58 Express/Intel ICH10*BIOS: SOX5820J.86A.0888.2012.0129.2203*Processor: Intel Core i7 CPU X 990
    GPU: Nvidia GTX 580*Memory: Corsair 12 GB, 4x3@1600*PSU: Corsair HX1000*Hard drives: REVO X2 160GB*OCZ VERT X3 120GB*5 mechanical storage drives (12 TB) total.

  4. #4
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    5,005
    Thanks
    71
    Thanked 574 Times in 520 Posts
    You can read some tips on (more) secure public wifi here:
    http://www.gizmag.com/how-to-stay-se...otspots/28694/

    Jerry

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    Fresno, California, USA
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Answers

    1. I suspect they only have wifi. Hopefully it will be WPA2. But I won't know until I get there.

    2. In Windows 7, we use UAC but not a LUA. I can create a LUA, and will do so. Since it is my wife whose laptop uses W7, the chance of her using Linux is zero. I have never set up SRPs and it looks complicated.

    3. The Mac has been updated to 10.8.5 (Mountain Lion). The firewall is turned on. There are no other security features.

    4. The Mac has a full backup on a Time Machine which will be available. The PC has a Carbonite backup set up. Important files for both systems are kept in shared Dropbox folders.

    5. Adobe and browsers are automatically updated. Java not installed. Browsers are Firefox with "force TLS" add-on. Mine has noscript also, but it is too much hassle for my wife.

    6. I use keypass and have good passwords. My wife tends to use the same password for every site (I know, this is serious). Nothing is encrypted except the keypass data file.

    7. Computers will be physically secured. We do not use torrents. We have a subscription to Private Internet Access (vpn) which I only use when accessing banks, etc. because it gives us a new random IP every time, which causes gmail to lock itself until I go through a verification process with my phone.

    8. No, we can't live without facebook (well, my wife can't).

    Answering these questions has been very helpful! I also noticed that our movers took the emergency restore disks with a bunch of other stuff that we won't see for 2 months!

    Quote Originally Posted by 1PW View Post
    Hello Vic2491:

    Will you be using the hotel's Wi-Fi or hardwired Internet access? WPA2 only for Wi-Fi?

    Please give us a moderate amount of information about your Windows 7 security arsenal. Do you use only a Limited User Account (LUA)? User Account Control (UAC)? Software Restriction Policy (SRP)? Could you do some/all of your work booted up from a Linux LiveCD?

    Can the Mac OS X 10.7 (Lion) be updated to 10.9.3 (Mavericks) or at least to 10.7.5 or greater? What additional full-time security has been installed?

    Do you have external full system back-ups for both computers? Do you both keep your OS, applications and utilities scrupulously up-to-date? Are you familiar with, and do you use, Virtual Private Networks (VPN)? Do you force your up-to-date browsers to use https connections, when available? Do you have Oracle's Java installed in either computer? Is Adobe Flash Player updated if used? Adobe Reader? Do you encrypt any of your personal files? Will your computers be physically secured (lock & key) in your absence? Do both of you have stronger than average passwords? Can you live without using social networking sites? Do either of you use file transfer torrents? Etc, etc...

    The devil is in the details.

    Thank you.

  6. #6
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Tennessee,USA
    Posts
    135
    Thanks
    13
    Thanked 12 Times in 11 Posts
    and it should be LOGGED OFF when not in use, which means NO automatic logon.
    My laptop has a keyboard wifi on/off switch. Clicking it off makes the laptop unavailable for all wifi usages. It should be OFF when you are not using it.

    which means NO automatic logon
    + one for this. Always use manual logons when at a hotel. Reset your computer if necessary to manual logons while there. When you are out of the room, the cleaning lady can logon, if you leave it auto logon!!!
    Make you manual logon is set for your stay
    Good Luck
    Michael

  7. #7
    2 Star Lounger
    Join Date
    May 2012
    Location
    Michigan
    Posts
    100
    Thanks
    46
    Thanked 5 Times in 4 Posts
    In his reply, 1PW mentioned hard-wired internet access. When you arrive, I suggest you check to see if a public library is nearby. In our local library, the computers are set up so information about one's bank account, cellular bill, etc. is erased when one logs off and the computer reboots. The computers are connected to the internet with a hard-wired connection. And one logs on with his/her 12-digit account number and a password.

    Charles
    Last edited by csmart4125; 2014-06-26 at 21:33.

  8. #8
    Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    64
    Thanks
    12
    Thanked 11 Times in 10 Posts
    Quote Originally Posted by Vic2491 View Post
    1. I suspect they only have wifi. Hopefully it will be WPA2. But I won't know until I get there.

    2. In Windows 7, we use UAC but not a LUA. I can create a LUA, and will do so. Since it is my wife whose laptop uses W7, the chance of her using Linux is zero. I have never set up SRPs and it looks complicated.

    3. The Mac has been updated to 10.8.5 (Mountain Lion). The firewall is turned on. There are no other security features.

    4. The Mac has a full backup on a Time Machine which will be available. The PC has a Carbonite backup set up. Important files for both systems are kept in shared Dropbox folders.

    5. Adobe and browsers are automatically updated. Java not installed. Browsers are Firefox with "force TLS" add-on. Mine has noscript also, but it is too much hassle for my wife.

    6. I use keypass and have good passwords. My wife tends to use the same password for every site (I know, this is serious). Nothing is encrypted except the keypass data file.

    7. Computers will be physically secured. We do not use torrents. We have a subscription to Private Internet Access (vpn) which I only use when accessing banks, etc. because it gives us a new random IP every time, which causes gmail to lock itself until I go through a verification process with my phone.

    8. No, we can't live without facebook (well, my wife can't).

    Answering these questions has been very helpful! I also noticed that our movers took the emergency restore disks with a bunch of other stuff that we won't see for 2 months!
    2. Using a LUA can significantly reduce your attack surface and only takes a few moments to setup. Look into SRPs when you are settled in.

    3. Please consider a good, free, Antivirus install for the Mac. I'm trying Avira for my MacBook Pro w/Mavericks and it's been trouble-free so far.

    Please congratulate yourselves on being as computer security aware as you are.
    1PW

  9. #9
    2 Star Lounger
    Join Date
    May 2012
    Location
    Michigan
    Posts
    100
    Thanks
    46
    Thanked 5 Times in 4 Posts
    1PW, please tell me how to obtain and use a Linux Live CD and describe the advantages of using this. Thanks.

  10. #10
    Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    64
    Thanks
    12
    Thanked 11 Times in 10 Posts
    Quote Originally Posted by csmart4125 View Post
    1PW, please tell me how to obtain and use a Linux Live CD and describe the advantages of using this. Thanks.
    Go to the The LiveCD List and download & burn. Something like Mint and Ubuntu are very popular, boots from the CD or USB thumb drive you burned and makes no changes to your present system. Open the integral browser and see if your hardware video and networking are reasonably compatible. If you can't browse without difficulty, try another "Desktop, OS Installation" type of distribution till you find one that is functional and appeals to your needs and taste.

    If high-security and anonymity are interesting to you, try TAILS which uses the TOR network. TAILs might be attractive for banking, financial or other transactions where encrypted connections are in use through the entire TOR network. Newspaper reporters frequently use TAILS for encrypted communications.

    Other Linux based LiveCD distributions feature utilities for the support and repair of Windows based systems. e.g. GParted for the ease of maintaining, moving, creating, deleting, formatting and resizing of partitions on your storage volumes (HDD and SDD). Some of those PC maintenance LiveCDs might have Memtest86+. The gold standard for memory diagnostics.

    Some are finding a conversion to Linux brings new life to old, lesser, XP based 32-bit computers. The conversion to Linux question frequently comes down to compatibility issues with older video boards.

    Ultimately you might even try converting a Windows only installation to a dual-boot Windows/Linux system. But you can research that on your own.

    HTH
    Last edited by 1PW; 2014-07-09 at 05:42.

  11. #11
    4 Star Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    425
    Thanks
    39
    Thanked 17 Times in 17 Posts
    And if you are not scared enough of hotel supplied computers read this Secret Service warning
    http://www.zdnet.com/us-secret-servi...tag=TREc64629f

    And a second for Linux boot disk but check the ports for h/w keyloggers
    http://www.zdnet.com/heres-the-only-...tag=TREc64629f





    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  12. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    Quote Originally Posted by wavy View Post
    And if you are not scared enough of hotel supplied computers read this Secret Service warning
    http://www.zdnet.com/us-secret-servi...tag=TREc64629f

    And a second for Linux boot disk but check the ports for h/w keyloggers
    http://www.zdnet.com/heres-the-only-...tag=TREc64629f
    Brian Krebs has published many topics related to this on his blog, most recently:
    Wireless Live CD Alternative: ZeusGard and Beware Keyloggers at Hotel Business Centers

    I recall that we also had some discussions around this scenario back in February here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •