Results 1 to 14 of 14
  1. #1
    5 Star Lounger
    Join Date
    Jul 2012
    Posts
    967
    Thanks
    662
    Thanked 58 Times in 57 Posts

    Unsecured network

    I was at the library today and noticed I would have had to connect through an unsecured network
    I didn't connect.
    What can I do to work on an unsecured network with at least some degree of safety?

  2. #2
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,078
    Thanks
    0
    Thanked 259 Times in 248 Posts
    Usually it only means you don't need a password to connect to their Router. I think most all Routers have a hardware firewall but be sure your's is on and that you have a fully up-to-date antivirus. I also use the paid-for Malwarebytes to block malware.

  3. The Following User Says Thank You to Berton For This Useful Post:

    cmptrgy (2015-05-05)

  4. #3
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,155
    Thanks
    31
    Thanked 307 Times in 267 Posts
    Choose "Public" instead of "Home" or "Work" as the network type.
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  5. The Following User Says Thank You to Coochin For This Useful Post:

    cmptrgy (2015-05-05)

  6. #4
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    And connect to a VPN to make sure your data is exchanged through an encrypted connection.
    Rui
    -------
    R4

  7. The Following User Says Thank You to ruirib For This Useful Post:

    cmptrgy (2015-05-05)

  8. #5
    5 Star Lounger
    Join Date
    Jul 2012
    Posts
    967
    Thanks
    662
    Thanked 58 Times in 57 Posts
    I like the idea of using a VPN.
    One of my friends recommends LogMeIn Hamachi but he doesn't use it
    --- Does that sound like a good choice?
    Are there a few other VPN's I should investigate?

  9. #6
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,643
    Thanks
    147
    Thanked 883 Times in 844 Posts
    I have mine set to Public and my laptop doesn't go anywhere - figured it was the safest option.

  10. #7
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    My Desktops are set to Public, don't use LAN for Sharing, etc. so it's a little safer; it almost never causes any problems, the only one I can think of was a very recent Firefox install (which was rapidly updated), which was bugged in both Public and Enterprise scenarios.

  11. #8
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Quote Originally Posted by cmptrgy View Post
    I like the idea of using a VPN.
    One of my friends recommends LogMeIn Hamachi but he doesn't use it
    --- Does that sound like a good choice?
    Are there a few other VPN's I should investigate?
    I use CyberGhost for no reason other than having been offered a license. Works fine.
    Rui
    -------
    R4

  12. #9
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,202
    Thanks
    49
    Thanked 987 Times in 917 Posts
    Using a non encrypted wifi connection won't cause any problems unless you want to logon to non-https sites, in which case your user / pass can be intercepted. If you connect to https sites your traffic will be encrypted. The same applies to your local email client, it should always use encrypted comms to your mail server.
    This assumes the wifi provider (library, hotel etc) has not been hacked and is intercepting all your traffic. A VPN will fix that issue.

    cheers, Paul

  13. #10
    jwoods
    Guest
    Windows Secrets Newsletter did a review of VPN software.

    You might do a search of the Newsletter Archives.

    http://windowssecrets.com/newsletter/
    Last edited by jwoods; 2015-05-05 at 14:48.

  14. #11
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    If you are going to connect to wifi networks (even encrypted ones) that are not under your control you should do so through a VPN. Best money spent. And hope the routers you encounter support using a VPN.

    BUT still possible to get picked but not burned by a man-in-the-middle attack (not uncommon in places expected to have free wifi).

    This is where someone sets up a wifi access point, names it (SSID) what you would expect (ex. "Starbucks#2"), adds the login password the hotel gave you and provides the best signal. You naturally log in. They intercept all keystrokes and handshakes and pass the connection through to the wifi connection you thought you were logging into (the legitimate one). Hence they are the "man in the middle" and you are unaware of their presence.

    With the VPN active on your device and passing through the VPN's servers you should be safe (tunneling), but that depends on how well the VPN's software does the initial userid/password exchange with the server. Hopefully encrypted and with a good encryption. Otherwise they could pick your account BUT once connection is established they should not be able to decipher the two way traffic between you and whatever web pages you are visiting or emails sent or received through your VPN.

    I can think of a couple of security issues especially if a certain VPN was commonly used. But since there are a lot of VPNs and none are dominant, I don't think there is much risk of my concerns being an issue unless you were specifically targeted by someone who knew whom your VPN provider was.

    Changing your new connection to public as was said above. And to change the workgroup name from the defaults "workgroup" or "mshome" to something unguessable and with no particular meaning (or "fbicydev"). Keeping important software up to date (OS, AV, wifi, browser, email app, bluetooth, flash and java if used, MS' optional updated certificates list). Use TLS encryption for any two way connection where possible.

    Know how to switch off your laptop's or device's wifi either by switch and/ or hotkey. Not only for emergencies, but if on battery will extend battery life if not on wifi.

    3G/4G an alternative to depending upon "free" wifi. Though I am not happy an option to block fallback to 2G is not available to my knowledge despite this being a hacker trick.

    Carry an 10' Cat 6 Ethernet cable in your bag too. On rare occasion you can plug directly into an establishment's wifi router in the back for a direct connection.
    Last edited by Fascist Nation; 2015-05-05 at 19:59.

  15. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    Even with Ethernet cable, watch out for possible 'malvertising' from any landing page you might be faced with.

    A portable router/hotspot might offer additional protection.

  16. #13
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    Weirdly enough an amazing number of these portable wifi router/hotspots do not have NAT and/or SPI firewalls built in. SPI would sure be nice since NAT is incompatible with OpenVPN.

  17. #14
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,202
    Thanks
    49
    Thanked 987 Times in 917 Posts
    Quote Originally Posted by Fascist Nation View Post
    NAT is incompatible with OpenVPN.
    Not according to OpenVPN.
    https://openvpn.net/index.php/open-s...atibility.html

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •