Wireless Access

I have a Compaq Presario R3000Z Notebook PC with a 802.11b/g wireless card and Windows XP with SP2.
I am concerned about using the notebook for internet transactions in a wi-fi environment outside of my home.
Does anyone have some suggestions how to make the notebook more secure in this environment?
Of course, I use a firewall and disable file and printer sharing when on line in a wi-fi connection.

Thanks for any help you can provide.

I'm not certain what you mean by "internet transactions", however, any finacial transactions being done over the internet should be done using an encrypyted channel, whether or not wireless is involved.

Reputable e-commerce or e-business websites use a technology known as SSL to provide this encryption from your computer to their servers, so working wirelessly from anywhere would not be an issue, however, any communications that cross the internet in plain text (including email) are still open to eavesdropping.

Still confused or perhaps more confused?

Let me simplify it this way - once you have a properly configured firewall, anything you are safe doing over a wired link, is safe doing over a wireless link. If your transactions are browser based and you can see the little padlock in the status bar, you're OK.

Withou knowing more about your internet transactions I can't be more specific.

The specific transactions I refer to are on line banking, credit card purchases, etc. I am aware of the SSL feature but when I read info about wireless security, for example at Microsoft's web site, it is suggested your user names, passwords, etc can be stolen. I have read about wireless snifer devices that can capture your passwords. Perhaps I'm being paranoid, but I am very concerned about using my notebook in a public wi-fi environment.

Thanks

Hi Michael:

You'r talking about two diferent things! Like Ernest Ford already told you: - "any finacial transactions being done over the internet should be done using an encrypyted channel, whether or not wireless is involved" Witch is why SSL is used.

In this case the data you'r exchanging with your bank is being encrypted, "hackers" can still sniff your data, but will be sniffing encrypted data.

Now what u r talking about microsoft, means that, u can also encrypt the wireless connection, but if you'r using a wireless connection that doesnt bellong to you, like a public one, you are limited to the security of that particular wireless network.

In a wireless network you can configure the authentication type and the encryption type, if the wireless network is using WEP encryption there's a change "hackers" can penetrate the same network, but if the network is using WPA or WPA2, it's not likely, or even impossible that the same network is compromised. So if u want, u can try and make shure that wpa or wpa2 is being used to secure your traffic.

Having a firewall is also a pretty important security feature, so be shure to have your firewall always active.

There's alot to be said about wireless Security, with would be too long for this thread. So in resume, try and make shure of four things

1) you have a firewall;
2) the site you r exchanging confidencial information is a trusted one and is using SSL;
3) Wireless encryption should be WPA or WPA2, WPE is not secure.
4) hope i'm not forgetting something..... ;)

regards,
hugo

Thanks for the clarification, Hugo.

I had read some hackers are able to see your confidential data as it being typed on your keyboard, i.e. before it's sent over an encrypted wi-fi network. So I was wondering if anyone had come across a way to prevent this from happening.

Again, thanks for your kind reply.

yes that's true, but it easy to prevent that, the only way anyone will be able to view what you r typing before the information is sent, is with a keylogger, a little program installed in your computer that records every key you press, this little program can then be configured, for exemple, to send the logs to an email address.

But for this program to be instaled in your computer without your permission is quite dificult.

The intruder has two option:
1: it has phisical access to your computer;
2: it install the program over the internet.

To prevent the 1st you should always have your computer protected with a strong password, and never leave it unsuprevised without bloking it first.

To prevent the 2nd you have to be careful when surfing the net, a program cannot be instaled in your computer without your authorization, but you may be giving that access without knowing.

So never install nothing you don't know what it is, always have a firewall and a anti-virus active, and you should run from time to time a anti-spyware software, like ad-aware personal (free).

Final note: most of this keylogger software, is detected by the anti-virus as a possible trojan.

regards, hugo

Thanks for all the help.