Tuesday, 10 March 2009

Protecting your computer on a public network

Do you own a laptop? Have you ever used your laptop at a public wi-fi (wireless internet) location to use the free (or paid) wireless internet services? Often, places like Libraries (or at least some libraries here in Toronto), Starbucks, Coffee Shops and even some restaurants offer a wireless internet service which anyone can use if they bring along their laptop or mobile computing devices.

Why should you care about protecting your computer while using pubilc wi-fi netoworks?

Although this is pretty cool, one thing that you must be aware of is that using these networks might not always be the most secure thing to do. Using public internet might mean that you are opening up your computer for lots of snoopers and malignant people to take advantage of your computer. In fact, after a recent visit to the library I noticed that many people (unknowingly I presume) were actually sharing the files on their computer with everybody else in the network. As a result, anyone else on the network was also able to freely access these shared files and folders. What’s more? Some people even stored files (fortunately, being the good citizen that I am, I did not open these files or do anything malicious with them!) in these folders!

What does all this mean?

It means that if you use your computer on a public network, you have to be extra secure.Theoretically, someone could delete files, edit files and even transfer malicious files to the computer to execute code (plus, if you never visited any website or downloaded anything… and you get a Windows UAC prompt, you’re likely to just click Confirm and allow the malicious application that some transferred to your computer to happily go on performing its evil tasks!)! If this doesn’t sound more scary than Conficker, I don’t know what will.

How can you protect yourself?

Protecting your computer while using public networks should be the first thing you do, even before you start using the network. In this post, I’m going to assume that most of you will be using Windows Vista. The settings for Windows XP (you might want to make a google search if you are unsure… most things that I mention here for Vista also apply for XP, but configuring them for XP might be a little different) are similar, but since most laptops now come with Vista, I’ll only cover the Windows Vista and Mac OS X in this article.

The first thing that you should do is turn off all File Sharing.

To do so on Windows Vista:

  1. Double click on the “Internet Icon” in the system tray in your taskbar. In the picture below, it’s the icon between the “Battery Icon” and the “Volume Adjustment/Speaker Icon”. Doing so should take you to the “Network and Sharing Center”. If there’s no “Internet Icon” then, you’ll have to open your start menu (or click on the “Windows Orb” and type in “Network and Sharing Center”. image
  2. In the '”Network and Sharing Center”, under Sharing and Discovery click on arrow beside any topic that has a “Green” light (meaning that the sharing for that area is turned on.. and anybody on the network will be able to see whatever you are sharing). Then, simply select ‘Turn Off’ and click ‘Apply’.image
  3. Then accept the Windows UAC prompt.
  4. Repeat steps 2 and 3 for any other feature for which file sharing might be turned on.

Doing so will make sure that no files/folders, be it the Public folder on your computer or any other folder, is shared on the network.

On a Mac, the process is similar. Click the Apple Button on top left hand corner, choose ‘System Preference’ and go to ‘Sharing’. There, uncheck all checkboxes to make sure that your computer isn’t sharing anything.

Step 2: Use a firewall to prevent any direct connections from other computers

Often, although you might disable any sharing of files, other computers might still be able to connect to your computer through any other ports (think of them like ‘doors’) that might be open. So naturally, the best and easiest way to protect yourself, although not the most ‘sure fire’ way, is to turn on a firewall that will try and block most of the attempts to access your computer. If you don’t yet have a firewall, you might want to consider getting a free firewall if your computer is not running too slow (although if it is running a bit on the slower side, you might want to check out this article to speed up your windows computer).

At the very least, turn on Windows Firewall, which will prevent incoming connections (or others) from accessing your computer.

Step 3: Use an anti-virus program and keep your computer updated

Well, there isn’t much you can do after you’ve secured all the entry ways into your computer, so the only other ways to make sure that nothing else malicious is already on your computer and there are no ‘security’ holes in your computer are to run Anti-Virus software and keep your computer updated.

As for the Virus software, you don’t always have to turn on heuristics for it to keep on searching your computer all the time and making it really slow. Like I mention in my article to make your computer a bit faster, just turn on it’s basic settings and let it perform a scan once in a while when you are not using your computer. However, if you do across a suspicious (and when I mean suspicious I mean really suspicious…. like a birthday greeting card from your friend) just manually scan it.

Also, don’t forget to let Windows install the Microsoft updates when it bugs you do.. you don’t always have to do it right when it starts bugging you to.. but it’s a good idea to do it when you have the time.

Got a question, tip or comment? Send them to beyondteck+question@gmail.com and we'll try to answer it in a blog post!

No comments:

Post a Comment