[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: wreless internet security



PureBytes Links

Trading Reference Links

>I'm running W2k and wonder if someone can tell me what I need to do to 
>protect my computer when at wi-fi hotspots , like staying at hotels with 
>wireless internet. I'm concerned about people being able to get my 
>passwords, etc for my brokerage accounts, etc.  I have the free 
>ZoneAlarm and also a Linksys wireless router with built in 
>firewall....... but usually I do not use it as a wireless.  When I do i 
>use WEP encryption.

You can't use WEP unless the wireless service to which you're connecting
requires you to use it.

Generally, there are much easier ways to sniff passwords and such
than by intercepting and decoding a wireless transmission.  So many
people fall victim to keystroke loggers that it isn't worth the
effort to do it other ways.  It is very rare that someone actually
gets a password by looking at internet packet traffic, and if you
have a decent broker, that traffic should be encrypted (i.e. you see
a https instead of http in the address bar of your browser).

You can also get an account with a broker who issues you a
continually-changing password key.  Interactive Brokers does that
with all their clients.  They sent us a gadget that looks like a
calculator, and generates a different password every time, so even
if someone intercepted the password, it's no good when they try to
use it.

Use your internal firewall for all wireless usage.  Also, take
some basic steps to protect yourself from nasty things that
browsers tend to download.  Replace your HOSTS file (best one is
at http://www.mvps.org/winhelp2002/hosts.htm and it's updated
frequently).  Also run SpywareBlaster once a month, updating it each
time (this program doesn't run in the background, all it does is
populate IE's "prohibited sites" list with a bunch of addresses that
you don't want to connect to).

-- 
  ,|___    Alex Matulich -- alex@xxxxxxxxxxxxxx
 // +__>   Director of Research and Development
 //  \     Unicorn Research Corporation -- http://unicorn.us.com 
 // __)    HTML FORMATTED MAIL SENT HERE WILL BE REJECTED AS SPAM.