Books
in black and white
Main menu
Share a book About us Home
Books
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics
Ads

wireles network hacks mods - briere D.

briere D. wireles network hacks mods - Wiley publishing, 2005. - 387 p.
ISBN: 0-7645-9583-0
Download (direct link): wirelesnetworkhacks.pdf
Previous << 1 .. 74 75 76 77 78 79 < 80 > 81 82 83 84 85 86 .. 87 >> Next

One active step that you should always take when you’re in a hot spot environment, even if you’re taking other precautions, is to always use secure Web sites whenever you can.
For basic Web surfing, you don’t have this option. You can’t check the news on CNN.com at a secure version of the site — they simply don’t offer this option. But you can (and should) always make sure that you’re using an SSL Web site when you’re doing things like checking your Web mail, accessing a personal banking site, doing some online shopping, or any other activity where you share confidential information such as passwords or credit card numbers.
174 Part III: Wireless on the Go
You know you’re on a secure Web site because of two things:
The site’s URL starts with an https:/ / instead of a plain http://.
^ Your browser displays a yellow padlock icon (in most browsers, this appears on the status bar at the bottom-right of the window).
ijcJABE/?
JANG/
If you’re connected to a secure Web site, even if all of your other hot spot traffic is being intercepted, you can feel confident that the data you send back and forth with the secured Web site is not being read by the guy sitting across the room with his laptop out — at least not in any legible form.
Some Web sites have secure log-in using SSL, but they hide that fact from you. For example, Google’s Gmail service (gmail.google.com) has a secure login inside a frame within the overall window. Even though you don’t see the https:/ / or the yellow padlock, your log-in information is indeed secured. Unfortunately, the only way to know if your favorite Web site does this is to check out their FAQs or to ask them!
It’s very rare, but potentially you could connect to a hot spot that isn’t the one you wanted to connect to (the evil twin we mentioned earlier in the chapter) or that was set up by someone who is up to no good. On these rare occasions, a person could set up a fake Web site that looks like an online banking or other secure site and lure you into giving out your personal login data. You can avoid this by using authenticated hot spots or a VPN connection — but if you can’t do this, you can at least examine the security certificate of the Web site you’re visiting by double-clicking on the yellow padlock in your browser. Check to make sure that it’s actually the site you intend to visit. If you’ve got some really confidential information, and you’re not sure that you’re securely connected to the legitimate site you’re looking for, consider waiting until you’re back home!
Some ISPs (not most, but many) let you set up your e-mail client software to connect to your e-mail servers using SSL. This is a simple checkbox setting within your favorite e-mail client. (Outlook Express, Eudora, and Apple Mail all support SSL connections to the POP and SMTP mail servers.) Check with your ISP to see if they offer this option — if they do, get instructions from them to set up your e-mail client software for SSL. This keeps the e-mails you send back and forth from a hot spot secure. If you can’t use SSL for checking your ISP’s e-mail, you might consider switching to a Web mail service like Gmail, which is secure, at least while you’re on the road. Figure 10-1 shows these settings in Microsoft Outlook Express using Windows XP.
Chapter 10: Staying Safe on Any Wireless Network 175
Figure 10-1:
Setting up secure mai checking.
Making a VPN Connection
Connecting to a VPN requires a few different things, both on your PC and in the location that you’re connecting to “privately.” Specifically, you need
A VPN server or appliance at the remote location to terminate your connection. This is simply the device that your computer connects to on the remote end of the VPN connection. Most of the time, the VPN functionality is built into a company’s firewall or network security appliance. If you’re connecting to your corporate network, this may be a server or appliance that you own (like the NETGEAR ProSafe VPN Firewall (http://netgear.com/products/details/FVX53 8.php), which retails for about $550, but you may be able to find it for a couple hundred less). If you’re connecting to a service (like WiTopia or HotSpotVPN.com), the VPN server or appliance is owned and operated by the service provider. You simply need the IP address (and a few other bits of data) for this networked device.
If you’re using a VPN firewall to support more than a few users, look for a device that has been equipped with hardware accelerated encryption, which can help keep the throughput of your network from bogging down when multiple users access it.
VPN client software on your PC, which establishes the secure connection to the server and encrypts the communications, leaving the PC to
176 Part III: Wireless on the Go
ensure that they can’t be intercepted. A client can be as simple as your Web browser (for some more limited VPNs, your Web browser can connect via SSL and establish the VPN); it can be built into your operating system (both Windows and Mac OS X have support for VPN built-in); or it can be a separate piece of software that you install on your computer.
Previous << 1 .. 74 75 76 77 78 79 < 80 > 81 82 83 84 85 86 .. 87 >> Next