Traveling over the Holidays? Watch Your Wireless

I spoke with Shannon Michael, director of communications at iBAHN, a provider of secure Wi-Fi and wired connections, often in public places (hotels, conferences, and the like). But this wasn't the usual phone call. Shannon was in her car in the parking lot of a nice hotel in Utah with her laptop by her side, demonstrating how even the best hotels can have lousy Internet security for their guests.

I watched her screen via remote access as she demonstrated that within three keystrokes of firing up her computer, she was looking at all the people connected to the hotel's wireless LAN. We could see each PC's name and its shared folders displayed. We didn't open anyone's files, but it would have been just as easy to copy their files as it was to see their PCs. And we were just using Windows Explorer. With a few extra free tools available for download from the web, we could have obtained much more personal information.

Even without any special tools, it was a no-brainer for me to simply look at the name of the PC that appeared on the network (people often use their own name like "Greg Jones PC" as identifiers) and Google them to find out a bit about them. In other cases, we saw that the computer's name contained their company's name—almost as bad.

Sharon and iBAHN have been reporting their findings and demonstrating that shared LANs are not very secure places. For the more technical among us, their report says, "Whether wired or wireless these LANs can leak many unencrypted packets, including LAN broadcast and multicast traffic (e.g., NetBIOS announcements, DHCP and ARP queries) and Wi-Fi management frames (e.g., Deauthenticates, Disassociates)." You can download a copy of the whitepaper from the site.

Of course iBAHN, which charges a fee to use its service, reports that because it handles installations with a combination of LAN and WAN (actually installing the physical network), it is more secure than other LANs, but that's really beside the point. It's doubtful that you'll be making your next hotel reservation based on the hotel's Wi-Fi provider. But iBAHN did share its advice for keeping yourself safe when you log on to hotspots over your holiday.

1. Don't name your PC with an identifying name like "Robin Raskin PC."
2. Disable or block all shared networking services while traveling.
3. If you're a corporate user with access to a VPN, use it when you travel. A VPN sets up a direct, more protected tunnel from your laptop to the office.
4. Use a firewall, preferably a third-party one.
5. Use file encryption (available in Windows XP Pro or from third parties).
6. Use public Wi-Fi access from a proven vendor with a known SSID (even if you have to pay for the connection).

Chris Null provides step-by-step directions on how to log in, turn on encryption, and rename your SSID (basically, this is your router) when setting up a wireless connection. For those who want to be even more vigilant, you can follow these instructions to enable the MAC filter, which instructs your router to keep unknown computers off your network.