Why You Need a Software Firewall, and Security at Wifi Hotspots

I’m get­ting tired of answer­ing ques­tions at Yed­da or Yahoo!Answers, then see­ing my answers scraped and used as con­tent on oth­er people’s blogs. I’m prob­a­bly going to keep answer­ing the ques­tions, but just answer­ing with a point­er to a post here or at one of my oth­er sites. Ordi­nar­i­ly, I’d put this par­tic­u­lar answer over at anoth­er site, but I’m rebuild­ing it right now.

The ques­tion from cher­ris: “What about good fire­walls? Most peo­ple think that just a good AV will help but what hap­pens when you are on a wifi con­nec­tion, one that might not be your own so you have no real line of defense?”

I’m not sure who “most peo­ple” are, but they would be wrong. Every com­put­er should have a prop­er­ly-con­fig­ured soft­ware fire­wall as well as con­stant­ly updat­ed anti-mal­ware soft­ware installed. The hard­ware fire­wall built into your router at home might keep some bad guys out of your com­put­er, but it doesn’t do a thing about any­thing on your PC that tries to com­mu­ni­cate with the out­side world. So if you put in a CD or oth­er media that has mal­ware on it, the mal­ware com­mu­ni­cates with its home com­put­er on the inter­net some­where, and your hard­ware fire­wall has no rea­son to care, right? But a well-con­fig­ured soft­ware fire­wall would give you an alarm and stop that com­mu­ni­ca­tion, and you would find the mal­ware before it could take root in your PC and start send­ing your per­son­al infor­ma­tion all over the world.

Win­dows has had its own fire­wall for some time—since XP at least (I think it began there, but I don’t feel like check­ing to be sure right now). I hap­pen to pre­fer oth­er solu­tions, but using the Win­dows fire­wall is much bet­ter than noth­ing at all. I rec­om­mend Eset Smart Secu­ri­ty as an excel­lent all-in-one solu­tion for Win­dows users. It is easy enough for non-geeks, but high­ly con­fig­urable for geeks. It won’t slow down your sys­tem and per­forms extreme­ly well in rig­or­ous test­ing.

Of course, you want to check peri­od­i­cal­ly to make sure that your fire­wall is on and work­ing, because some mal­ware will try to dis­able the fire­wall, or try to open a port to allow itself through.

Yes, your soft­ware fire­wall is also going to help pro­tect you when you’re at a wire­less hotspot, but there are also oth­er steps you should take to pro­tect your­self when you con­nect out­side your home or office envi­ron­ment.

  • First, make sure you phys­i­cal­ly dis­able your wire­less hard­ware unless you are at a trust­ed hotspot. Oth­er­wise, hack­ers can use it to con­nect to your com­put­er and com­pro­mise your secu­ri­ty.
  • Make sure that win­dows file shar­ing is turned off.
  • Make sure that you’re con­nect­ing to a legit­i­mate hotspot. Bad guys like to set up hon­ey­pots with names like “hotspot” or “tmo­bile” or even “guest” . Check the direc­tions for the place you’re at to make sure that the SSID you con­nect to match­es what they say it should.
  • Con­sid­er buy­ing a sub­scrip­tion to a hotspot provider. T-Mobile and Boin­go (I’m sure there are oth­ers, but they come to mind) pro­vide soft­ware that encrypts your con­nec­tion for greater secu­ri­ty.
  • Use VPN, either through your employ­er or by sign­ing up for one of the many per­son­al options avail­able now. (See Log­MeIn Hamachi , which is free for non-com­mer­cial use.)
  • Con­nect to a remote com­put­er using GoTo­MyPC or a sim­i­lar ser­vice.

Even with all of those pre­cau­tions in place, don’t ever send any bank infor­ma­tion, pass­words, cred­it card num­bers, or any oth­er sen­si­tive infor­ma­tion across a wire­less con­nec­tion unless you’re cer­tain that you’re on a secure site (look for the https in the URL and the pad­lock sym­bol in the low­er right-hand side of your brows­er). Many sites offer two options for sign­ing in, with one being slow­er but more secure. Always chose the slow­er, more secure option when you’re at a hotspot.

Tags: , , , , , , ,

One Response to “Why You Need a Software Firewall, and Security at Wifi Hotspots”

  1. Evoco Says:
    March 28th, 2010 at 4:23 am

    Great post, very use­ful for a begin­ner like me”

Leave a Reply

This blog is kept spam free by WP-SpamFree.