I’m getting tired of answering questions at Yedda or Yahoo!Answers, then seeing my answers scraped and used as content on other people’s blogs. I’m probably going to keep answering the questions, but just answering with a pointer to a post here or at one of my other sites. Ordinarily, I’d put this particular answer over at another site, but I’m rebuilding it right now.
The question from cherris: “What about good firewalls? Most people think that just a good AV will help but what happens when you are on a wifi connection, one that might not be your own so you have no real line of defense?”
I’m not sure who “most people” are, but they would be wrong. Every computer should have a properly-configured software firewall as well as constantly updated anti-malware software installed. The hardware firewall built into your router at home might keep some bad guys out of your computer, but it doesn’t do a thing about anything on your PC that tries to communicate with the outside world. So if you put in a CD or other media that has malware on it, the malware communicates with its home computer on the internet somewhere, and your hardware firewall has no reason to care, right? But a well-configured software firewall would give you an alarm and stop that communication, and you would find the malware before it could take root in your PC and start sending your personal information all over the world.
Windows has had its own firewall for some time—since XP at least (I think it began there, but I don’t feel like checking to be sure right now). I happen to prefer other solutions, but using the Windows firewall is much better than nothing at all. I recommend Eset Smart Security as an excellent all-in-one solution for Windows users. It is easy enough for non-geeks, but highly configurable for geeks. It won’t slow down your system and performs extremely well in rigorous testing.
Of course, you want to check periodically to make sure that your firewall is on and working, because some malware will try to disable the firewall, or try to open a port to allow itself through.
Yes, your software firewall is also going to help protect you when you’re at a wireless hotspot, but there are also other steps you should take to protect yourself when you connect outside your home or office environment.
- First, make sure you physically disable your wireless hardware unless you are at a trusted hotspot. Otherwise, hackers can use it to connect to your computer and compromise your security.
- Make sure that windows file sharing is turned off.
- Make sure that you’re connecting to a legitimate hotspot. Bad guys like to set up honeypots with names like “hotspot” or “tmobile” or even “guest” . Check the directions for the place you’re at to make sure that the SSID you connect to matches what they say it should.
- Consider buying a subscription to a hotspot provider. T‑Mobile and Boingo (I’m sure there are others, but they come to mind) provide software that encrypts your connection for greater security.
- Use VPN, either through your employer or by signing up for one of the many personal options available now. (See LogMeIn Hamachi , which is free for non-commercial use.)
- Connect to a remote computer using GoToMyPC or a similar service.
Even with all of those precautions in place, don’t ever send any bank information, passwords, credit card numbers, or any other sensitive information across a wireless connection unless you’re certain that you’re on a secure site (look for the https in the URL and the padlock symbol in the lower right-hand side of your browser). Many sites offer two options for signing in, with one being slower but more secure. Always chose the slower, more secure option when you’re at a hotspot.