security ata public wifi

iamskippy

Saw a local cafe has wifi and want to take my laptop. To be secure do i need to have encryption?

I understand the cafe will be my ISP when i am on their network. Can they see my hard drive? Can eircom see my hard drive at hom,e?

Is sniffing the only way some one could see my data? I have a firewall -comodo- and antivirus and anti spyware and that will prevent them getting in so they would have to sniff?

ED E

Public wifi's are always risky. Local files are off limits, but anything transmitted is very vulnerable. When I'm on a public wifi i dont touch things like Paypal or anything sensitive. If you use a remote access system to view another machine, you open that up to attack.

In short, public wifi= Email*+Facebook+News/Weather only.

*Technically, your email is exposed, but getting logins to that alone shouldnt be enough without security Q's etc etc.

iamskippy

Lethal_Bullet wrote: »

Public wifi's are always risky.

I know

Local files are off limits,

You mean files on my pc are off limits to hackers?

but anything transmitted is very vulnerable.

by sniffing is it?

When I'm on a public wifi i dont touch things like Paypal or anything sensitive.

I do not plan to do anything with money or bank account.

I created a limited account for it and what about a sandbox or virtual windows, that be necessary?

Thanks for your help;)

ED E

Well, once you have a firewall in place you're drive is just as safe as when you connect from you're home line or a Midband device(excluding vulnerability due to local networking).

The weakness is you have no control over the router and local infrastructure. At home its you're router and should be secure enough(once you change the passes and AFAIK). At a public/foreign AP though the owner, or anyone else who has connected to that hardware could very well have modified local software to their own ends or could have been badly setup.

Also, a VM wouldnt help really as even though its a different machine, once they're on the drive they're on the drive, doesnt make a difference. A second 2.5" with a "sacrificial" OS install would be an option though, if you were really paranoid.

Bob_Harris

When you join a new network your firewall should prompt you to choose a network type.

Choosing the network type as Public will tighten up the security on your computer, blocking access to network shares etc.

Make sure the network you are going to join is actually run by the establishment you think it is. There's nothing stopping the guy living upstairs creating a wireless network then stealing users credentials if they join and use the net.

iamskippy

Lethal_Bullet wrote: »

Also, a VM wouldnt help really as even though its a different machine, once they're on the drive they're on the drive, .

is that tue of a sandbox?

Bob_Harris

iamskippy wrote: »

is that tue of a sandbox?

Your concern shouldn't be what is on the computer, but what is being sent and received from the computer.

So it makes no difference if you are using your physical computer or a VM installed on top of it to browse the web on a public WLAN.

The only instance where someone can access file on your computer is if you have them in a folder which is shared over the network. But, if you set your firewall to public network mode, it will block all access to any form of shared files or media on your computer.

iamskippy

Bob_Harris wrote: »

Your concern shouldn't be what is on the computer, but what is being sent and received from the computer.

ok

So it makes no difference if you are using your physical computer or a VM installed on top of it to browse the web on a public WLAN.

Fine but I am curious. i understand from googling that a VM and the real machine are sort of networked without being networked
http://ask-leo.com/does_running_windows_in_a_virtual_machine_protect_me_from_viruses.html

The only instance where someone can access file on your computer is if you have them in a folder which is shared over the network. But, if you set your firewall to public network mode, it will block all access to any form of shared files or media on your computer.

OK, thank you

Bob_Harris

iamskippy wrote: »

Fine but I am curious. i understand from googling that a VM and the real machine are sort of networked without being networked

A VM is independent of your physical computer, yet they fundamentally use the same network connection.

Depending on the virtualization software, you can configure your VMs to be networked in a certain way to your physical PC. Either you can use NAT, which creates a private network for the VMs, or you can bridge your VMs so they appear as a completely different computer on the network.

The VM needs to have it's own anti-virus and firewall installed if security is a concern. The anti-virus on the physical computer will not pick up viruses on a VM.

It's easy to restore a VM to a previous state using snapshots, this is why they are considered ideal "sandboxes". i.e. if you get infected with a virus, you simply revert back to a healthy snapshot and the virus and all changes made since that snapshot will disappear.

iamskippy

Bob_Harris wrote: »

A VM is independent of your physical computer, yet they fundamentally use the same network connection.

Depending on the virtualization software, you can configure your VMs to be networked in a certain way to your physical PC. Either you can use NAT, which creates a private network for the VMs, or you can bridge your VMs so they appear as a completely different computer on the network.

The VM needs to have it's own anti-virus and firewall installed if security is a concern. The anti-virus on the physical computer will not pick up viruses on a VM.

It's easy to restore a VM to a previous state using snapshots, this is why they are considered ideal "sandboxes". i.e. if you get infected with a virus, you simply revert back to a healthy snapshot and the virus and all changes made since that snapshot will disappear.

;)cheers for that, very interesting