Nowadays, many people got many benefits from the wireless network(hotspot) that've been installed in many place, especially the town square or coffee break place. It means that now internet is an easy thing to get. Now, we will speak about securing your pc or laptop on a wireless network location that called hotspot.
Public Wi-Fi hotspots seem to be available in more locations than ever before. If you move between them a lot or are just getting started, following these security precautions can help keep your machine safe and secure. For this article we look at security steps in Windows 7, but most of these tips and suggestions will work in XP, Vista, and even other operating systems as well.
Enable Your Firewall
Whether you use the Firewall built into Windows or a 3rd-party app like ZoneAlarm, make sure it’s enabled before signing on to a public hotspot. Click on Start then Control Panel, make sure View by large icons is selected then click Windows Firewall.Then select Turn Windows Firewall on or off…
Then make sure it’s turned on under Home or Work and Public network location settings.
Turn Off All Sharing
File and folder sharing is a great feature in Windows 7 at home, but when you’re on a public network, you don’t want others to see your data. To turn it off, click on the Network icon in the Taskbar and select Open Network and Sharing Center.
Then click on the Change advanced sharing settings hyperlink.
Now make sure to Turn off file and Printer Sharing and Turn off Public folder sharing…make sure you save the changes when you’re done.
Use Correct Public Wi-Fi Connection
Rather than having to worry about changing your settings every time you log on to a Public Network. When you first connect to the Public Hotspot, Windows will ask you to select a location for the Network. For example here we want to connect to the local coffee shop Wi-Fi.
Make sure you choose Public Network…
This will automatically turn off File Sharing, Network Discovery, and Public Folder Sharing.
Use HTTPS Protocol
If you use regular HTTP protocol when connected to a public network, all of your text information can be easily found by an evil geek with a packet sniffer. You will want to use HTTPS (Hypertext Transfer Protocol Secure) or SSL wherever you can. For example you can set your Gmail and other Google services to always use https when connecting. Open your Gmail account settings, under the General tab scroll down to Browser connection and select Always use https. Again, make sure you click to Save Settings at the bottom of the page.
Then when you go to any Google services linked with that account, you will see https:// before the URL in the Address Bar.
It will work for any browser you’re using.
Another thing to check on your browser to ensure you’re using https is to look for the lock icon in the lower right corner of your browser.
Firefox Addons
If you’re using Firefox and don’t want to worry if Google services switch to https, then check out the OptimizeGoogle addon. Among other awesome ways it allows you to customize Google, you can set it to have all services use https when able.
Another handy Firefox addon from the EFF (Electronic Frontier Foundation) is HTTPS Everywhere. It will switch to https protocol for several major sites, and you can write your own rulesets with it as well.
Private VPNs
Even with using the addons above, not all sites you visit will be protected with SSL encryption. If you want to make sure you have extra protection, go through a VPN (Virtual Private Network). This `llows you to route your data traffic though a separate and secure network. There are several different free and subscription services that will do this for you but we’ll just take a look at a couple.
ProXPN is an easy to use VPN client. You need to create an account first, then download and install the client. After that log into your account and you’ll be connected to their secure VPN without worrying about traffic from your machine being on the hotspot.
They offer a free and premium version. We found that our connection could be slow at times using the free version, especially on multimedia sites. If you find you’re using Hotspots a lot, you might want to pay the $5/month for the premium version which did produce faster speeds, and ensures higher levels of encryption.
Hotspot Shield is another popular and easy to use VPN utility that runs in the background and creates the VPN automatically.
The biggest caveat is it will display ads and try to install crapware on your machine. Make sure to uncheck any crapware it tries to offer you.
While it will annoy you with ads, it is free and easy to use. If you only need to use it occasionally while at a Hotspot, it might be worth the ad annoyance.
Another thing you might want to consider is setting up your own VPN on your computer or on Windows Home Server. We’ll be writing up a full step by step tutorial on how to create your own VPN in the near future, so stay tuned.
Disable Wi-Fi When not in Use
If you’re not using your Wireless connection while you at a hotspot, simply turn it off. This can be hard to remember, and annoying if you’re constantly doing research online while working. But if you can plan your work around times when you don’t need to be online for good chunk of time, just turn it off. Click on the Wireless icon on the Taskbar right-click the network you’re connected to and Disconnect.
Windows Updates
Make sure you’re keeping your machine updated with the latest security fixes from Microsoft. In the geek community we all know the 2nd Tuesday of every month is called “Patch Tuesday”, when the team from Redmond send out the latest security fixes to plug holes and fix vulnerabilities in the OS, hardware drivers –including wireless patches, and other installed software like MS Office.
However, some vital patches might be released before then so make sure you’re receiving Automatic Updates. You don’t have to have them download and install automatically, but you can have Windows notify you when fixes are available and you can research if you want to add them or not. When in doubt, it’s usually best to just install the updates, and keep note of what they are so you can uninstall them if you find something isn’t working.
Update Antivirus Software
This should also go without saying, but keeping your Antivirus software is extremely important on all of your machines especially on a large public network where there can be a lot of malicious software lurking.
While this is microsoft security essentials, no matter what brand you use, make sure Real-time scanning is enabled.
Use Your Best Judgment
- Get to know the folks who are operating the Wi-Fi Hotspot. Ask them the type of encryption they are using on the router and if they seem to know basic Wi-Fi security. If not, you might want to use a different location – especially if they have it wide open.
- Don’t enter personal information connected to a Wi-Fi Hotspot unless you’re completely sure everything is safe and encrypted. If you need to do Internet Banking, wait until you’re at home or in the office.
- Busy hotpots like at an airport or hotel can have a lot of people on it, who knows what their looking at, but there most certainly are some “bad guys”. Try to use smaller locations like at a library or coffee shop.
- When in doubt, just don’t connect. If your online activity can wait, just hold off until you’re sure you’re on a secure network.
- Make sure and follow the guidelines described above, if you just connect and leave everything open, there is only yourself to blame.
from : howtogeek.com
Bluetooth is the industry specification for personal area networks (personal area networks, or PAN) without wires. Bluetooth connects and can be used to perform the exchange of information between devices.
Spesification of Bluetooth devices was developed and distributed by the Bluetooth Special Interest Group. Bluetooth operates in 2.4 GHz frequency band using a frequency hopping traceiver capable of providing voice and data communication services in real time between bluetooth host-host with limited distance.weakness of this technology is a short range and low data transfer capability.
The presence of bluetooth makes a person no longer mess around with what cable, what color, heading nowhere, and must be plugged in where. The function of the interconnection between the equipment can be replaced by bluetooth chipset that is placed in a built-in electronic equipment related.
The name "Bluetooth" is derived from the name of the king at the end of ten centuries, Harald Blatand which in England is also called Harald Bluetooth. Connotation is not so far wrong, because according to mythology story, supposedly Bluetooth-haired and dark skinned. He likes to eat blueberries or strawberries, then it is worth when the tooth Blatand become bluish or blue tooth.
He is the king of Denmark who has managed to unite the tribes that previously fought, including the tribes of the area now called Norway and Sweden. Even the Scania region in Sweden, where bluetooth technology is found to also include territories. King's ability as a unifier is also similar to bluetooth technology now that can connect various devices such as personal computers and mobile phones.
While the Bluetooth logo comes from the German unification of the two letters which are analogous with the letter H and B (short for Harald Bluetooth), namely H (Hagall) and Runic letter (Blatand) which are then combined.
Beginning of Bluetooth is a wireless communication technology (without cable) that operate in the 2.4 GHz unlicensed frequency band ISM (Industrial, Scientific and Medical) using a frequency hopping transceiver is capable of providing voice and data communication services in real-time between bluetooth host-host with limited service reach distance (around 10 meters).
Bluetooth card that uses the IEEE 802.11 radio frequency standard with a limited range of services and lower ability to transfer data from card to Wireless Local Area Network (WLAN).
Bluetooth formation promoted by five large companies Ericsson, IBM, Intel, Nokia and Toshiba to form a Special Interest Group (SIG), which launched this project. In July 1999 document bluetooth specification version 1.0 was launched.
In December 1999 started again making bluetooth specification documents version 2.0 with the addition of four new promoters of 3Com, Lucent Technologies, Microsoft and Motorola. Currently, more than 1800 companies in various fields to join in a consortium as an adopter of bluetooth technology. Although the standard Bluetooth SIG is currently 'owned' by the promoter group but he is expected to become an IEEE standard (802.15).
WiFi HotSpot As we know, hotspots or wireless internet access with standard 802.11b / g are not familiar stuff our ears, and when we go in public places like the Mall, Cafe, hotels and offices, with our easy to find the facility ..
Unfortunately not all providers offer wireless Internet facilities for free, or if free. extremely limited.
One of the protection used wireless service providers is to restrict Internet access based on MAC Address.
What is MAC Address?
In computer networking a Media Access Control address (MAC address) or Ethernet Hardware Address (EHA) or hardware address or adapter address is a quasi-unique identifier attached to most network adapters (NICs) ..
Okay so the conclusion MAC Address is a unique number that distinguishes each network device that is attached dikomputer us.
An example is the hotspot in hotel hilton. At hilton hotspot The Wireless Internet service providers, limiting the use of the Internet is free only for 3 hours, after that you can not access the Internet again, and would not be able to access again tomorrow. Type of protection used is MAC Address Filtering.
How to break through the protection with a MAC Address?
There is a very useful tool for anda.Tools was named K-MAC Download Dicini
With this tool you will be able to change your MAC-Address instantly and what does it mean? You can break the MAC Address Protection!. Each share of Internet access you run out in 3 hours, you need to do is change your MAC address, and do the connection.
I add more for info. WEP/WPA/WPA-2 cracking passwords using
programs are available in packages of OS backtrack
kismet
Kismet is a security tool that runs Linux, Kismet is used to eavesdrop on data traffic in the Internet network.
Aircrak-Aircrak-PTW PTW is a tool used to crack wireless protected. Each of these notebooks with different specs, so any way to use aircrack different.
One trick is also used to search for passwords which are used by someone to access hotspots that use prepaid cards.
Simple tool that prepared aja sih:
Software required:
1. Angry IP Scanner
2. Technitium MAC Address
Immediately wrote now to how:
# Find the location of the hotspot service provider, certainly in the area of affordable hotspot network is ..
# Turn on your laptop, and also turn on your wireless network and see the wireless network system tray icon, then right click and select view avalible wireless network, and of course after that you must connect to a wireless hotspot your destination.
# After connect, right click the system tray and select status> choose details tab> look there ip given to us. Write down the ip.
# Open the program AngryIP Scanner 2.21 and enter the ip range that we will scan (ip data used were we) at the top. For example: 135.125.1.13 IP that we can then enter the ip in the first column of our range in accordance with an earlier but instead of ip numbers at the end of the first to be 135.125.1.1 and the second column write the same but the number one end was replaced with 255 to 135 125 .1.255. result is 135.125.1.1 to 135.125.1.255 and click start (red button).
# After scanning then we'll get a live ip data connected with these hotspots. after scanning is complete then see the ip of the living (alive hosts) blue right click on the live ip ip Right-click on the blue color was right click> show> mac address and there will be a code mac address (mac addresses sometimes there does not appear, select Just the other ip). Write down the mac address that we get.
# Open the program Technitium MAC Address v5 release 3 which we have prepared. There is a mac address field. well now just change the mac address with which we got earlier and press change mac id.
# Wait for our mac will be replaced and a temporary connection and connect again automatically disconnected itself.
# Go to the firefox web browser, or anything goes. Enjoy Free Internet.
One thing to remember is that our system is the transfer of passenger data to hack an account that we had.
It can outsmart the status of hotspot login page enter it (to account). For example status and so go there it looks prepaid card code number and we simply keep track of, then logout and log back into the hotspot's login page quickly enter the password earlier. This will make us can directly access the Internet without a ride again (because that make us prepaid card code) so if anyone wants to login to use the card (which had a code) when you log in using the card of course he can not enter because prepaid cards.
"Already logged".
How about it, interesting is not it?
But I suggest, as I do is to ride alone, because I do not want to go too far, like the way I Tell to log off and log in again will surely make the owner can not log in. Request permission directly is also a possibility that had not refused, the origin of his interests is urgent.
For Ip Scanning can also use the application Dude, download it here, to determine the condition of the computers connect to the hotspot. Can be tried too ya ..
Hmm, i have some usefull tools again, check it.
WEP and WPA KeyGenerator
Wireless Key Generator
run it live programs generate,, and coffee directly into the network key. ...
Or also you used this application "wifi password finder"
seach it self in search engine :D, all this is just for learning, as long as we are still able to use the legal why not wrote. And this can also be used by the hotspot owner, if in this way can still be used to break into. So it needs more security.
When a WLAN client moves from the range of one Access Point (AP) to another in the same subnet, it needs to find the best AP, decide when to roam onto it, associate with it and do any authentication required, as per your security policies. Then the wired network has to relearn the location of the client, so that data can be sent to it. All of this takes time and this is without the client having to worry about getting a new IP address! The scanning and decision making part of the roaming process (see How to Make your WLAN roam faster) allows the client to find a new AP on an appropriate channel as the user moves. When this happens, the client must associate with the new AP. It must then, assuming that it is an 802.1x supplicant (see The EAP Heap), reauthenticate with the RADIUS server. This is transparent to the user - but the delay in this happening may not be. It can take up to a second for association and authentication to occur (see below for implications and solutions). IAPP
The next part of the process is for the rest of the network to be made aware that the client has shifted. This calls for AP to AP communication, which was never catered for in the original 802.11 spec. Vendors had their own way of passing updates; however 802.11f, the Inter-Access Point Protocol, has now been now published by the IEEE as a trial-use standard - it sits in this state for two years before being submitted as a full-use standard - to facilitate multi-vendor AP interoperability. IAPP calls for the new servicing AP to send out two packets onto the wired LAN. One of these is actually set with the source address of the client (the standard says this should be a broadcast, however some implementations still use unicast to the previous AP or a multicast) and is used by intervening switches to update their MAC address tables with the client’s new location. The other is an IAPP ADD-notify packet from the new AP to an IAPP multicast address that all APs subscribe to, which contains the MAC address of the station it has just associated. All APs will receive this packet, and the one that had been associated with that station will use the sequence number included to determine that this is newer information and remove the stale association from its internal table. IAPP provides for the sharing of information between APs. The format of this information is specified, as "contexts" but the actual content is not defined, so it’s not yet hugely useful as far as vendor interoperability is concerned. Also IAPP has no specific provision for security. Who Cares?
So, worst case, you’re probably looking at about one second where your client can’t be reached over the network. For a lot of clients and applications, this isn’t an issue. If you’re walking from one room to another carrying your laptop, and you want to use email or a web browser, it’s not a problem. In fact, most TCP-based applications will be able to handle this sort of hiccup (remember that in this instance there’s no address change). UDP applications are less able to handle interruptions, and unfortunately, these are the ones where a break would be most noticed by the user. The killer? Voice. Not only is VoWLAN UDP-based for the bearer traffic, but it’s also the one application where you are likely to be using it as you move between APs. And you are definitely going to notice a one second hit. Which is presumably why the vendors that are pushing fast roaming for 802.11 are the ones squarely behind the use of wireless handsets in an IP Telephony environment, such as Cisco, SpectraLink and Symbol. Related standards
In fact these are three of the companies behind the drive for a new IEEE Working Group to create a standard to handle faster Layer 2 roaming. There are several related standards and works-in-progress, but none that actually cover this specific aspect:
* As already discussed, IAPP—802.11f—isn’t designed for speed.
* 802.11i, the security standard (not yet ratified) has provision for secure fast handoff, but it’s too security specific for this requirement.
* 802.11k—Radio Resource Management—might help in that it should cater for faster discovery of APs. Again, not yet finalised.
* 802.21 isn’t specifically for wireless LANs at all. It’s aimed at the handoff between heterogeneous networks (wired, 802.11, Bluetooth) and while it will deal with inter-ESS roaming (ie subnet to subnet in a WLAN), it won’t speed up the Layer 2 process which is needed prior to any Layer 3 interaction. This was the P802 Handoff Study Group, and is just in the process of kicking off now.
Fast roaming now
In the meantime of course, there are proprietary solutions. The two parts that need to be speeded up to cut down outage times are the scanning process (to allow clients to find new suitable APs to associate to), and, specifically for security, a faster way of reauthenicating to cut out the RADIUS request/response process. There are things that can be done to speed up the time it takes for a client to find another suitable AP. An AP can maintain information on its adjacent APs, which it can pass to a client on request—this will give the client a better indication of usable channels to scan, for example. The biggest time saver, however, is reckoned to be in localising the 802.1x authentication process. Cisco has incorporated Fast Secure Roaming into its Wireless Domain Services (WDS) portfolio as part of its Structured Wireless Aware Networking offering, which in effect allows an AP on each local subnet to act as the authenticator for clients. When a client (or other AP) goes through the initial RADIUS authentication, it does it via one AP running WDS. This lets that AP establish shared keys between itself and every other entity in the L2 domain, and allows for quicker reauthentication. Plans are for this capability to be included in Cisco’s router/switch platforms later this year as part of its SWAN development. Symbol provides similar functionality in its hardware, while Airespace) also caters for fast roaming in its wireless switches and appliances, and companies such as Bluesocket, which use gateways to control pretty dumb APs, manage everything centrally. Proxim handles things differently, pre-authenticating clients to nearby APs as well as the one currently in use in preparation for the client moving. So before you get excited about Layer 3 roaming, make sure you understand how your vendor of choice implements it at Layer 2. If that bit’s not fast enough to stop you losing traffic, you’ll never be able to move across subnets. It’s likely to be years before there’s a usable standard in place and in the meantime while you can probably get APs from different vendors to work together, there’s no guarantee of interoperability if you want to turn on their various fast roaming options.
