cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Former Administrator
Posts: 8,592
Registered: ‎11-19-2007
Location: US
Views: 423
Message 1 of 3

What protections against side-jacking and other threats on open networks?

 

 

I'm sure many of us find open "free" networks while traveling - in some airport lounges, in coffee shops, bookstores, etc.

 

When connectivity is available, it seems tempting to sign into Facebook, or Twitter to update status or see what is going on.  But last year, I read a bit about firesheep and other similar applications that could be used to sniff data and allow another person to potentailly capture the login / passwords of those around them.

 

How prevalent is this danger and what actions can we take to protect ourselves other than just not using open networks?

 

Mark

mlande
Fanfold Paper
Posts: 5
Registered: ‎11-11-2011
Location: Not Provided
Views: 420
Message 2 of 3

Re: What protections against side-jacking and other threats on open networks?

If using an open wi-fi, before logging into any site, make sure the site is using SSL (look for the https:// in the address). Even better, assuming you're able, is to use a virtual private network (VPN) connection. Many of us have a VPN connection available through our jobs. For those that do, logging into the VPN and then browsing through there is your safest available bet on an otherwise open wi-fi connection.

Aiscer Microsoft MVP
Microsoft MVP
Posts: 11
Registered: ‎11-27-2011
Location: Manila, Philippines
Views: 410
Message 3 of 3

Re: What protections against side-jacking and other threats on open networks?

This actually talks about how cookies can be captured OTA (Over the Air). The only true way is to use an https:// connection when going through any Social Networking site i.e: Facebook, Twitter, Google+, etc. etc. since data is streamed or transferred through a TLS/SSL (Transport Layer Security/Secure Socket Layer). Though this will not be enough I seek also a Public Connection with a higher level of  Wi-Fi security or authentication using WPA2 with an AES encryption standard. 

 

Also, we need to take note of that we also need to make sure that when on a Public Network that we disable any File and Printer Sharing and Network Discovery. In Windows 7, the Network Location Awareness (NLA) feature found in the Network and Sharing Center does this automatically on Public Networks if the settings were left on default. 

In most browsers right now, there's an option to disallow websites to track your location. All the better will be to use InPrivate browsing when in IE, Incognito when in Google Chrome or Private Browsing in Firefox, these modes will not keep any session cookies without you worrying to delete them manually once you close the browser.

Microsoft MVP - Consumer Security

Check out current deals!


Shop current deals

Top Kudoed Authors