How to Prevent a Coffee Shop Wi-Fi Attack: Page 2
How can we protect ourselves? Fortunately, there are a few relatively simple things we can do to make things safer.
Start by being a little paranoid. If it seems too good to be true, it probably is, right? Additionally, here are a few more things you can start doing today to improve your wireless risk exposure:
If you use a Wi-Fi service that requires you to enter your account information before you can connect, double check that youre actually connected to your provider before entering the information. More than likely, the login screen that your browser automatically takes you to will be SSL encrypted over HTTPS. Take a moment to view the SSL certificateif your mobile device lets youand the URL to double check that youre talking to your Wi-Fi provider and not a rogue web site set up to collect your credentials. That is, dont trust the login page until you know it is legitimate.
Once connected to the Wi-Fi, invoke a secure VPN connection. Strong VPNs should be IPsec-based, but even PPTP will suffice. The point is to encrypt all of your traffic that goes through the local Wi-Fi, even if the Web pages and other network content are not otherwise encrypting. This will prevent the sniffer-in-the-coffee-shop attack from successfully stealing your sensitive data. If your company doesnt have a VPN to use, consider using a public VPN services.
Especially if you didnt heed my warning regarding VPN usage above, you really want to ensure all your sensitive information is being encrypted while it transits the local Wi-Fi net. That means SSL typically. To the extent possible, make sure all applications that send/receive sensitive information, login credentials, etc., are configured to use SSL for all sessions. And, as in the case of the Wi-Fi provider login page, take a moment to validate SSL server certificate validity whenever you connect to an SSL-based service.
Free Public Wi-Fi
Its not uncommon to see a Wi-Fi connection dubbed Free Public Wifi. It is in fact neither. Instead, its due to a Windows bug and should simply be avoided.
These tips are just a starting point, of course. The main message is to be a little apprehensive when using your hyper-mobile device. A little bit of mistrust here will go a long way to protecting you.