Settings for wifi network when travelling

dee_can · Mar 23, 2013

Hi,

I'll be travelling next week and staying in a motel. I'm going to take my laptop with me, but I've never taken it out of the house, or used it with any other network but my own. I'll post a photo of my current settings I use at home; can you tell me which ones to change for optimal privacy/security when I'm travelling? Thank you.

Digerati · Mar 24, 2013

The two obvious ones I see are the two sharing settings. You don't need to share your files with anyone else on the motel's network, and I doubt you will be taking your printer - or want to share that either.

Do make sure you have run Windows Update before departing, that your anti-malware solution is fully updated, and your firewall it up.

Also, note that many, if not all motels/hotels have Ethernet in the rooms in place of, or in addition to public wireless access. I would recommend you use Ethernet whenever possible and disable wireless when not in use (wireless disabled is easier on battery life too).

niemiro · Mar 24, 2013

In addition to the above advice, if you get a prompt asking where you are connected (Home/Work/Public), don't just click "Home" as you probably normally do, but do actually select Public Location. That will immediately make most of the necessary settings changes for you.

Then when you return, if necessary, re-select Home when prompted (if it doesn't prompt, it has remembered OK).

Richard

LilBambi · Mar 24, 2013

In addition to the great thoughts above...

One thing about using anyone else's networks ... Your email client software may not be the best way to check email, UNLESS you are using SSL on POP email accounts or SSL IMAP.

If using standard POP/SMTP in you email client, which passes your email password 'in the clear', then you would be better off using your email server's web mail alternative as long as it uses https:// .

Worst case if you go ahead and use standard POP/SMTP, change your password when you get home...just to be safe. I am not kidding!

Also while away from your own ISP, using SMTP to send will not work properly unless you use the mobile port - port 587 instead of 25 for SMTP/outgoing mail in an email client.

TheCyberMan · Mar 24, 2013

Hi Dee do you know whether the motel you will be staying at has only wireless access or does it have an ethernet socket in the room as Digerati advised?

Disable netbios overTCPIP also in your TCPIPv4 settings.

To do this go to start>control panel>network and sharing centre>change adapter settings:

Right click Local Area Connection and Wireless Network Connection one at a time:
Choose Properties
Highlight Internet Protocol Version(TCIPIPv4)
Choose Properties
Click on WINS
Select Disable netbios over TCPIP
Click OK and OK again.

dee_can · Mar 24, 2013

Thanks everyone for your advice. It would be really nice if the motel does have Ethernet capability. I just checked, it's says "complimentary high-speed, wired and wireless Internet access". So, I'm guessing 'wired' means ethernet? I would adjust some of the suggested settings just the same, but I wouldn't have to worry about privacy or security if I use ethernet, right - and I can check email with no worries?

Digerati · Mar 25, 2013

So, I'm guessing 'wired' means ethernet?

Yes it does. :)

I wouldn't have to worry about privacy or security if I use ethernet, right - and I can check email with no worries?

You always have to worry about privacy and security - it is just easier when all your data is not being broadcast 100s of yards in all directions.

So you MUST ensure your firewall is up, Windows is fully updated, and your anti-malware solution is running and current. Then you must avoid risky behavior like illegal filesharing via torrents and P2P sites, or visiting illegal porn or gambling site, or being what I call "click-happy" with unsolicited links, attachments, and downloads.

I might suggest you visit a local coffee shop that has free Internet. Connect, do your thing, disconnect, go home and scan the heck out of your machine to ensure you are still clean - just to feel familiar and comfortable connecting to other networks.

dee_can · Mar 25, 2013

Eek. I'm tempted to not take the laptop. ; ) Or, maybe just playing Spider Solitaire with no connections wired, or otherwise, sounds safer. I do appreciate your advice, Digerati. If I decide to bring my computer, I'll follow everything you recommended. Thanks.

niemiro · Mar 25, 2013

dee_can said:
Eek. I'm tempted to not take the laptop. ; ) Or, maybe just playing Spider Solitaire with no connections wired, or otherwise, sounds safer. I do appreciate your advice, Digerati. If I decide to bring my computer, I'll follow everything you recommended. Thanks.

However, to put it in context, you should remember how many people bring laptops away with them without any sort of protection at all, and almost always escape unharmed. Especially the newer versions of Windows are good at doing as much as possible for you, at least all of the important stuff (Home/Work/Public, etc.).

Follow the recommendations we have made here, yes, be careful, yes, but other than that, you should be safe enough to bring it along. Everything in life is a slight risk, but this one is not excessive in my opinion.

Richard

LilBambi · Mar 25, 2013

Another thought would be to get a cellphone wireless dongle from a cellular provider that you know works in the area you are going. Or connect using your smartphone to your cellular provider and skip the hotel hotspots entirely.

Issues with free hotel hotspots:

Ask the Expert: Am I Safe Using My Laptop in My Hotel Room

How to minimize the risks of using free public WiFi hot spots

Can hotels sniff my internet traffic?

Dangers of Free Public Wifi

I think if you have ever used Kismet or other packet sniffing programs; or seen what a rogue AP can get from your data going out over the Internet, it would definitely be good to be aware of the possibilities.

Corrine · Mar 25, 2013

Hi, Dianne.

First things first -- have a great trip!

In checking your logs from LandzDown, your computer is Windows Vista, 64-bit and you were planning on replacing AVG with MSE as your antivirus. Since one of the primary reasons for taking your laptop is to check your e-mail, I am sure you will be fine following the suggestions provided. In addition to Digerati's suggestion about ensuring MS Updates are installed, please be sure you have the latest Adobe and Java updates as well, since lately they have move vulnerabilities than ever.

Java
Due to the increasing number of Java vulnerabilities, it is my recommendation to remove Java where possible, although most games require Java. I suggest you disable it when not needed. See my article, Java, The Never-Ending Saga. Please be sure you have updated Java to version 17 (available from here: Java Version 7 Update 17). Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional

Adobe:
Make sure you have the latest version of Adobe Reader, 11.0.02. The update is available here: Update. Make sure the "Protected View" is enabled, as illustrated in my blog post at Adobe Reader and Acrobat Critical Security Update.

To verify the Adobe Flash Player version number installed on your computer is 11.6.602.180, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. If you don't have the latest version, direct download links are available:

Non-IE (Opera, Firefox, Etc.): http://download.macromedia.com/get/...ensing/win/install_flash_player_11_plugin.exe
Windows XP, Vista and 7:
Flash Player For Internet Explorer 7, 8, 9, 10: http://download.macromedia.com/get/...sing/win/install_flash_player_11_active_x.exe

Most times when a security update is released for Adobe Flash Player. Adobe AIR is also updated. Check for the latest version of Adobe AIR here: AIR Download Center. Again, beware of pre-checked add-ons. They are not needed.

Safe travels, Dianne!

Digerati · Mar 25, 2013

Digerati said:
You always have to worry about privacy and security - it is just easier when all your data is not being broadcast 100s of yards in all directions.

So you MUST ensure your firewall is up, Windows is fully updated, and your anti-malware solution is running and current. Then you must avoid risky behavior like illegal filesharing via torrents and P2P sites, or visiting illegal porn or gambling site, or being what I call "click-happy" with unsolicited links, attachments, and downloads.

Sorry! I had no intention of scaring you. Those are the same "safe computing practices" used on our home computers and home networks - we just need remain a little more conscious of them when traveling. That's all - so we don't let our guard down in unfamiliar surroundings.

So, except ensuring you have sharing disabled (which should be automatic when connecting to a "public" network) this is no different, and easy, especially with newer versions of Windows.

Notebooks were created for road warriors - millions and millions of people who, almost on a daily basis, carry their personal, and company secrets on their notebooks while traveling and they remain secure. Making sure it is updated, and secure before hitting the road is simply checking tire pressures and fluid levels.

Seriously, your biggest problem is "physical security" - making sure your notebook doesn't get left behind somewhere, or grow legs and wonder off when you aren't paying attention.

Use good passwords.

(If you are having problems with malware or hackers at home now with this notebook, then we should deal with that before hitting the road.)

****

I see Corrine added something while I was typing and I agree with everything but would emphasis if you don't need Java, get rid of it. Critical new vulnerabilities are constantly being discovered, and Oracle has a history of pushing out underdeveloped patches that are less than effective. Consequently, Homeland Security's , US-Computer Emergency Readiness Team recommends as a solution to "Disable Java in Web Browsers". I uninstalled Java several months ago and have not missed it.

cluberti · Mar 25, 2013

Digerati and the others are right, and what you want to do isn't that difficult (and yes, potentially tens of millions of us do this EVERY DAY :)) - when connecting to the new network and when prompted, choose "Public" as the connection type as has been previously suggested. All sharing and ports not explicitly open by programs in the public profile that are needed for communications are closed (including all sharing, ICMP, and broadcast interface ports). A good firewall (the Windows firewall would be considered a "good" firewall), up-to-date antivirus, a secure user password, and you're fine to use your laptop on a public network. And yes, wired is safer than wireless, but not by much - assuming your system meets the aforementioned requirements, you will be fine if you are as safe with what you do with it on the road as you are in your home.

TheCyberMan · Mar 25, 2013

If has wired connection Dee use that and follow the good advice you have been given and sensible surfing habits and you should be fine.

If for any reason you do not have a socket for ethernet and are forced to use a wireless connecion use a VPN service to connect to the internet thru the router if unencrypted this way your connection will be encrypted and not open for all to sniff.

Below is a link for OpenVPN:
OpenVPN - Open Source VPN

You can still use this if the router is encrypted and it will seperate you from the motel network as you will only be passing thru the router and connecting to OpenVPN servers for your connection.
Enjoy your break.

LilBambi · Mar 25, 2013

Not trying to scare her either, but it's good to be aware of the possibilities out there when you are not in the safety of your own home network.

dee_can · Mar 26, 2013

Thanks again for all of your advice. I do keep my computer updated, have MSE, a couple of antispyware/malware programs, and I took Java off my computer a (few?) months ago when the last scare came out. I have to say I don't even notice it gone; and as a bonus I don't have to worry about keeping it updated (not that I have to tell you guys, I'm sure).

Thanks for the well wishes Corrine. :wave:

Digerati · Mar 26, 2013

I do keep my computer updated, have MSE, a couple of antispyware/malware programs, and I took Java off my computer a (few?) months ago when the last scare came out.

That's great! It sounds like you are good to go.

One little comment. You say you, "have MSE, a couple of antispyware/malware programs". MSE is already a decent anti-spyware/anti-malware program (and the one I use). It is generally recommended to have only one real-time anti-malware running at one time to avoid conflicts and waste of resources (I like to compare it to two dogs eyeing the same meaty bone - they are spending too much time watching each other and not guarding the house). So most experts have one program running in real time, and they keep a couple more on hand for supplemental scanning to ensure nothing got by the primary scanner. For example, I have MSE running full time, but I periodically run manual supplemental scans with Malwarebytes Antimalware (MBAM) and SuperAntispyware (SAS).

Corrine · Mar 26, 2013

Dianne has the free versions installed, Bill, not the licensed/real-time.

Digerati · Mar 26, 2013

Works for me. Thanks.

Temmu · Mar 28, 2013

also - download and install the mvp hosts file.
it contains a list of know sites that install malware on your pc.
you will be shocked to discover those are mainly coupon and shopping sites.
personally, i believe this (not going to these listed, bad sites) to be one of the most important things you can do to protect your computer.

Blocking Unwanted Connections with a Hosts File

Settings for wifi network when travelling

Contributor

ModeratorHardware ExpertMicrosoft MVP (Ret.)

Senior Administrator, Windows Update Expert

BSOD Kernel Dump Senior Analyst

Networking Expert

Contributor

ModeratorHardware ExpertMicrosoft MVP (Ret.)

Contributor

Senior Administrator, Windows Update Expert

BSOD Kernel Dump Senior Analyst

Administrator, Microsoft MVP, Security Analyst

ModeratorHardware ExpertMicrosoft MVP (Ret.)

Senior Member

Networking Expert

BSOD Kernel Dump Senior Analyst

Contributor

ModeratorHardware ExpertMicrosoft MVP (Ret.)

Administrator, Microsoft MVP, Security Analyst

ModeratorHardware ExpertMicrosoft MVP (Ret.)

Well-known member

Moderator
Hardware Expert
Microsoft MVP (Ret.)

Moderator
Hardware Expert
Microsoft MVP (Ret.)

Administrator,
Microsoft MVP,
Security Analyst

Moderator
Hardware Expert
Microsoft MVP (Ret.)

Moderator
Hardware Expert
Microsoft MVP (Ret.)

Administrator,
Microsoft MVP,
Security Analyst

Moderator
Hardware Expert
Microsoft MVP (Ret.)