MBP-Wireless security in airports & hotels

afaik as long as you have a password on your account you should be fine unless they know something about you

I travel a good amount and have never had a security issue and I have fileshare setup w/ password on my macbook pro. If anything it will be easier to see other windows based laptop's that are on the network

that is misinformation. all systems can be seen equally. but what kaltek does have right is as long as you have a password, nobody is even going to bother trying to hack you.

thats only if you have it configured properly on windows. I guess I should have rephrased that as it will be easier to see others on the network EDIT: I keep forgetting that vista finnaly fixed networking to work better But how many people use vista these days anyway

ive always just turned file share off when im out of home.

im sure something "COuld" happen, best to leave it off.

what? stop the papers! something works in vista?

Since others have covered people trying to hack into your computer, I will cover the opposite obvious that everyone has missed(Or I am just blind and didn't notice

With ANY open wireless access point, ALWAYS be careful what you transmit and where to. This applies to ANY computer, be it running Linux, Mac, or Windows.

If you are on an open unprotected access point, do NOT transmit any passwords(Meaning log into anything) unless at the very least the login provides encryption. Unknown to most people, email logins in most cases do NOT encrypt passwords, though you can set it up to do so depending on who provides your email. Another common culprit is FTP which standard FTP is ALL in cleartext. So anyone with a sniffer could get your password in either of those cases. SFTP(Aka FTP tunneled over SSH) IS however secure in most cases and should be fine to use, but always be aware of what you are using.

Websites, not all websites encrypt their logins via SSL properly. This is something to be aware of no matter WHERE you are as even on an encrypted and protected network, the moment it gets on the internet would still be in plaintext.

All of these are ways of someone finding out passwords by just using a simple packet sniffer. WEP access is not considered to secure these days either, if you are working with anything you really do need secure I would reccomend going with WPA access points. Or you could tunnel your traffic over SSH to a proxy for added security, or if on an unencrypted network that by itself can provide you with pretty decent security, from your laptop to the point of the proxy you use. However it does take some work and a computer to use for this purpose elsewhere.

Just a few examples of things to look out for while traveling, and some hopefully helpful hints. Again none of these are OS specific, they apply to EVERY OS just the same.

Seablade

one way of solving this is establishing a VPN just like a tunnel

A VPN is definitely another way of protecting yourself, however it will not solve some of the problems mentioned any more than a SSH proxy, namely sites not doing a good job of encrypting sensitive data, or using services that do not encrypt at all(FTP etc), as once they get past the VPN they still end up in the open.

Its amazing how much plaintext transmitted info there is out there without people even realizing it.

Seablade

yes i love using sniffers at coffee shops and at school libraries.

err... what do you guys use?

If you are really concerned about security there are companies that sell VPN access.
Witopia.net is the first to come to mind but do a search and shop around.

I create a SSH or SSL tunnel back to my home server and proxy my traffic back through that when on the road and not using my work VPN connection. I never ever surf directly from a public access point. Even then, I do my online banking and whatnot from a virtual machine running linux so that if by chance I do get malware/spyware/keyloggers on my windows box they cannot collect those passwords.

Download the NIST or NSA hardening guidelines for your OS and follow them. They do a good job of protecting your computer. They have version for Linux, Win2k, XP, 2K3, and OSX.

Disable all listening ports on your system and disable the ability to respond to icmp requests in the firewall.

If you have sensitive data on your system use Truecrypt or other virtual disk encryption tool and do not mount the encrypted volume when surfing.

also becareful of logging in or paying for airtime access on Phishing sites that look like the legit page out there.

If I am understanding this correctly, you are referencing running Linux in a VM on a windows machine, to prevent keyloggers on the windows machine from capturing passwords? Unfortunatly I do not believe this will work, as the key captures will still work I believe, as the VM still receives it keyboard input from the OS running it. Seablade