|Read about Lisa|
But far less attention has been paid to securing wireless laptops, PDAs and smartphones. The next time you visit...
a hotspot, browse your Network Neighborhood. There's an excellent chance that you'll see another hotspot PC advertising itself (and its public shares) by sending NetBIOS over wireless. Turning on a personal firewall -- whether built into your OS or through a third-party product like ZoneAlarm -- can avoid this common mistake.
Now, let's say that you have Windows Internet Connection Firewall enabled on your wireless connection. You use a VPN client when connecting to your company's network. You let Windows Update automatically apply new patches. You run AntiVirus software with auto-update enabled to protect yourself from this week's newest worm. You've made a serious attempt to apply security best practices to your wireless laptop. Are you completely safe?
Spies among us
PestPatrol defines Spyware as "Any product that employs a user's Internet connection in the background without their knowledge, and gathers/transmits info on the user or their behavior." For example, Hotbar is software that adds graphical skins to Internet Explorer toolbars. In addition to this "primary" functionality, Hotbar monitors your web activity, interacting with third-party advertisers to supply information about websites that you visit, the products that you buy, and the topics that might be of interest you. This information is used to target your computer with product advertisements -- yes, those annoying pop-up ads.
This example is typical of Spyware -- a program that you install to provide one function, but is actually designed to track and report on your activity to others. Spyware may be bundled with other shareware that you download and execute, or installed by clicking on an ill-advised link in spam email or a web page. Some spyware even asks for your permission to spy on you -- in the End User License fine print that few users ever read, displayed briefly during installation.
Spy vs. Spy
There are many programs available to help detect the presence of Spyware programs and help eradicate them. Several well-known, reputable examples include PestPatrol, Ad-Aware, Spybot, and McAfee Antispyware. Many such programs not only assist with Spyware cleanup, but can help you to prevent Spyware installation in the future. Here are a few sites where you can learn more about Spyware defenses: CoreCom Spyware Resources, PestPatrol Spyware Research Center, and SpywareWarrior Forum.
BUT: Be very careful that anti-Spyware is not itself Spyware or some other kind of malicious code (e.g., remote access trojan, keystroke logger, DDoS zombie)! A program that shows up in a Yahoo! or Google search on "Spyware" could have been written by anyone, for any purpose. Careless browsing or download is probably how Spyware infected your system in the first place -- don't compound that mistake by repeating it with another Spyware program. Avoid programs like AdWare Remover, SpyHunter, AdDestroyer, and others that appear on this excellent list of Rogue/Suspect Anti-Spyware Products.
In addition, WLAN owners may want to consider checking for Spyware in scan-on-connect security measures. For example, read my review of Sygate Security Portal or take a look at products like InfoExpress CyberGateKeeper, Cisco Network Admission Control, Microsoft Windows Server 2003 Network Access Protection, and Perfigo CleanMachines. These are just a few of many new products that have emerged to help companies defend their network from a backdoor attack by infected or under-secured devices.
About the author
Dig Deeper on Wireless LAN Implementation