Photos: How to secure your wireless laptop

Here's how to use your wireless laptop securely--whether at home or in public

CNET Reviews staff
1 of 12
This slide show assumes you have a working wireless laptop. For our purposes we'll use a Acer Travelmate 8200 laptop running Windows XP SP2. Over the next few slides we'll discuss how to:

  • Meet network connections properties
  • Remove past connections
  • Make new connections on demand
  • Turn off ad hoc networking
  • Turn off file sharing
  • Use corporate VPN
  • Use free VPN services
  • The value of SSL connections
  • Use remote access services

2 of 12 CNET Networks
To get started, double-click on your Wireless icon. When the screen displaying "Choose your wireless network" appears, look to the left-hand navigation. Click Changed Advanced Settings. This should take you to Wireless Connection Properties.
3 of 12 CNET Networks
This dialog, with three tabs, is our starting point. Do not make changes on the General tab; leave these settings alone. Proceed instead to the Wireless Networks tab.
4 of 12 CNET Networks
Windows keeps track of every network you've connected to. That's both good and bad. Bad in that if it's a generic network, like Linksys WS54GS, a bad guy could spoof that router name so you automatically connect to him and not the legitimate network. See How to secure your home wireless network for details on how to change your home network's SSID. Aside from this it's also a good idea to periodically clean out your wireless connections list--remove any listings that no longer make sense, such as public networks or hotels. Leave only your secured home network and any you use for work.
5 of 12 CNET Networks
For those connections you use only occasionally, drill down and change the setting from automatic connection to on demand. That means when you take your home laptop into work, you should be prompted to connect rather than connect automatically. This is also true with a service like T-Mobile; you should be prompted to connect at a participating coffee shop or airpport. This is another layer of safeguarding against bogus routers. Go ahead and leave the automatic connection feature on for your secured home network and other networks you connect to all the time (work), but turn it off for *all* others. Thereafter, logging onto a network creates a few seconds of hassle, but the added security is worth it.
6 of 12 CNET Networks
You should already have a firewall enabled, either the Windows XP one or some third-party firewall like ZoneAlarm, Symantec, or McAfee, so leave the top section alone. On this tab you'll want to make sure that Internet Connection Sharing is turned off. Turning it on allows for ad hoc connections through your laptop. In other words, someone would connect to your laptop, and you would be able to share files and folders with that other person. In general, not a good idea.
7 of 12 CNET Networks
Now that your laptop is hardened with various security settings, let's take it out on the road. Whenever you connect to a public Wi-Fi network, or a non-secured private network, Windows automatically flags the network as insecure. That means it lacks encryption and everything you do online through that network might be read by someone else. Public networks have to be open, but home networks really should be secured with some form of encryption like WEP or WPA. For more on that, see How to secure your home wireless network.
8 of 12 CNET Networks
After connecting to a legitimate free public Wi-Fi, you should be asked to accept various terms of use. Not seeing this does not always mean you have connected to a bogus network, but you should see terms, since even the free provider is responsible for the content on its network. And seeing this is also not a safeguard as bogus network providers can simply copy an existing terms and usage page. Not seeing it should be a warning, however.
9 of 12 CNET Networks
Now that you've connected to a public network, you'll want to secure your connection. Virtual Private Networks (VPN) encrypt the data from your laptop to the Internet, end-to-end security. If you work for a company, you'll want to connect immediately to your Corporate VPN. This will ensure that all future activity from this hotspot is encrypted through your company's servers. Here we see a Nortel connection with the security banner provided by CNET.
10 of 12 CNET Networks
Another alternative for those without a corporate VPN is a free VPN service like Anchorfree.com (you will have to put up with some advertising in your Internet browser). Our private VPN services include HotspotVPN at $8.88 per month and Steganos Secure Traveler for $29.95 per month or $169.95 per year. These services allow the average person to enjoy secure public Wi-Fi networks.
11 of 12 CNET Networks
Stopping short of a full VPN service, you could use a public wireless network to connect to a Secure Socket Layer (SSL) site, like a bank (you can tell because of the https in the address bar and the tiny paddle lock in your browser window). While the connection would be secure, and your username and password would be encrypted, once you leave the SSL-enabled site, you will again be exposed. In general, good behavior online goes a long way toward staying safe. Avoid checking your bank accounts or other personal information while using a public Wi-Fi network. Save those transactions for when you're using your secured home or office network.
12 of 12 CNET Networks
A better choice if your company doesn't provide its own VPN connection and you don't want to go the route of a private VPN is to take advantage of a remote access service. Check with your IT department first, but these require a host application be downloaded and run on your office PC. Then, from any remote PC, you can access the service's Web site and log into your PC via SSL connection. The advantage here, and unlike most VPN service, is you enjoy complete remote access to your desktop computer, all files and all programs, plus you can surf anywhere on the Internet, using your host desktop as the secured PC. LogMeIn.com offers a free service for connecting remotely, and there are other paid services available as well.

More Galleries

Go Inside the Apple iPhone 15 and iPhone 15 Pro: See How the New iPhones Look and Work
iphone 15 in different color from an angled view

Go Inside the Apple iPhone 15 and iPhone 15 Pro: See How the New iPhones Look and Work

21 Photos
17 Hidden iOS 17 Features and Settings on Your iPhone
Invitation for the Apple September iPhone 15 event

17 Hidden iOS 17 Features and Settings on Your iPhone

18 Photos
Check Out the iPhone 15's New Camera in Action
A photo of a silhouette of buildings on the water taken on the iPhone 15

Check Out the iPhone 15's New Camera in Action

12 Photos
Astronomy Photographer of the Year Winners Reveal Our Stunning Universe

Astronomy Photographer of the Year Winners Reveal Our Stunning Universe

16 Photos
I Got an Early Look at Intel's Glass Packaging Tech for Faster Chips
Rahul Manepalli, right, Intel's module engineering leader, shows a glass substrate panel before it's sliced into the small rectangles that will be bonded to the undersides of hundreds of test processors. The technology, shown here at Intel's CH8 facility in Chandler, Arizona, stands to improve performance and power consumption of advanced processors arriving later this decade. Glass substrates should permit physically larger processors comprised of several small "chiplets" for AI and data center work, but Intel expects they'll trickle down to PCs, too.

I Got an Early Look at Intel's Glass Packaging Tech for Faster Chips

20 Photos
Yamaha motorcycle and instrument designers trade jobs (pictures)

Yamaha motorcycle and instrument designers trade jobs (pictures)

16 Photos
CNET's 'Day of the Dead Devices' altar (pictures)

CNET's 'Day of the Dead Devices' altar (pictures)

9 Photos