March 21, 2019

A Writer's View of the Wireless Dream - Part 2 - page 4

Into the WiFi Unknown

  • December 8, 2003
  • By Rob Reilly

WiFi, no matter what the platform, is just like the old Wild West, as far as security is concerned. Linux does offer a complete tool box of programs to help the laptop owner keep his machine and data safe. Here are some of the basic applications that you might want to investigate:

  • Snort - A general intrusion detection daemon that logs attempts to connect to ports on your machine.
  • Ethereal - A packet sniffing program used to watch information on a network interface. It works on wireless interfaces exactly like it does with a wired interface.
  • Personal firewalls - Programs that block access through ports into and out of your machine. My SuSE 8.0 Linux Pro CD set automatically installs a personal firewall by default.
  • Ettercap - Another packet sniffer that organizes and shows traffic between specific IP addresses on your network segment. Useful to discover what types of machines are attached to that wireless hotspot.
  • NMap - This program is used to get an understanding of the state of the ports on your Linux laptop, while connected to the network. Probably one of the most important security steps you can take is to turn off all un-needed ports on your machine. Usually when you are tied into an 802.11b hotspot you don't really need to have Apache, sendmail, etc. running. You'll probably have a dynamic IP anyway, so having these types of applications on, is kind of pointless. Unless you are doing portable servers, just turn those services off.

There are many arguments about the merits and limitations of various wireless security schemes. From my observations, using WiFi in public venues, is still in the pioneering stage. You are in charge of your own security. You should have your six-shooter ready and be willing to defend your system. Think about it, whenever you take your laptop to a hotspot, you are basically connecting to the open Internet. You really can't expect the hotspot providers to be responsible for the network security of your machine. The people serving me my double expresso aren't experts on open ports, firewalls and encryption schemes. And, after all, it's your choice to hook up and use their network. Fortunately, through the magic of Linux, you have many options and ways to make sure no bad guys get in.

Most Popular LinuxPlanet Stories