TWiT.TV — with Leo Laporte & Friends

Running time: 28:21

Download MP3 file

Please install Flash to use the web based podcast player.

Subscribe... ----------------------------------- iTunes Google Zune Other podcast clients (pcast:// compatible) RSS

Leo Laporte and Steve Gibson

I've posted Security Now! Episode 10. Get your copy at the usual places...

Main feed - courtesy AOL Radio

In this episode we discuss security concerns with wireless access points.

First, we revisit last week's podcast on rootkits. After doing the show we tested RootkitRevealer on a number of machines and discovered numerous false positives. For example, Norton's Protected Trashcan uses rootkit technology to hide files from other programs. Kaspersky Anti-Virus also shows up as a rootkit. Neither are security risks.

Now on to wireless access points. Leo used NetStumber to look at unprotected systems in his small town. Two-thirds were open, whether intentionally or not. If you're a home user turn on WPA encryption to protect yourself from snoops and block attempts to hack your system.

If you're using an open access point at a coffee shop, hotel, airport, and so on, you are at risk. If you're using SSL for email, or logging into a secure server (like your bank or Amazon.com's store) you're data, including the form, is protected. Otherwise, your data is visible. Anyone using a packet sniffer like Ethereal can see your data. Protect yourself by using your corporate VPN to encrypt your session, or subscribe to a VPN service like Anonymizer, HotspotVPN.com, or PublicVPN.com. An SSL-based service will pose fewer configuration and firewall issues than a VPN using IPSEC or PPTP.