Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I in real danger?


  • Please log in to reply
3 replies to this topic

#1 ferdin

ferdin

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 05 December 2010 - 03:26 PM

First, my setup
-Windows 7 Home Premium
-use the built-in firewall
-UAC on max
-in Windows public wireless network settings, besides the default settings, I have 1)set to block all media streaming, and 2)turned off public file sharing
-fully patched Windows, Office, Firefox, Flash Player, Java, etc, etc....everything

-I always make 100% sure I connect to the expected wifi and not someone's laptop tricking people into using it as a wifi.

-Whenever I log into a site I care about, I always log in using https. All of my email accounts (gmail) use https. I really don't care if anyone sees my websurfing (forum posts, google searches, etc).

-------Questions
Regardless of whether or not my AV would detect and stop malware that actually made it onto my computer, let me ask
1) what are the chances of malware getting onto my computer from the lan/wifi? (not asking about malware coming from email, websites, flash drives, etc. Only asking about the possibility of getting something from the public lan/wifi)

Also, assuming no malware got onto my computer at all, what (and how great) is the danger to
2) my data on my computer (from being stolen or viewed)?
3) the sensitive data I transmit using https being seen or stolen and unencrypted?

I'm asking for real world ("in the wild") dangers at any random free wifi like Starbuck's etc, but not about every possibility or about methods that require skill or equipment extremely unlikely to be encountered.

btw, I know there are further steps I could take for better security than the ones I mentioned above, however, for now, I need to get an accurate, but not overly paranoid, picture of where I stand with my current set up. I'm hopeful there are people here that can give me perspective.

Thanks.

Edited by ferdin, 05 December 2010 - 03:32 PM.


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 AM

Posted 05 December 2010 - 05:22 PM

I need some extra info before I try to answer your questions.

1) you use a strong password for all the accounts on your Windows 7 machine?
2) so you have no open ports (listening in tcpview) on the network interface that connects you to the public network?
3) do you know if you get a private or public IP address from the public networks you connect to?
4) you use a different password for each site you care about, and don't use these same passwords on http sites?

Edited by Didier Stevens, 05 December 2010 - 05:34 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 ferdin

ferdin
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 06 December 2010 - 04:14 PM

I need some extra info before I try to answer your questions.

1) you use a strong password for all the accounts on your Windows 7 machine?

No password at all, but it shouldn't matter because of my setup and my answer to number 2, right? (I can't be worried about zero-day attacks. In life one has to decide where to draw the line on worrying about things, and in computer related matters, I'm not going to worry about being a victim of a zero-day attack. I'm just no going to live like that.)

2) so you have no open ports (listening in tcpview) on the network interface that connects you to the public network?

None.

3) do you know if you get a private or public IP address from the public networks you connect to?

Whatever Starbucks does. I'm assuming they're private and they're using NAT.

4) you use a different password for each site you care about, and don't use these same passwords on http sites?

Yes.

Thanks.

Edited by ferdin, 06 December 2010 - 04:14 PM.


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 AM

Posted 07 December 2010 - 04:38 AM

Your firewall is a single point of failure (technical errors and human errors).
The probability of technical errors is rather small, but you've to guestimate the probability of human errors.
You accept this risk, I don't run this risk with my machines.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users