Re: Best way to protect a laptop from highly skilled hackers and professionals

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Quoted text here. Click to load it

Do you mean something like this? /

Or perhaps a more straightforward, ARP/MIM attack tool:

I share your concern, and as one who travels and uses hotspots a lot, I
switched to Linux and use the following tools. You may be able to
find similar tools/functions for windows (e.g. Prevx to prevent buffer
overflows; Snort; etc.) - the important thing is to understand
what the exploits are, and how the tools can help you.

(others will certainly disagree with my setup....below :-) )

- Kismet  - to quietly monitor the environment/lan for any untoward
activity before the connection. If you have a second card, you can run it
during the connection as well.

- Arpstar - to detect and prevent any ARP spoofing on my box.

- Snort   - to detect any browser exploit, and/or netcat insertion that
might get by the firewall

- Hardened chroot jail - to contain any WAN-connected client that might
be exploited by a zero-day exploit that Snort doesn't recognize. Let the
shell look about in there; :-) or try to break out.

- Buffer/stack overflow protection. The most common exploit, and in case  
it tries that, the browser and connection is terminated instantly

- TOR - encrypt everything that comes and goes. Mail and/or web mail is
ssl encrypted within the TOR connection.

- Frequently Spoofed MAC - 'case kiddees want to put a face on an
address, and pick me out for "special" treatment - just to watch me wince  
- or if the house keeps too many logs for too long (heh, mostly they'll
see a bunch of TOR connections - maybe a plaintext Google news connection).

- Samhain - Ongoing integrity checks to see if anything in the browser
jail (or anywhere else) has unexpectedly changed.

My little Linux laptop has all of the above on it and flies; my XP box  
(same box, different partition/OS) has only snort and TOR, and it slowed
it down to a crawl. I will NOT go public with XP.

Same tools will help protect your WAP/firewall/router. Be sure to use
WPA/AES encryption.

It is striking - how some of the hotspots become "nasty" on Friday and
Saturday nights!  Good Luck!

 Vista error#4711: TCPA / RIAA / NGSCP / WGA VIOLATION: Microsoft
 optical mouse detected Linux patterns on mousepad. Partition scan in
 progress to remove offending, unapproved products. Request permission,
 and apply for a new key to reactivate MS software at


Re: Best way to protect a laptop from highly skilled hackers and professionals

I use personal firewall, SSL/TLS and VPN to secure my hotspot access.
Much less fuss.  Works great on Windows XP.  Easy instructions at
< .


Quoted text here. Click to load it

Best regards,   FAQ for Wireless Internet: <
John Navas      FAQ for Wi-Fi:  <
           Wi-Fi How To:  <
Fixes to Wi-Fi Problems:  <

Site Timeline