Stealthing Netbook on the Network

A

Audiochris

[H]ard|Gawd
Joined
Dec 23, 2000
Messages
1,290
I recently installed Linux Mint 8 on my netbook. This is a machine that I carry around as an internet appliance and something that I can word process on. I have information on it that might be considered sensitive. When i'm at coffee shops, hotels, airports, or other wifi hotspot, I don't really want to be advertising myself on the network. I've enabled the firewall and set the rules to deny all incoming connections unless I explicitly allow it. I have removed samba. I went to GRC and did the shields up test and everything came up clean. I also can't see the computer on my home network from windows, os x, or another linux machine. Can I assume I am reasonably safe from most run of the mill attacks?
 
Define attack. Attacks directed at you are not the most effective. Your biggest problem in coffee shops would probably be passive sniffing or man in the middle attacks. To be absolutely safe, you'd need to VPN to a safe network and use it's resources.

Don't browse sites that would give away info you don't want other users (or the shop owner) knowing. Sensitive transactions must be secured. Beware the SSL certificates you receive. Use your own DNS servers (not the ones given via DHCP - though this could piss off certificates for captive portals).

Another thing that is often over looked - what happens if your laptop is stolen? Did you leave any sensitive data on it? Does it have inherent access to networks you don't want a thief getting into?
 
I always use a vpn at hotspots, use open DNS for my name servers, and I'm using full disk encryption in case of theft. I realize the chances of me being a deliberate target are small however I do want to make sure i'm taking the correct steps to safeguard my data as much as possible.
 
Don't run as root. Assuming Mint does that but since I've never played with it I don't know for sure.

Make sure bluetooth is off unless necessary.

Keep your browser and any Adobe products updated.

Feel free to post your firewall rules and the output of "netstat -an | grep LISTEN" for review.

Other than that, most your of the precautions you've taken are very good.
 
Let's not forget physical attacks: theft of netbook, people looking over your shoulder, watching your keystrokes, etc.
 
Well, you actually sound like an ideal user - now if we could only get more people on that bandwagon...
 
Audiochris said:
I always use a vpn at hotspots, use open DNS for my name servers, and I'm using full disk encryption in case of theft. I realize the chances of me being a deliberate target are small however I do want to make sure i'm taking the correct steps to safeguard my data as much as possible.
Click to expand...

This. All of the above. Secure SSH/PPTP server, OpenDNS or GoogDNS, and Truecrypt.
 
Looks like i've got it pretty covered then. thanks for the suggestions and comments.
 
You must log in or register to reply here.
Back
Top