I use personal firewall, SSL/TLS and VPN to secure my hotspot access.
Much less fuss. Works great on Windows XP. Easy instructions at
<http://wireless.wikia.com/wiki/Wi-Fi_How_To#Secure_Internet_access_in_a_public_hotsp ot>.
-John
On Sun, 30 Jul 2006 16:47:15 -0400, "Roger Parks" <roger@bogus.bog>
wrote in <opiuwepro8u.tdir0vw8aa3zqx@uye73jy3rj>:
>> Assume some very highly skilled computer wireless technology
>> professionals
>> are trying to bug your laptop with key loggers and other snooping spy
>> software.
>
>Do you mean something like this?
>
>http://www.ethicalhacker.net/content/view/66/24/
>
>Or perhaps a more straightforward, ARP/MIM attack tool:
>
>http://www.oxid.it/cain.html
>
>I share your concern, and as one who travels and uses hotspots a lot, I
>switched to Linux and use the following tools. You may be able to
>find similar tools/functions for windows (e.g. Prevx to prevent buffer
>overflows; Snort; etc.) - the important thing is to understand
>what the exploits are, and how the tools can help you.
>
>(others will certainly disagree with my setup....below :-) )
>
>
>- Kismet - to quietly monitor the environment/lan for any untoward
>activity before the connection. If you have a second card, you can run it
>during the connection as well.
>
>- Arpstar - to detect and prevent any ARP spoofing on my box.
>
>- Snort - to detect any browser exploit, and/or netcat insertion that
>might get by the firewall
>
>- Hardened chroot jail - to contain any WAN-connected client that might
>be exploited by a zero-day exploit that Snort doesn't recognize. Let the
>shell look about in there; :-) or try to break out.
>
>- Buffer/stack overflow protection. The most common exploit, and in case
>it tries that, the browser and connection is terminated instantly
>
>- TOR - encrypt everything that comes and goes. Mail and/or web mail is
>ssl encrypted within the TOR connection.
>
>- Frequently Spoofed MAC - 'case kiddees want to put a face on an
>address, and pick me out for "special" treatment - just to watch me wince
>- or if the house keeps too many logs for too long (heh, mostly they'll
>see a bunch of TOR connections - maybe a plaintext Google news connection).
>
>- Samhain - Ongoing integrity checks to see if anything in the browser
>jail (or anywhere else) has unexpectedly changed.
>
>My little Linux laptop has all of the above on it and flies; my XP box
>(same box, different partition/OS) has only snort and TOR, and it slowed
>it down to a crawl. I will NOT go public with XP.
>
>Same tools will help protect your WAP/firewall/router. Be sure to use
>WPA/AES encryption.
>
>It is striking - how some of the hotspots become "nasty" on Friday and
>Saturday nights! Good Luck!
--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>
Re: Best way to protect a laptop from highly skilled hackers and professionals 
Linear Mode
