|
How to Secure Your Wireless
Home Network | |
| | |
Wired or Wireless?
Wired LANs : Connects two or more devices via Ethernet cables. Wired LANs
typically use central devices such as routers, switches, and hubs when it
requires connectivity among a large number of computers.
| | |
Wireless
LANs: Connects two or more devices through air. The topology can be either
infrastructure mode or Ad-hoc mode.
Even though both wired and wireless home networks are having their own
advantages and disadvantages the current trend is installing wireless home
networks instead of wired home networks. This selection is mainly based on
three reasons.
� Ease of installation
� Mobility support
� Wireless is the future trend
Why wireless home networks are more vulnerable than wired networks?
Theoretically wireless LANs are less secure than wired LANs because
wireless communication use air/ free space as its communication medium and
hence any computer within the range and with a relevant hardware can grab
the signal from the air and access the network unless you take necessary
preventive actions. If an unauthorized person is able to access your
network, other than stealing your sensitive data stored in your computer
and consuming your network bandwidth, he can also use your network to
attempt a crime, send spam, as a part of a Botnet which generates DDOS
attacks. The activity could be traced back to you and you will be
considered as the wrong doer.
The following tips can be taken as precautions against such activities and
improve the security of your home wireless network.
1. Change default Administrator user name and password
Most home Wi-Fi networks use an access point or a router as their central
coordinator. In order to configure these devices manufacturers provide web
interfaces which are secured with a login screen where only the authorized
users can do this. Those default usernames and passwords are well known to
the hackers who are involved in this field. Therefore change the default
settings as soon as possible. Also don�t forget to change the guest
account settings too.
2. Change the default SSID
SSID is a network name used by access points and routers. Most of the
manufacturers preconfigured their products with the same set of SSIDs
according to their model. As an example Linksys devices are normally use
�linksys� as their SSID. If an outsider sees SSIDs such as �linksys� or
�NETGEAR� he probably thinks that this device left with the default Admin
or Guest account credentials. If he is interested on accessing your
network, he can easily do that since they are well known to the hackers.
Therefore change your default SSID with a new one which does not hint the
model of your device.
3. Disable SSID broadcast
Wireless access points and routers periodically broadcast the network name
(SSID). This is a suitable feature if you consider a business environment
or a mobile hotspot since clients will roam in and out of range. But if
you consider a home network this is an unnecessary feature. This will also
increase the risk of an outsider access into your network. Most of the
manufacturers provide an option to the network administrator to disable
this feature. Therefore make sure to use that facility.
4. Use WPA/WPA2 encryption
Encryption technology converts the clear text format into a human
unreadable format and hence provides data confidentiality. All Wi-Fi
equipment provides you the option of encrypting your data. Wi-Fi protected
Access (WPA/ WPA2) provides more security than the WEP which can be easily
cracked by hackers.
5. Use MAC address filtering
MAC address or physical address is a unique identifier given to a device
at the time of manufacturer. Most of the wireless access points and
routers are capable of keeping track of the MAC addresses which connect
them. And most of the manufacturers give an option to the owner to
configure a list of MAC addresses which allow connecting to the wireless
network. Therefore devices other than the listed ones will be restricted
to be connected to the network. By default this feature is disabled by the
manufacturer. Therefore ensure to make use of this feature.
6. Assign static IP address to devices
Most home networks use DHCP technology to easily assign dynamic IP
addresses to the devices which are connected to the network. This allows
hackers to easily gain access to your network by stealing a valid IP
address from your DHCP pool. Therefore in order to reduce this risk turn
off DHCP on the wireless access point or router and set up a static and
private IP address range. Make use of sub netting which allows only a
required number of devices to be connected to your network. After that you
can configure the devices connected according to the range.
7. Ensure that the devices are properly secured
Make sure to turn on your router�s firewall. And ensure to have up-to-date
antivirus software, security patches, and also client firewall software on
each connected computer to minimize the risk of malware infections.
8. Turn off the network during periods of non-use
If your wireless router allows you to turn off the network access to
certain times of the day, and if you do not need the access during a
particular period of time, configure your router to disable access during
that period. This will surely prevent outsiders from accessing your
network.
9. Locate the access point or the router in a secure place
Wi-Fi signals normally spread out of the home to an extended area. Those
signals cannot be blocked by walls or other physical barriers. A large
amount of signal leakage makes it easier for outsiders to detect and break
into your home network. Therefore as a precaution, install your wireless
access point or router near the center of your home instead of edges near
windows to reduce the leakage to the outside.
10. Disable auto-connect to open Wi-Fi networks
Connection to an open Wi-Fi network will expose your computer and your
sensitive data to outsiders. Most computers allow this connectivity
without notifying the user. Therefore make sure you disable this feature.
| | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | |
W. M. Samadhi S. Silva
Samadhi is an undergraduate of Sri Lanka Institute of Information
Technology
who is currently following B.Sc. (Hons) in Computer Systems and
Networking.
Currently she is working as an Intern - Information Security Engineering
at Sri Lanka CERT|CC | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| |  | | | | |  | | |  |
Kenneth van Wyk: Enjoy your
trip, but protect the data you take with you | | | |
�. . . .... I travel internationally quite a lot, and I have several
security guidelines and rules that I follow. One of my top concerns is that,
should a device of mine be stolen or seized by customs, all the data on that
device, whether it's mine or my customers', will be adequately protected
from prying eyes. Here, in no particular order, are some things to consider..."
| | | |
Facebook, Google, Twitter
Users Among Nearly 2 Million Accounts Hacked by Botnets | | | |
 '....
Cyber security firm Trustwave announced on Tuesday that nearly 2 million
online accounts have been hacked, compromising the privacy of users of
Facebook, Yahoo, Google, Twitter, and payroll service company ADP in nearly
100 countries. According to Trustwave, the violation was likely achieved
using keylogging malware, began on October 21, and is possibly ongoing. CNN
reports that Trustwave has alerted affected users of the security breach�.' | | ![]() |
Pentagon
Disconnects iPhone, Android Security Service, Forcing a Return to BlackBerry
for Some |
| | |
 | |
| | |
'.... Some military members who were working off Apple and Android-based
smartphones and tablets now must return to using older model BlackBerrys
because of a security service switchover, according to an email obtained by
Nextgov and confirmed by Pentagon officials.
The Defense Department is building a new mobile device management system to
monitor government-issued consumer smartphones on military networks, but it's
not yet ready for prime time.......' | | |
Anonymous hackers plead
guilty to PayPal DDoS attack | | |
 | | | |
'.... Thirteen defendants pleaded guilty in federal court in San Jose on
Friday to charges related to their involvement in the cyber-attack of PayPal�s
website as part of the group Anonymous. One of the defendants also pleaded
guilty to the charges arising from a separate cyber-attack on the website of
Santa Cruz County.......' | | |
Financial services cyber
security trends for 2014 | | |
 | | | | | | | ''....
Five years ago, questions directed at boards of directors and senior
executives at financial services firms on the toughest risk management issues
might have resulted in responses like �liquidity risk,� �regulatory
compliance,� or �bad debt.� Few, if any, would have mentioned cyber security.
Today, the same question generates a much different answer......� | |
|
| Month in Brief | | Facebook Incidents Reported to Sri Lanka CERT|CC
in November 2013 | | |  | | | | | | | Fake + Harassment | | | | Hacked | | | | Abuse | | | | Other |
| | | | | Gender wise | | |  | | | | | | | | | Statistics - Sri Lanka CERT|CC |
| Alerts | |
Google Nexus Phones
Vulnerable to SMS Denial-of-Service Attack | | | |
 | | '....Google
is reportedly looking into a problem with the latest versions of Nexus
smart phones that could force the devices to restart, lock or fail to connect
to the Internet.
All Galaxy Nexus, Nexus 4 and Nexus 5 devices that run Android 4.0 contain a
flaw that can render the phones vulnerable to a denial-of-service attack when
a large number of Flash SMS messages are sent to them.......
' | | | |
Amazon opens civilian use
of drones, I hack them | |
 | | '....
Amazon company, the world�s largest online retailer, has recently announced
that it is testing unmanned drones to deliver products ordered by the
customers, the service could take up to five years to start.......� | ![]() |
The Brilliant Hack That
Brought Foursquare Back From the Dead | |
 | | '....
Crowley is the founder of Foursquare, the seminal social networking service
that broadcasts your location across the net and serves you tips and deals
based on where you are. This past February, the New-York-based startup boasted
40 million registered users, but it was facing competition from countless
others � including the mighty Facebook � and as far as Crowley was concerned,
his service had never worked as it should. Rather than automatically sending
users tips as they moved from place to place, the Foursquare smartphone app
required them to �check in� every time they wanted information about their
location � a time-consuming process that rewarded sitting still rather than
exploring and discovering new experiences.......' | |
Illustrates Car Security
Threats | | |
 | | |
'..... As a tech paper disclosing how to hack into the network of electronic
control units (ECUs) was making rounds on the Internet, many readers,
including those of this publication, expressed skepticism: Taking the time
to open up a dashboard and physically connect hardware (a laptop) into the
car stretches the definition of hacking.p>
True, but the point of the car-hacking demo pulled off by Charlie Miller, a
security engineer at Twitter, and Chris Valasek, director of security
intelligence at IOActive wasn�t really about how they broke into a car. The
focus of their exercise was the mischief that they -- attackers or corrupt
ECUs -- are capable of doing after gaining access to the ECU network.......
' | |
What threats will
dominate 2014? | | |
 | | |
'.... Trend Micro released its annual security predictions report. The outlook
cites that one major data breach will occur every month next year, and
advanced mobile banking and targeted attacks will accelerate.
Critical infrastructure threats, as well as emerging security challenges from
the Internet of Everything (IoE) and Deep Web, are also highlighted.......
' |
|
