Securing Your Network
These days given the advancements in computer technology in both hardware and software, it becomes increasingly difficult for the average computer user to learn ways to keep their computer safe, especially while using it online. The following will hopefully help you secure your computer and network enough for basic usage.
Besides our section on Internet Security, this section deals with probable networking security concerns and how best to deal with them. One of the most important aspect of securing your computer begins with your basic configuration and network setup.
There are two primary components to this, one at the physical level, which means the (wire, Ethernet cable, antenna, modem/router, etc) and the other at the so-called "logical" level, which involves how the data is transmitted. The tramission of data works via protocols,
these act like a set of road rules telling the data how to proceed from one destination to the next. Network traffic uses the physical medium for transport and the logical component for transmission.
When you look at these methodologies independently, you soon recognize areas that utilize different aspects of the above to increase their performance and security in ways that match their delivery and purpose. In this section we will focus on security based networking and delve into aspects of wireless network security and the equipment used for such purposes.
There are two primary components to this, one at the physical level, which means the (wire, Ethernet cable, antenna, modem/router, etc) and the other at the so-called "logical" level, which involves how the data is transmitted. The tramission of data works via protocols,
these act like a set of road rules telling the data how to proceed from one destination to the next. Network traffic uses the physical medium for transport and the logical component for transmission.
When you look at these methodologies independently, you soon recognize areas that utilize different aspects of the above to increase their performance and security in ways that match their delivery and purpose. In this section we will focus on security based networking and delve into aspects of wireless network security and the equipment used for such purposes.
Let’s begin by looking at the physical end of your network and how best to secure it. We need something that connects your computer to the internet, this comes in the form of a modem or “modem/router”.
A modem/router is both a modem and a router combined, the modem part of this equipment is responsible for delivering and sending signals to and from the internet, while the router part is used to “route” the signal. The router may also route a signal from your computer to other equipment such as other computers and printers etc. They can be wired or wireless.
A modem/router is both a modem and a router combined, the modem part of this equipment is responsible for delivering and sending signals to and from the internet, while the router part is used to “route” the signal. The router may also route a signal from your computer to other equipment such as other computers and printers etc. They can be wired or wireless.
When you setup and install your modem, most of the time you will have to enter a password to configure it, more often than not you begin by entering the word “admin” as in “administrator”. You have the option to change this password after you have setup your modem. It is best to reconfigure this password and use one that is at least more than eight characters in length and very strong.
By this we mean password strength, use something obscure that utilizes alphanumeric characters and upper or lower case. Never use anything that even vaguely resembles your street address, phone number, date of birth etc, anything like that makes it easier for password cracking so hackers have a better chance of infiltrating your network. If you are extra paranoid, routinely change this password, just try not to forget it or you may have to perform what is called a “hard reset” on your modem. This is where you insert a paper clip or something similar into the reset hole at the back of your modem and press for a few seconds.
By this we mean password strength, use something obscure that utilizes alphanumeric characters and upper or lower case. Never use anything that even vaguely resembles your street address, phone number, date of birth etc, anything like that makes it easier for password cracking so hackers have a better chance of infiltrating your network. If you are extra paranoid, routinely change this password, just try not to forget it or you may have to perform what is called a “hard reset” on your modem. This is where you insert a paper clip or something similar into the reset hole at the back of your modem and press for a few seconds.
This resets the modem and you will then have to reconfigure it all over again. Hackers can do the same thing if they discover your password, once they have it they can configure your network giving them control. This is really no different to someone hacking into your wireless network using a laptop while sitting in a car parked outside your house, eavesdropping on your activity.
This act of intrusion is better known as “war driving” and emphasizes why you need strong password strength and correct configuration to increase your network security. It is a scary thought knowing that someone is hacking your internet watching every transmission coming and going from your computer, especially while banking online!
Every time you bank online you first need to access your account with “login credentials” as you enter this information you are literally giving them your password and account details, it is all free for the taking. Every keystroke you press can be monitored or “hacked” and this puts your personal and financial information at grave risk. This is of course mostly possible only if your network is unsecured. For wireless networks there are a few items that need to be addressed and configured correctly in order to provide the best possible network security.
It is unfortunate that some people try and setup their own wireless or (WiFi) network believing
they did it all correctly, only to discover later that a neighbour or someone else has been using their internet while they were out!! It is a relatively simple process setting up and configuring a WiFi network, the best plan of attack is to take your time and read the fine print in your instruction manual. Always observe any security related setup information as this is the stuff that will save you and your network from hackers.
You will come across a few words in the manual that sound like WPA, WEP, SSID, WPA2 etc.
I will explain what these mean and what they do that helps you secure your wireless network.
Before we begin lets start with the basics of wireless networking and see how it works.
Much like how we use etiquette in conversation listening and observing until it is our turn to speak and then we say our piece, wiresless network traffic observes a similar set of rules. These rules are governed by “protocols” which mimic the same thing.
There are many protocols and each has a specific purpose associated with the transmission
of data. With wireless networking a particular protocol is used especially for wireless transmissions and is known as "Carrier Sense Multiple Access Collision Avoidance" or CSMA/CA for short. This is the so-called "listen before talking rule".
It is unfortunate that some people try and setup their own wireless or (WiFi) network believing
they did it all correctly, only to discover later that a neighbour or someone else has been using their internet while they were out!! It is a relatively simple process setting up and configuring a WiFi network, the best plan of attack is to take your time and read the fine print in your instruction manual. Always observe any security related setup information as this is the stuff that will save you and your network from hackers.
You will come across a few words in the manual that sound like WPA, WEP, SSID, WPA2 etc.
I will explain what these mean and what they do that helps you secure your wireless network.
Before we begin lets start with the basics of wireless networking and see how it works.
Much like how we use etiquette in conversation listening and observing until it is our turn to speak and then we say our piece, wiresless network traffic observes a similar set of rules. These rules are governed by “protocols” which mimic the same thing.
There are many protocols and each has a specific purpose associated with the transmission
of data. With wireless networking a particular protocol is used especially for wireless transmissions and is known as "Carrier Sense Multiple Access Collision Avoidance" or CSMA/CA for short. This is the so-called "listen before talking rule".
A WAP (Wireless Access Point) or similar device will listen to the network traffic before it broadcast its “packets” or “data” or (chunks of data). When it detects a clear route with no other device broadcasting, it sends its data based on the fact that it will have no conflicts with other transmissions.
This methodology works extremely well in wireless networks and avoids transmission collisions making for a more efficient network.
This methodology works extremely well in wireless networks and avoids transmission collisions making for a more efficient network.
Many people worry about the security of wireless networks and it is important to know that there are ways of securing your WiFi and perhaps it is worth learning a little about something called “encryption”.
Encryption is when the data or packets travelling over a network become information that is scrambled, this data can only be read by the receiving device because it shares a secret “key” that has the ability to unscramble the data. So the transmitting device (WAP) and the receiving device (computer) both have this shared key that decodes the encrypted data packets.
No other device will understand this data and will only receive it as jibberish, so unless any other device holds the secret key, only the WAP and the receiving device can decode or “decrypt”and interpret the data. When you setup your wireless network you will be prompted on what kind of encryption you wish to use, as a rule always use the 128bit encryption standard and WPA2 for better security.
This process also ties in with another entity known as SSID and WEP which I will explain a little later.
There are some drawbacks with increased security on your WLAN (wireless local area network), the encryption protocols may slow the network due to overhead (excessive network processing). The more safety protocols you put into play means the slower the network will operate due to processing time (decryption etc).
As a rule a slower network is safer than a faster network based on the protocols used and network configuration. This compromise for speed is best for safety, even more so if you use web-banking, ebay etc.
Encryption is when the data or packets travelling over a network become information that is scrambled, this data can only be read by the receiving device because it shares a secret “key” that has the ability to unscramble the data. So the transmitting device (WAP) and the receiving device (computer) both have this shared key that decodes the encrypted data packets.
No other device will understand this data and will only receive it as jibberish, so unless any other device holds the secret key, only the WAP and the receiving device can decode or “decrypt”and interpret the data. When you setup your wireless network you will be prompted on what kind of encryption you wish to use, as a rule always use the 128bit encryption standard and WPA2 for better security.
This process also ties in with another entity known as SSID and WEP which I will explain a little later.
There are some drawbacks with increased security on your WLAN (wireless local area network), the encryption protocols may slow the network due to overhead (excessive network processing). The more safety protocols you put into play means the slower the network will operate due to processing time (decryption etc).
As a rule a slower network is safer than a faster network based on the protocols used and network configuration. This compromise for speed is best for safety, even more so if you use web-banking, ebay etc.
Securing Your WiFi Network
Since so many of us have Wireless networks and the number is on the rise, it’s only fitting that I give you a few pertinent tips regarding the techniques for securing your WiFi network.
Let’s start with your WAP or modem, first of all you will need access to either the manual that came with it or the modem’s manufacturers website. If you need the manufacturer’s website to view information, you will need to identify exactly what kind of modem you have.
You can usually do this by looking underneath and observing the numbers on a small sticker or placard that indicates what type of modem it is and also the model number. Sometimes the model number will be indicated in the front also.
Now simply enter this data into the search fields on the manufacturer’s website, or just follow your nose and chase up the details usually located under something like support or any drop box that allows you to select your modem.
Next, view the instructions on how to configure your modem’s security settings.
This will most likely begin by opening Internet Explorer and entering an IP address that usually goes something like: 192.168.0.1 or 192.168.1.1.
Simply open Internet Explorer and type those numbers where you would normally put in www.allroundcomputersolutions.com
This is the IP to your modem or modem/router that displays a web-based HTML style page that allows you to make configuration changes to your modem and network setup.
I would reccomend that you print any instructions if you’re going down the website road since you will loose connectivity at some point during configuration changes.
Clearly, the scope of this website does not enable me to tell you how to configure every modem ever developed, there are so many and this is why they have instructions! Believe it or not, but even IT and networking professionals also make valued use of these instruction manuals.
Steps to Securing Wifi
Every wireless modem/router comes with a default login user name and password such as “admin” or sometimes they may be blank. Once you have setup your router using the default credentials, make sure you change the username and password to something else.
Password strength is the key here and always use a password that is at least eight characters long and use combinations of upper and lower case and special characters, for example, use @ instead of “a” or use the number 0 instead of “o”.
Ideally you should always try and use this method of substitution for all of your passwords, this simply makes it harder for hackers to crack and increases your over all security.
While we are in the area of passwords and modem configuration, another one you should change is the default SSID. The SSID stands for “Service Set Identifier”.
This is the name given to your network and will be default after installation. Sometimes the SSID may be named by the manufacture and called D-Link something, or Lynksys something, etc.
The moral of the story is, change this as soon as possible after initial setup and install. Hackers usually know what kind of modem you have and can infiltrate its security settings and make configuration changes without you even knowing about it!
Make sure you change the password and SSID defaults.
Make sure you change the password and SSID defaults.
In fact they can change almost everything and you have no way of knowing!
The SSID broadcast itself over the air, this way computers close by can find the network, what you want to do after you have renamed the default SSID, is turn off SSID broadcasting on your router so neighbours, war drivers and hackers cannot see your network.
If your router has MAC filtering, this should be enabled so only the computers in your house will talk to the router. MAC stands for “Media Access Control” and is about how the ones and zeros go from the wire, or airwaves in this case, to your computer, well really, an address for your computer.
Computers use what is known as a NIC or “Network Interface Card” that accepts network signals either via a cable or antenna. These network interface cards have an address assigned to them (MAC address) so the air waves (or more accurately put, radio waves) and your router can identify this card and the card allows the signals through.
In this respect your router will only broadcast to the MAC addresses you have entered in its MAC table. The simple English of this means that your router will only talk to your computers and no others can connect to your network unless you configure them to do so.
Keep in mind however, that MAC filtering is not fool proof and hackers can obtain the MAC addresses of your computers. MAC filtering only adds another layer of defense to your WiFi network.
You can also reduce the WAP footprint to improve security, by this I mean reducing the distance your router broadcast its signal. Most are usually configured by default to broadcast a rough distance of about 50 meters or so, depending on where you place them.
You may find a setting that allows you to make this zone smaller so hackers’ out front of your house in a car will not have a strong enough signal to use your internet. This does not mean they can’t, they still can with special equipment like unidirectional antennas if they were that determined!
Another item worth serious and perhaps the most important consideration is using a security protocol that encrypts the transmissions between your router and computer.
There are three main ones that have favored many routers and Wifi setups, I will briefly describe each, but do keep in mind the strongest one is WPA2 and this should be implemented above all else.
Let’s begin with the weakest and least favored:
WEP: Wired Equivalent Privacy is no longer secure and uses an old encryption algorithm that has been compromised, however with that said, it is better than nothing if your equipment does not support newer protocols.
WPA: Wifi Protected Access was developed to replace the weaker WEP standard and was unfortunately compromised in November 2008. Again, it is better than nothing and perhaps better than WEP, but if you can have both, use them!
WPA2: Wifi Protected Access version 2, this is the strongest Wifi algorithm to date, if your router supports it, use it! If it does not then use what it can, or try a “firmware” upgrade. A firmware upgrade is basically software that you can download from the manufactures website that will usually enhance your modem’s security and performance. But always use WPA2 over anything else!
Also If you have an existing WiFi network and want to give it tighter security, check the manufacturers website and look for a firmware update and patch your existing software where possible, and observe the above implementations for additional layers of security.
The short and curly of Wifi security, use these tips:
· Change default SSID and disable its broadcasting
· Change default password
· Enable MAC filtering
· Reduce WAP footprint
· Implement WAP2
· Change default password
· Enable MAC filtering
· Reduce WAP footprint
· Implement WAP2