With the going rates of high-speed internet ranging from $20-100/Mo. I would not want someone I didn't know on my connection without paying their part. I can later write a tutorial on how to do each of these individual methods but, for now we are just going to look at WHAT you can do to mitigate this problem. Some will say,"I don't care if someone else uses it, I don't really have time for it." Granted the way you want to handle this is at your own discretion but, personally I don't want unexpected traffic on MY connection without permission.
There are several things you can do in order to make your network secure. Setting a pass-phrase, CHANGING the SSID name and pass/phrase, and disabling SSID broadcasting. There are also other options such as MAC filtering and creating DMZ's but, that isn't something the average user really wants to bother with.
Set a pass-phrase on your router in order to connect and make sure you use a strong encryption key (WPA2 is one of the strongest to date). That being said, many people leave the Default pass-phrase and think they are secure. Wrong. Make something that only you could possibly know. I can go to Google and search for default pass-phrases for ANY existing router in the world and get access to those networks that didn't bother to change it. Do NOT use your telephone number for your pass-phrase, I have seen this numerous times. The same goes for your name, your address, or family member names. As I stated in my "Keep your Social Media safe from intruders" blog, you need to make it anything that is NOT common knowledge.
The SSID is basically the name for your router. It has a default SSID given by the manufacturer and is usually physically located on the bottom of the router along with the default pass-phrase. These SSID's differ from company to company and individually from router to router as well. You may ask,"Why do I need to change the name? How will that benefit me?" It is theoretically the same as changing your password. A different name can act as a "2nd pass-phrase" as long as you take the steps to disable SSID broadcasting (Which will be discussed next). If you change your SSID and continue to broadcast it, you are basically doing nothing except personalizing the name. Some of us will continue to broadcast SSID for sheer availability and convenience, in that case I suggest using a name along the lines of "FBI Security Van" (Thanks Andy Carowan). That could either get a laugh or make someone run for their lives.
Some of us will still choose to broadcast the SSID, there is really nothing wrong with it as long as you have a pass-phrase in place but, it never hurts to have more security. By disabling SSID broadcasting, you can ensure that when someone is "searching" for a wireless network yours will NOT pop up in the Available Networks tab. In order for anyone to connect to a network with disabled SSID broadcast, they must then have the correct SSID and pass-phrase now, which can be seen as a hassle for most intruders.
Again, someone will then ask,"What if I just disable SSID when I set up my router and leave everything the same?" Potentially this could work but, you are still giving access to the wrong people who take the time to check. They can enter default SSID names and pass-phrases until they get it correct but, most of the time it would be a program doing this. So if you take the time to change both then you are going to be the least susceptible target.
When you leave your network unsecured you are susceptible to having your information stolen. With a little bit of research an average user can gain access to information on YOUR PC without your knowledge. Let's be honest, there are some out there who store EVERYTHING on their PC, not knowing the dangers. I've seen people with their entire Bank Account information saved to their Desktop, Social Security numbers, these things are a thief's dream. It is in your best interest not to save this kind of information on your PC's (or MAC's, for those users) at all. Inevitably someone is still going to do it, so if you do take the time to encrypt the files at the LEAST.
There has been several things covered in this topic today. If you would like an in-depth explanation on how to do these things to keep yourself safe, feel free to ask and I will then write a tutorial with screenshots in order to assist you further.
Thank you all for taking the time to educate yourselves on this topic. Again, feel free to ask any questions you have or to suggest another topic you would like to become more educated on. I will be adding to the list of entry's as I come across topics of concern to you all.
Jeremy DeWitt
Security+, A+
No comments:
Post a Comment