Wireless Network Security

10 Tips for Wireless Home Network Security

Many folks setting up wireless home networks rush through the job to get their Internet connectivity working as quickly as possible. That's totally understandable. It's also quite risky as numerous security problems can result. Today's Wi-Fi networking products don't always help the situation as configuring their security features can be time-consuming and non-intuitive. The recommendations below summarize the steps you should take to improve the security of your home wireless network.

1. Change Default Administrator Passwords (and Usernames)

At the core of most Wi-Fi home networks is an access point or router. To set up these pieces of equipment, manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately.

2. Turn on (Compatible) WPA / WEP Encryption

All Wi-Fi equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi today. Naturally you will want to pick the strongest form of encryption that works with your wireless network. However, the way these technologies work, all Wi-Fi devices on your network must share the identical encryption settings. Therefore you may need to find a "lowest common demoninator" setting.

3. Change the Default SSID

Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "linksys." True, knowing the SSID does not by itself allow your neighbors to break into your network, but it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring wireless security on your network.

4. Enable MAC Address Filtering

Each piece of Wi-Fi gear possesses a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses of all devices that connect to them. Many such products offer the owner an option to key in the MAC addresses of their home equipment, that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not so powerful as it may seem. Hackers and their software programs can fake MAC addresses easily.

5. Disable SSID Broadcast

In Wi-Fi networking, the wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature was designed for businesses and mobile hotspots where Wi-Fi clients may roam in and out of range. In the home, this roaming feature is unnecessary, and it increases the likelihood someone will try to log in to your home network. Fortunately, most Wi-Fi access points allow the SSID broadcast feature to be disabled by the network administrator.

6. Do Not Auto-Connect to Open Wi-Fi Networks

Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbor's router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations.

7. Assign Static IP Addresses to Devices

Most home networkers gravitate toward using dynamic IP addresses. DHCP technology is indeed easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP addresses from your network's DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead, then configure each connected device to match. Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reached from the Internet.

8. Enable Firewalls On Each Computer and the Router

Modern network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router's firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router.

9. Position the Router or Access Point Safely

Wi-Fi signals normally reach to the exterior of a home. A small amount of signal leakage outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. Wi-Fi signals often reach through neighboring homes and into streets, for example. When installing a wireless home network, the position of the access point or router determines its reach. Try to position these devices near the center of the home rather than near windows to minimize leakage.

10. Turn Off the Network During Extended Periods of Non-Use

The ultimate in wireless security measures, shutting down your network will most certainly prevent outside hackers from breaking in! While impractical to turn off and on the devices frequently, at least consider doing so during travel or extended periods offline. Computer disk drives have been known to suffer from power cycle wear-and-tear, but this is a secondary concern for broadband modems and routers.

If you own a wireless router but are only using it wired (Ethernet) connections, you can also sometimes turn off Wi-Fi on a broadband router without powering down the entire network.
Read More...

about mailbomb

E-mail Bomb - In Internet usage, an e-mail bomb is a form of net abuse consisting of sending huge volumes of e-mail to an address in an attempt to overflow the mailbox or overwhelm the server where the email address is hosted in a denial-of-service attack.

Methods of email bombing
There are two methods of perpetrating an e-mail bomb
1. mass mailing
2. list linking


Mass mailing
Mass mailing consists of sending numerous duplicate mails to the same email address. These types of mail bombs are simple to design but their extreme simplicity means they can be easily detected by spam filters.

Email-bombing using mass mailing is also commonly performed as a DDoS attack by employing the use of "zombie" botnets; hierarchical networks of computers compromised by malware and under the attacker's control.

Similar to their use in spamming, the attacker instructs the botnet to send out millions or even billions of e-mails, but unlike normal botnet spamming, the e-mails are all addressed to only one or a few addresses the attacker wishes to flood.
This form of email bombing is similar in purpose to other DDoS flooding attacks.
As the targets are frequently the dedicated hosts handling website and e-mail accounts of a business, this type of attack can be just as devastating to both services of the host.

This type of attack is more difficult to defend against than a simple mass-mailing bomb because of the multiple source addresses and the possibility of each zombie computer sending a different message or employing stealth techniques to defeat spam filters.

List linking

List linking means signing a particular email address up to several email list subscriptions. The victim then has to unsubscribe from these unwanted services manually. In order to prevent this type of bombing, most email subscription services send a confirmation email to a person's inbox when that email is used to register for a subscription. Read More...

SPAM

Some tips about SPAM for yahoo mail.

Do not make yourself an easy target for spam.

Spam can be very dizzy head. But with protection against spam from Yahoo! Mail (and a little common sense), you can keep your email box remains free from the garbage with the email. Here are some tips to remember:

Protect your email address
Treat your email address as well as your phone number - something that does not give you offhand. Do not publish in a public place such as a message board or chat room. If you must provide your email address, use AddressGuard Yahoo! Mail (available for Yahoo Mail) to make addresses.

Do not open or respond to messages that are not desired
With that you open the email as spam, by accident you can inform the sender that your email address is active. Spammers often hide things in the message to verify that someone is open, and then sell the addresses to others. And also, please do not forward the spam chain to others.

Never click on links in spam messages
By clicking the link in the body of messages sent by spammers, you verify that your address is active. You also take the risk out of yourself on the phishing scams that are used by people who can not be trusted.
Read More...

Worm

Worms are computer applications that can reproduce itself. Worm uses network to send a copy to other nodes (computer terminals in the network) and can do so without user intervention at all. Unlike a virus, worm does not need to smuggle himself there is no application. Worm almost be cause damage to the network, although only the bandwidth that is, where the virus almost always destroy or alter files on the target computer.

Name and history

Naming worm comes from The Shockwave Rider ', a science fiction novel published in 1975 by John Brunner. Researchers John F Shock and Jon A Hupp of wilhen PARC chose the name in the paper published in 1982; The Worm Programs, Comm ACM, 25 (3) :172-180, 1982), and then used widely.

Implementation of the worm was first applied by two researchers at Zerox PARC in 1978. Shoch and Hupp make worm to identify a processor idle (does not work) on the network and give the task in the processor, the load share the execution process, increasing the 'CPU cycle use efficiency' in the network. Worm has a limitation that programed therein, so that will not spread to the wider are of the specified.


Payload

Many worms have only made the distribution function, and does not try to change the system passed. However, since the Morris Worm and Mydoom appears, network traffic and unwanted effects can cause other serious. A 'payload' is the term used to mention the code carried by the worm and are designed to damage the system that passed - the code that may remove the file system (eksample ExploreZip worms), do the encryption in cryptoviral extortion attack, or send documents via email. Payload that is commonly used is code which inserted the worm to install a 'backdoor' on a computer that makes the infected that computer can be a 'zombie' and freely accessible by the worm - Sobig and Mydoom worm is an example of creating a zombie computer. Network computer of zombie botnet and is also often used by spammers to send junk email or hide the address of their website. Therefore, spammers often suspected as a fund of worm, and not infrequently worm maker also sell list of the infected computer's IP. Others are trying to get money from companies with the threat of DoS attacks (Denial of Service).

Backdoor can also be exploited by other malware, including worms. For example is Doomjuice, which spread through the backdoor opened by Mydoom, and at least one malware used rootkit and backdoor installed by the application of DRM owned Sony / BMG who have their music on CD until the end of 2005.

Worm with the good goal

Starting from the first research on the worm at Xerox PARC laboratory, have shown some effort to create useful worms. Nachi worm variants as an example, try to download and install a patch from the Microsoft website to fix the weaknesses in the system that place the host - with a weakness to exploit enter to the system, and then fix the patch. In practice, although this step has been made not dangerous, but this worm using the network traffic, making a re-boot machine at the time of patching, and work without users knowing.

The majority of security experts assume worms as malware, regardless of payload, or the destination.

Prevention

Worm spreads to exploit operating system weaknesses. All vendors trying to provide security updates regularly, and if a patch / update is installed on a machine, then the tendency of the spread of worms on this machine can denied. If the vendor knows the weakness in the system and not removing the update, not possible 'zero day exploit' (exploit on the same day the vendor announced a weakness (bug)). But that's rare.

Users need to be careful when opening e-mail that is not known, and it is recommended not to run a file or program that is sent as an attachment, or visiting web pages that are included in the mail. But, since the case iloveyou work, and increased growth and efficiency of phishing attacks, is still quite likely to deceive user also increased.

Application of anti-virus and anti-spyware is quite useful for dispel worm attacks, but should always be updated with the pattern of virus / worm new one every few days. Use a firewall is also recommended. Based on the experience of the author, the firewall is quite useful 'fortify' computer worm attack close to the worm or reject the intrusion. Read More...

Secure Socket Layer

SSL is one of the methods of encryption in data communication made by the Netscape Communication Corporation. As described in the SSL Protocol, Internet Draft (The SSL Protocol, Version 3.0 by ALAN PAUL O. Freier, and C. KOCHER, you can open in http://home.netscape.com/eng/ssl3/ssl-toc.html.

SSL is a protocol layer. In each layer, data consists of a long description and content. SSL is sent to retrieve the data, solved into blocks that regularly, then compressed, if necessary, apply the MAC, encrypted, and the results are sent. At the destination, the data encrypted, verification, compressed, and ordered back. The results are sent to the client on top of it. (free translation).

SSL encrypted only data that is sent via http. How SSL can be described as running the following:

• When the connection starts running, the client and server to create and exchange a secret key, used to encrypt the data to be communicated. Although the session between the client and server diintip other parties, but the data looks difficult to read because it is encrypted.
  
• SSL support public key cryptography, so the server can perform the authentication method that is known as RSA public and Digital Signature Standard (DSS).
  
• SSL can verify the integrity of the session is running by using the digest algorithm such as MD5 and SHA. This is a session avoid piracy.

Read More...