Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Home User Security Guide

by Randy Nash - @RISK Online - Monday, 31 January 2005.

Change ALL the default settings on your Access Point, wireless cards, and routers. These include the SSID, Administrative passwords and User passwords. The default names and passwords are published by the manufacturers on the Internet and are available to anyone.
- Choose an SSID (Network Name) that will not attract unwanted attention. Do not use your telephone number, family last name, the name of the residence, the address of the residence, etc.
- Choose a unique SSID.
- Disable Automatic SSID Broadcast. If you have more than one AP set up to allow roaming, you might not want to do this due to technical considerations. However, most users should consider this option.
- Change the default channel. While this is not truly a security issue, it may help with radio interference, as many devices use the same channel.
Always use encryption (WEP or WPA) on your wireless network. If possible, use a 128-bit or higher variation.
- Whenever possible, use additional encryption such as SSL or VPN.
- Change the encryption key on a periodic basis.
- NEVER use the SSID (Network Name) as the Encryption Key.
If the following features are part of your AP or router, make sure you use them:
- Firewall: Restrict wireless usage to only the minimum TCP and UPD ports needed. And disable all other ports. For example, you may wish to enable TCP Port 80 (HTTP), and TCP Port 110 (POP) yet disable TCP Port 25 (SMTP) to prevent becoming a wireless mail relay, and TCP Ports 20, 21 (FTP) to prevent unauthorized file transfers. Also, block file sharing ports for programs such as Kaaza.
- Address Control List: The ACL limits the Machine Address Code addresses that may access your AP. Each wireless Network Interface Card has a unique MAC address, so this limits which wireless NICs (and therefore which computers) may access your network.
- If a fixed number of mobile devices are connecting to the AP, disable DHCP and use static IP addresses
- If a varying number of devices will be on the wireless network segment, limit the size of the DHCP address pool to the absolute maximum number of needed addresses. Many people use DHCP to make it easier on the users. However, there is no need to for the network to give out 254 addresses, or even 30, if you only need 3.
Most Access Points have built in logging. Periodically, review the access logs and look for any abnormalities.

Summary

This covers just some of the basics for securing your home computing environment. I hope this gets you all of to a safe and happy New Year!

Spotlight

A closer look at Mega cloud storage

Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.

The CSO perspective on healthcare security and compliance

Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.

Cyber espionage campaign uses professionally-made malware

Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.

Ransomware adds password stealing to its arsenal

Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.

IT security jobs: What's in demand and how to meet it

Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.

Daily digest

By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.

Weekly newsletter

With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.

DON'T
MISS
Wed, May 22nd

22 May 2013.

Guantanamo cuts off Wi-Fi access due to OpGTMO

22 May 2013.

NYPD detective accused of hiring email hackers

22 May 2013.

Experts highlight top data breach vulnerabilities

22 May 2013.

Why BYOx is the next big concern of CISOs

21 May 2013.

APT1 is back, attacks many corporate targets