Search About Contact

Wireless WiFi Security

 

wireless security Wireless is an evolving technology which is not inherently secure. Information on a wireless network is most likely not encrypted, so it is possible for another user on the network to use a 'network sniffer' to capture your data while in transit. Unless you take certain precautions, anyone with a wireless-ready computer can use your network. That means your neighbors, or even hackers lurking nearby, could “piggyback” on your network, or even access the information on your computer. And if an unauthorized person uses your network to commit a crime or send spam, the activity can be traced back to your account.
You want to avoid man in the middle attacks. Make it your policy to use a secure login feature SSL (secure sockets layer) for email, e.g. (Yahoo), to protect your password and run personal firewall software on your laptop to protect against illicit attempts to access data on your machine. Consider encrypting your files, and preferably entire hard drive volumes, using PGPdisk. Switch to a Mac or some non-Windows operating system while you're at it. NSA has developed and distributed configuration guidance for Apple Operating Systems. This guidance can be used as a security baseline. Also, password-protect your computer, including a boot password.

How to securely use public WiFi?



Install a VPN program and run it every time you go online using a public WiFi hotspot. It runs in the background after you sign in, and gives you a private, encrypted tunnel for your data and communications when on a public wireless connection. Anchor Free HotSpot Shield is free, but ad-supported. It runs on both PCs and Macs. While browsing, you'll see ads appear occasionally at the top of the browser window. It's great if you infrequently need it, but annoying if you regularly find yourself in coffee shop.

Whether you use Windows, a Mac, or Linux, OpenVPN is a simple, robust way to secure your Wi-Fi sessions.

iPig requires no configuration of any kind. You just start your favorite web browser, email client or chat software and switch the iPig encryption on: iPig grabs all Internet traffic before it leaves your PC and encrypts it securely. The software runs on Windows 2000, XP and 2003.

Remember thst No VPN software protects data that does not go through the VPN.

How to set up a remote private network?



Hotspot Shield is a VPN for the Internet. Hamachi is a VPN for your own private network. Hamachi is meant to tie a remote end-user into another LAN or another PC to make it part of their own “LAN” (or private IP addressing). Internet traffic is not shielded with Hamachi.

LogMeIn Hamachi is currently available for Windows. Console versions of Hamachi are also available for Linux and OS X. Hamachix for the Mac automatically handles the tun/tap drivers, kernel extension, and throws a nice Mac-like GUI on top of the whole thing and here's the full walkthrough manual with screenshots.

For remote access for home & personal use try the free LogMeIn Simply Connected. LogMeIn Free gives you fast, easy remote access to your PC from any computer with an Internet connection.

Here's a discussion of Hamachi, iPig, and OpenVPN.

alfa usb
FBI Best Practices for Home Users to Prevent Hackers from Getting into Your Network
  1. Network segregation
    Put your access point on a separate subnet, with a firewall separating the wireless and internal users
  2. Change the default settings on your access point
    Default settings (SSID, administrator password, channel) are well known and even included as part of some WLAN attack tools
  3. Enable encryption by using WPA2 with a strong key
    WPA2 is a definite improvement over WEP in providing wireless security. But the version intended for home and SOHO use—WPA-PSK—has a weakness shared by any passphrase security mechanism. The choice of simple, common and short passphrases may allow your WPA-protected WLAN to be quickly compromised via dictionary attack (more info here). Use a totally random, long, secure passphrase.
  4. Update your firmware
    This is helpful if your AP or client doesn't currently support WPA2. Many manufacturers have newer firmware for 802.11g products that add WPA2 support. You may also find this for 802.11b gear, but it's not as common. Check anyway!
  5. Turn off the WLAN when not in use
    A $5 lamp timer from your local hardware store is a simple, but effective way to keep your WLAN or LAN from harm while you're sleeping.

Step-By-Step Wireless Security

SSID Set to not Broadcast How to stay under the radar
MAC Address Restrict access only to your computers
Password Protect Your Wireless Device Keep the bad guys out
WPA Encrypted Passwords Stronger than WEP

WPA (Wi-Fi Protected Access) can be defeated. Consider using WPA-PSK (pre-shared key mode, also known as personal mode) for a home LAN. WPA-PSK is vulnerable to dictionary attacks, if a hash of the pre-shared key can be gleaned by listening in on the 4 way handshake used to initiate the connection, so use a long key. It's convenient to use a 40-60 character sentence that you can easily remember. Choose a sentence (or a line from a song, a quote from a favorite book, or something similar) that is significant to you and use that. You can try a key generator but the key generator approach makes sharing the key harder and might not add much more security to a brute force attack. TKIP (Temporal Key Integrity Protocol) is a security protocol used in Wi-Fi Protected Access (WPA).

Glossary

Encryption: The scrambling of data into a secret code that can be read only by software set to decode the information.

Extended Service Set Identifier (ESSID): The name a manufacturer assigns to a router. It may be a standard, default name assigned by the manufacturer to all hardware of that model. Users can improve security by changing to a unique name. Similar to a Service Set Identifier (SSID).

Firewall: Hardware or software designed to keep hackers from using your computer to send personal information without your permission. Firewalls watch for outside attempts to access your system and block communications to and from sources you don’t permit.

Media Access Control (MAC) Address: A unique number that the manufacturer assigns to each computer or other device in a network.

Router: A device that connects two or more networks. A router finds the best path for forwarding information across the networks.

Wired Equivalent Privacy (WEP): A security protocol that encrypts data sent to and from wireless devices within a network. Not as strong as WPA encryption.

Wi-Fi Protected Access (WPA): A security protocol developed to fix flaws in WEP. Encrypts data sent to and from wireless devices within a network.

Wireless Network: A method of connecting a computer to other computers or to the Internet without linking them by cables.

Reddit | Stumble It! | | Google

Recommend (Email) This Page

Newsletter | Privacy | Support | Search | Site Map

Revised: 01/08/2013