In part 2 of our series, Introduction to common (and not so common) Cyber threats, I introduced you to the world of Open Source information, and how severely it can hurt you if left unchecked. Until now we have concentrated mostly on the social engineering aspects of Cyber Security, because more often than not, it is left out of the discussion. In part 3 of our series we will talk about securing your home network.
Wired or Wireless? Pros and Cons
Now a days when someone says internet most people think of hooking up their phone, Xbox, laptop, and every other gadget that they can to their wireless internet connection, also known as Wi-Fi. Now Wi-Fi lets you do things that plugging into a wired connection won’t let you do, like being able to wander around your house with your tablet and listen to your favorite Sex Pistols tunes on Pandora.
But there are also some bad things you need to know about while you’re listening to God Save the Queen, surfing Netflix looking for something to watch, or playing a game on Facebook, things you don’t really think about happening, or may already be happening, as you toss Angry Birds, catch up on the Walking Dead, or dance around like a Psycho-Circus Clown to the Sex Pistols.
The Pros: With the mobility, the ever-increasing distances you can get from your wireless router and the speed of the connections make for some pretty powerful reasons to connect to the internet through Wi-Fi.
The Cons: It’s unsecured (yes, it is un-secure, no matter what anyone says) the reason being is that your information is going through the air, and thus vulnerable. The more people on a Wi-Fi connection the slower your speed is, and the distance from the router is inherently a vulnerability because anyone could be pulling the information from the air either just sitting across the street, or even up to 2 miles away with a clear line of sight, and a UHF (Ultra High Frequency) Antenna.
So do the pros of wireless connectivity outweigh the cons?
Now let’s look at a wired connection, hooking directly to your router with CAT5 cable, which has just the opposite pros and cons that Wi-Fi connections do.
The Pros: Your information isn’t going through the air (less likely to be picked up by the guy in the van across the street), the speed is almost always constant (unless you go over the recommended amount of devices connected to the router), and unless someone puts a dirtboxdirectly on the wires leading up to your home it’s completely secured from all wireless intrusions.
The Cons: Decreased mobility, no sitting in your tub while your tablet blasts the Sex Pistols, God Save the Queen for you.
The cons of a wireless connection should give you pause, but not deter you from being comfortable in your own home with going wireless, after all I will be giving you the tips and tools you need to help keep what’s yours, yours.
The K.I.S.S. Principle doesn’t apply to Wi-Fi connections!
We’ve all heard the phrase, “Keep It Simple Stupid” at one time or another, but when it comes to wireless security you definitely want to ignore the K.I.S.S. principal. But you don’t want to make it so complicated that you can no longer get a connection using CAT 5 cable.
You are shooting for a middle ground here.
To begin with you need to do all you can to make sure you and your family is the only ones who know how to access your private Wi-Fi network. Sounds like common sense doesn’t it? But you’d be surprised though at the number of fairly “Tech Savvy” people who don’t follow even basic, common sense, security rules.
First, you need a password for your Wi-Fi network and to put that password on any device that you want to allow to connect to the network. Avoid using the default “password” that is included with your router, the bad guys and government agencies) know ALL OF THEM.
The same goes for using a combination of your wife’s bra size, oldest child’s birthday, your license plate number, and your shoe size. As we explained in parts 1 and 2 of our series, Introduction to common (and not so common) Cyber Threats, bad guys (and government agencies) will use “Social Engineering” and “Open Source” information to get that type of information.
You need a completely random password to secure your Wi-Fi network. A great site you can use to generate a random password for your network is Random.org. You can generate a password strings of up to 20 characters long, using upper and lower case letters as well as numbers, and by adding “Special Characters” (!@#$%) or underscores (_) to the string generated by Random.org (if your router will allow them) you can increase the security of that password even more.
As a test, we generated a couple 20 character passwords (without adding any special characters or underscores) that according to more than one password checking program stated it would take 5 quintillion years to crack using the tools available to hackers and in one test, using the same tools used by the NSA, it would take 1.75 million years to crack. Now that is pretty damn secure!
Now that you have that totally awesome randomly generated password what next? Begin by making sure that the show password box (yes that is a real option) is UNCHECKED so the password is masked by asterisks (*) and enter it into your router and any devices you want to be able to access your network and no matter what, DO NOT let anyone, this includes your friends, your kids friends, or your Aunt Edna connect their personal device to the network, EVER!
If they have something they absolutely have to do right then and there, you should have a guest account on your computer or tablet with minimal privileges (they can’t copy files, change files, etc.) so they can do what they need to do and be done with it.
The key here is to make sure that no unfamiliar devices are being connected without your knowledge, because they could be carrying their own problems that could lead to potential back doors into your network.
Guests (Unwanted and Otherwise)
If what you fear has not yet to come true and your dear Aunt Edna is in town and she forgot her phone in the hotel and just wants to check her emails and update her Facebook status, I do not suggest letting her onto your computer, tablet, or laptop without first taking some precautions.
Since you should already have a Guest Account set up just in case no worries. If you don’t, you need to get moving on that ASAP! If you can’t set one because the device won’t allow it then dear Aunt Edna is going to have to be S.O.L. checking email and updating Facebook until she gets back to her hotel and her phone.
When you setup your guest account you need to make sure that it does not have the same access to the computer that your personal user profile does (can’t add, delete, or change files, etc.) that way if Aunt Edna accidentally opens some spam email that has malicious content it will be much less likely that your device will become infected with the latest and greatest virus or spyware.
Now that you know how to deal with a wanted guest (hopefully you like Aunt Edna), what about guests of the unwanted variety? Well, to be honest, you may not even know they are there until it is too late.
So before that happens you should set up a program called Wireshark (it’s free) and begin to familiarize yourself with it.
Wireshark is a network monitor, or packet sniffer, that will read all the incoming and outgoing traffic on your network and show you what it is so that you can analyze it, and be able to tell whether or not your network is compromised.
To be able to properly analyze network traffic demands a certain level of understanding on how computers “talk” to each other. Even without that knowledge, with Wireshark in place you are one step closer to having a more secured network.
In part 4 of our series on Cyber Security I will go more in-depth on how computers “talk” to each other, monitoring your network, and how to read and analyze what Wireshark is showing you.
Until then, I look forward to seeing your comments, but for now it’s back to being on 24 hour alert here at Camp <opsec>, Korea. And as always, Train to Survive!
(Note: Vanguard Survival, LLC is in no way, shape, or form associated with Random.org or Wireshark. The inclusion of links to their sites in this article is so you can see what they have to offer and decide for yourself if you want to use those tools)
©2014 Vanguard Survival, LLC
All Rights Reserved