Sometimes I use an Ipaq with TomTom for Sat Nav. The Ipaq has built in wireless networking and it is rarely switched off. Over the passed few years I have noticed that a lot more wireless networks pop up on the screen when I drive anywhere. Last week I logged a count of all the access points it found. There were 65 access points in a small area. I wondered how many of these were actually secure and how many people had taken steps to protect themselves and their data. How many people actually knew how to switch on that extra level protection. If your network is open or you haven't taken the extra security steps then you could potentially be inviting problems.
A lot of the earlier wireless modems and routers came with a security protocol called WEP (Wired Equivalent Privacy) enabled by default. This was usually shipped with a factory set password that is known by anyone else that bought a wireless product from the same maker. They even had the manufacturers name as the access point broadcast name like "Netgear" or "Belkin" with "password" as the password. Easy to get into, have a look around, copy your music, files, maybe that spreadsheet with your bank account details, delete those Florida photos, the ones you never printed, you never backed up and no longer have on the camera...
As more of us use computers and store more of our personal information on them we need to become wiser in terms of securing them. Every day we hear something about identity theft, debit cards being forged or purchases being made with stolen card numbers over the internet. It isn't that difficult to switch on some security at a decent level but the protection it will give you will at least let you sleep at night.
The password is...
The very first thing you should do is change the password/encryption key from the default ones. That means changing the password you use to configure the wireless device which is the prompt you see when you go to something like http://192.168.0.1. Pick a password that is not obvious, use mixed cases and throw in some numbers. A good method of creating passwords is a to a create a sentence and use the first letters of it. Will Smith was the last man alive in I Am Legend = WSwtlmaiIAL it is hard to guess but easy to remember when you type it. Mix in some numbers and you have a good strength password.
One of the first things to do is to change the standard encryption from WEP to something a bit more substantial... WEP is like the combination lock had on your bike when you were a kid. It can be cracked quite easily with a little patience and a small utility called aircrack-ng. Believe me, it doesn't take long at all to work through a WEP key if you are determined. So choose something a little more substantial... try WPA (Wi-Fi Protected Access) or even better, WPA2, if your device supports it. Again, create a key that means little sense to anyone but yourself. Just remember whatever security you leave in place, change the key/password from the factory default ones. It takes 2 mins on wikipedia to find a manufacturers standard broadcast name, IP range, username and password.
Closing Holes
Most people think that they are safe because they have set a password and encryption. It's a good step in the right direction but not quite the full monty. Make sure that the firewall (if available) is enabled on the wireless modem/router. It won't stop your things going out but it will stop others coming in. If you do need to open a port (a hole in the wall for things to get through), then open only the one you need. Your documentation should point you in the right direction as to the workings of the firewall.
Taking that a step further, make user you have the firewall enabled in Windows/Mac or Linux. Older versions of XP were almost totally open and whilst this was fixed with the various service packs and updates you should still make sure it's on. Linux/Mac and Vista are enabled by default.
Don't share all your folders over your internal network unless you have to and then make sure a password is required and only the users allowed can connect.
Invitation Only
Every device capable of connecting to a network, either by a cable or by wireless, has a unique identifier. This identifier is called a MAC address. On most modern wireless routers, modems, hubs there is a group of settings that will allow you to enter the MAC addresses of all the devices you use on your network. Once this is enabled only those allowed devices will be allowed to connect. This means that nosey neighbour or opportunist passer-by can't get onto your network even if they have the key. Though there are programs that can fake this MAC address it is a long winded and tedious affair to find out the allowed MAC addresses in the first place and unless you are holding state secrets then I don't really think you should worry about that.
Viruses, Trojans and Worms, oh my
When you buy a computer it will usually come with some virus software pre-installed. The license will probably expire in 60 or 90 days, then what? How many have actually paid for the continued subscription? There are new threats released every day, some are just a rehash of old ones, some are brand new and some just float around waiting for an unsuspecting, unprotected computer to give them a new lease of life. It is essential that the virus software is kept up to date. It can be a difficult time when you suddenly find that files have gone missing and your hard disk is corrupt (how many of us actually make backups, I'm as guilty as the next!), or annoying that whenever you open the browser you're taken to some adult site, gambling site.
There are free virus checkers available, the most popular being AVG. You can find this at http://free.grisoft.com/ It doesn't have all the features of the fully paid for version but it does what it says on the tin, it detects and kills viruses and the database is kept up-to-date.
It is probably good practice if you try and scan for adware/spyware about once a month (it's boring but if you can do it more regularly then all the better). There are some good tools around and a free one I can recommend is http://spybot.destroy-spyware.net/ it will search your computer and remove all threats of adware/spyware/pop-up ware and anything that is sat there monitoring your internet activity. Though Spybot is not yet compatible with Vista. Although vista and Linux do have some of these features built in and enabled by default and Firefox is a less targeted browser than Internet Explorer.
The main thing is to use a bit of common sense and not back away from these things just because they sound techie. The steps are simple to implement and will deter most attacks on your system. There are no guarantees that you will never be attacked but that is just the same as your home, a good alarm may deter but a determined person will get through eventually. Just make it as difficult for them as possible!
This is only a brief introduction into the security measures available, there are tomes of information available on the Net and Wikipedia, Google or Yahoo are probably good places to start if you're interested in finding out more.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereComments are closed on this article