A Security Primer: Do You Leave Your Front Door Open?
This might seem like an odd place to start — but I’ve decided to begin with an interesting little story …
It is a good thing that I am a person of principles. A couple of weeks ago, I was on my way from northeastern Pennsylvania to southern New Jersey where I am a computer consultant for a labor council. That day, I was expecting an important email, so I stopped a couple of times on the way down to log into a wireless hotspot for my network access.
As I fired up my laptop, I checked the available networks outside of Wilkes-Barre and noticed there were four or five networks in addition to the network I was planning on accessing at a Barnes & Noble. I double-clicked the icon to connect to one of the unexpected, unsecured wireless networks and … 30 seconds later, I had access to the network of a complete stranger!
I scratched my head and wondered – to satisfy my own curiosity and not to wreak havoc on this person’s network – if I could log into their router. I typed in the default login and password (which we will explore in a little while) and – voila! There sat the stranger’s configuration page right in front of me! Let me tell you, a person of a more malicious and less principled nature would have a very easy opportunity to make changes.
What can we take away from this? The answer is easy: Security is probably the biggest issue with computers today. We have to secure our home network, operating system, and browser so that we are not among the millions of users who fall prey, on a daily basis, to the damage that can be done by security lapses. You wouldn’t leave your front door open when you leave your house, would you? So why would you leave your computer vulnerable to those who want to steal your information or, even worse, your identity?
Do You Own a Router?
Let’s begin with one of the more common pieces of computer hardware you might have. With the single-computer household becoming more a thing of the past, the odds are that you own a router to connect your desktop, your sweetie’s desktop and the laptop with which you surf the Internet while hanging out on the couch.
A router – especially a wireless one – is a wonderful piece of hardware for a number of reasons. First, you can connect multiple computers to the Internet while paying for just a single connection. Second, a router is not difficult to install: Simply connect it to your cable or DSL modem, pop in the CD and you can be wandering around online in a matter of minutes.
However, this technology comes with a few traps that you can easily fall into, which is why you must do the following:
- Change the login and password on your router as soon as possible
If you own a Linksys router, for example, the default login and password is “admin.” Every router built by Linksys ships that way, and this information is readily available online. Additionally, if an intruder were to look at your network, and you hadn’t renamed it, the word Linksys would be part of the network name. This holds true for every brand of router sold — the default configuration page can be found online in a matter of minutes.
To solve this (using the Linksys router as an example), open your browser and type in http://192.168.1.1 in the address bar. This will give you the login and password box. If you haven’t already changed the login and password, type in “admin” for both and click “OK.” Go to the appropriate page and change the login and password to something stronger. Passwords will be covered in greater detail later.
- Turn on WEP or WPA
If you own a wireless router, it spends its time during the day (and night) broadcasting — looking for computers to connect to it. WEP (Wired Equivalent Privacy) is a wireless protocol that uses an encryption key to keep unwanted visitors off your network. If the computer that is trying to connect to your network doesn’t have the key, it is denied access to your network.
WPA or WPA2 (Wi-Fi Protected Access) is even stronger than WEP. Turn it on using your router configuration page and keep it on. It might take a bit to configure these protocols, but in the long run, you won’t have a company you don’t know, wandering around on your network, checking out the family pictures from your vacation in North Dakota.
Do You Safeguard Your Passwords?
Of course you do! We all use passwords for logging onto the Internet, checking email and even banking online. The question is, how well do we take care of our passwords? Over the last 15 years of computer consulting, I have seen the same scenario over and over, and to tell you the truth, it is frightening.
As a rule, I can tell you that people tape their passwords to the bottom of their keyboards, leave them in the closest drawer to the computer, and – my favorite – tape them to the front of their monitors. This is the worst security there is for one simple reason: Anyone with an axe to grind or with larceny on their mind can grab your password in no time at all. Also, these same users use their passwords over and over, so if the same password logs you into Windows at work and to your bank account at home, you could potentially have big problems ahead.
- Secure your passwords!
I can’t stress this enough: DON’T leave them laying around on your monitor, keyboard or anywhere else public. This seems absurd, but many users do this. Put your passwords somewhere SAFE!
- No dictionary words!
Computer users have fallen into another trap that hackers love — using words directly out of the dictionary. If a hacker uses a database of dictionary words and combines them with the victim’s email address—BINGO! A hacker could theoretically compromise your computer in a matter of minutes or even less. So, skip your pet’s names, your license plate, your kid’s names, etc., when you set up your passwords.
- Use CAPITAL letters and numbers
If you were to make up a password, and use, say, the word “password,” remember that PaSsW0rD is parsed totally different by a server than an all-lower-case password is. Capital letters and numbers will strengthen your passwords immeasurably. In the example above, I used the number 0 for an O, and made almost every other letter a capital letter.
- Reuse Multiple Passwords!
I highly recommend using more than on password for everywhere that you use passwords. For example, when you login to a web-based email account such as Yahoo Mail or Gmail, use a 6-8 character password that has at least 1 number, 1 capital letter and 1 special character such as the caret (^). This will be a weaker password than you would use for your Internet connection, which should be 8-10 characters, including 2 numbers, 2 capital letters and 1 special character. This password can also be reused for other accounts you may have, excluding anything that is financial. For financial use, such as online banking and credit card transactions, use a 10-12 character password that is DIFFERENT than your Internet connection password. If, for some reason, your Internet connection password is stolen, you still have a discrete financial password that is safe.
Don’t Share The Operating System Partition!
In the multiple-computer era, users will set up file-sharing among the different computers they have in their homes so they don’t have to physically carry a CD-Rom or a thumb drive with files on it from one computer to another (called a sneakernet). Of course, it is easier to share the hard drives and just click your mouse to send a file from your laptop to your desktop computer. However, if the entire hard drive is shared (including your Windows directory), someone can delete important system files accidentally or, if there is a hacker wandering around on your hard drive, the directory can be compromised so that your computer could be controlled by someone else.
Additionally, if someone were to put a key-logger on your computer, they could actually remotely watch and record every character that you typed, including passwords or your social security number. If you want to share resources on your home network, just share a single directory such as “My Documents,” or set up a special directory just for the purpose of sharing files.
This is just an introduction to basic security measures that you should have in place in your home or at work. There are so many other things that you can do to safeguard your data and your computer, including staying away from P2P (Peer to Peer) file-sharing programs such as Kazaa and Edonkey. Also, you should have more than one email address, including a web-based account which you should just use for junk mail.
So, simply stated, use your common sense and protect your network, passwords, and resources with some of the measures I have just mentioned. It might save you from walking down the street one day and meeting someone else who just happens to be you.
Learn more about network security with Train Signal’s CompTIA Network+ training!
- 12+ hours of instructor led video training
- 120 CompTIA Network+ exam questions
Find out more and view the free demo here!