Many people are surprised to learn they are criminally responsible for the use of their home network. In some jurisdictions it's a crime to run an unsecured wireless network. Here are 11 things you should know about your network in order to avoid future issues:
- Encrypt your wireless network - Use WPA, never use WEP. While WPA can still be broken, it's widely available, stronger than WEP, and is actually easier to setup.
- Hide your SSID - Less visibility is always better.
- Control addressing - Use a subnet calculator to calculate a new address scheme, link addresses to machines if using DHCP, or use static addressing.
- Block basic protocols - Most users can block protocols like TFTP, Telnet, and SNMP on their network. If no file shares are present, protocols like SMB and NFS can be blocked. It's worth looking into.
- Enable Logging - Make it a point to check your logs every week.
- Adjust network range - Play with this setting until you achieve the right balance of lowest range setting and connectivity. Most users don't need to run their router full on.
- Turn off "Web Utility Access" - Only allow your router to be configured from a wired connection.
- Turn off Remote Management - If you can access your router's settings over the network, so can an attacker.
- Block the IPs of any machine you don't want accessing the web
- Use Wireless MAC filtering - By restricting access to only your machines, you reduce the risk of infiltration.
- Change the default password and username.
No comments:
Post a Comment