Well it’s been a while since I’ve last provided any free advice through this forum, but I haven’t forgotten you dear reader. This is short update to ‘Keeping Your Wireless Network Safe‘. Since that post I been busy with other things, completing some degrees, receiving some security awards and learning two languages, but that’s another story. Point is I’ve hardly had time to scratch myself, but it’s been keeping me out of trouble. Well that’s my story, my dear wife might disagree.
In the last post I highlighted the need for encryption and MAC filtering, but I want to add a few more ideas that should assist you in having a trouble free WIFI experience.
Lock Down Your Router!
Perhaps the single most important thing you can do with any network is to lock down its router, both literally if you’re in a public place, but especially virtually. As I assume you know how to lock stuff up in a physical sense, the rest of this blog will give some added pointers to securing your router from network nasties.
If you have a home or small business network, there is a good chance the access security to your router can easily be compromised. Why is that such a big deal? Well if ‘Dan Dodgy’ can access your router, he can effectively high-jack your internet use, read your online passwords and cause you considerable misery. Once access is gained it is very easy to route all internet traffic you generate through a middle point which can sniff for passwords and such. The lesson then? Lock down your router.
Two Keys to Virtually Securing Your Router
The first and most obvious thing to do is to ensure the password to access the router (not the password to access your internet) is good. The blog ‘A Word About Passwords‘ should serve as a good refresher and basically covers all you need to know. As that was written in October of 2014, I’d like to add just a few extra points. Make the password longer than 8 characters and do not use a word or combination of words. It is relatively easy to automate cracking a password under 8 characters long, so that is your sweet spot, 8 or more characters. Words can easily be cracked by computers using what is called a dictionary attack, so avoid using words.
The second less obvious thing to do to secure your router is to remove, disable or kill WPS (WIFI Protected Setup). WPS is inherently flawed. You’re probably familiar with WPS without knowing it. Most domestic routers have button you press, which facilitates easy WIFI connection to your various devices. This is the button from cyber hell, push it if you dare, okay I’m being stupid, but the point I’m trying to make is you’re better off without ever using it or enabling it. Without getting into the nitty-gritty, the system uses a set number of PINs which allows a dodgy version of me to run a program remotely and usually break into the router within 24 hours. Before you dismiss this along the lines of ‘why would someone twiddle away for 24 hours trying to break into my router’ you should understand that they don’t. All that needs to be done to break WPS is to run the program and walk away. Even the more expensive routers that can detect multiple remote attempts to connect can be fooled very easily programmatically simply by adjusting a few settings and letting the attacking computer do the work at fooling the router. This is not just easy, it’s basically guaranteed. The lesson, kill WPS, don’t use it and don’t have it enabled.
Well I hope I haven’t scared you off the internet or using WIFI. Provided you keep in might the advice offered in these and other blogs, you should be fine. Until next time, stay safe and keep out of trouble, after all, you’ve got to give people like me something to aspire to.
Bill from PixelPrivacy has a more detailed article you can read in addition which tells you why you should not re-use passwords.