Securing Wireless Networks

Cyber Security Tip ST05-003
How do wireless networks work?

As the name suggests, wireless networks, sometimes called WiFi, allow you to connect to the internet without relying on wires. If your home, office, airport, or even local coffee shop has a wireless connection, you can access the network from anywhere that is within that wireless area.

Wireless networks rely on radio waves rather than wires to connect computers to the internet. A transmitter, known as a wireless access point or gateway, is wired into an internet connection. This provides a “hotspot” that transmits the connectivity over radio waves. Hotspots have identifying information, including an item called an SSID (service set identifier), that allow computers to locate them. Computers that have a wireless card and have permission to access the wireless frequency can take advantage of the network connection. Some computers may automatically identify open wireless networks in a given area, while others may require that you locate and manually enter information such as the SSID.

What security threats are associated with wireless networks?
Because wireless networks do not require a wire between a computer and the internet connection, it is possible for attackers who are within range to hijack or intercept an unprotected connection. A practice known as wardriving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then usually posted online. Some individuals who participate in or take advantage of wardriving have malicious intent and could use this information to hijack your home wireless network or intercept the connection between your computer and a particular hotspot.
What can you do to minimize the risks to your wireless network?

* Change default passwords – Most network devices, including wireless access points, are pre-configured with default administrator passwords to simplify setup. These default passwords are easily found online, so they don’t provide any protection. Changing default passwords makes it harder for attackers to take control of the device (see Choosing and Protecting Passwords for more information).

* Restrict access – Only allow authorized users to access your network. Each piece of hardware connected to a network has a MAC (media access control) address. You can restrict or allow access to your network by filtering MAC addresses. Consult your user documentation to get specific information about enabling these features. There are also several technologies available that require wireless users to authenticate before accessing the network.

* Encrypt the data on your network – WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) both encrypt information on wireless devices. However, WEP has a number of security issues that make it less effective than WPA, so you should specifically look for gear that supports encryption via WPA. Encrypting the data would prevent anyone who might be able to access your network from viewing your data (see Understanding Encryption for more information).

* Protect your SSID – To avoid outsiders easily accessing your network, avoid publicizing your SSID. Consult your user documentation to see if you can change the default SSID to make it more difficult to guess.

* Install a firewall – While it is a good security practice to install a firewall on your network, you should also install a firewall directly on your wireless devices (a host-based firewall). Attackers who can directly tap into your wireless network may be able to circumvent your network firewall—a host-based firewall will add a layer of protection to the data on your computer (see Understanding Firewalls for more information).

* Maintain anti-virus software – You can reduce the damage attackers may be able to inflict on your network and wireless computer by installing anti-virus software and keeping your virus definitions up to date (see Understanding Anti-Virus Software for more information). Many of these programs also have additional features that may protect against or detect spyware and Trojan horses (see Recognizing and Avoiding Spyware and Why is Cyber Security a Problem? for more information).

Authors: Mindi McDowell, Allen Householder, Matt Lytle Copyright 2005 Carnegie Mellon University. Terms of use

Last updated March 11, 2010

Why is Cyber Security a Problem?

Cyber Security Tip ST04-001
What is cyber security?

It seems that everything relies on computers and the internet now — communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else’s system?

Cyber security involves protecting that information by preventing, detecting, and responding to attacks.

What are the risks?
There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there’s no 100% guarantee that even with the best precautions some of these things won’t happen to you, but there are steps you can take to minimize the chances.

What can you do?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with them.

Hacker, attacker, or intruder – These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).

Malicious code – Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. Malicious code can have the following characteristics:
o It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
o Some forms propagate without user intervention and typically start by exploiting a software vulnerability. Once the victim computer has been infected, the malicious code will attempt to find and infect other computers. This code can also propagate via email, websites, or network-based software.
o Some malicious code claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.

Viruses and worms are examples of malicious code.

Vulnerability – In most cases, vulnerabilities are caused by programming errors in software. Attackers might be able to take advantage of these errors to infect your computer, so it is important to apply updates or patches that address known vulnerabilities (see Understanding Patches for more information).

This series of cyber security tips will give you more information about how to recognize and protect yourself from attacks.

Authors: Mindi McDowell, Allen Householder Copyright 2004, 2009 Carnegie Mellon University. Terms of use

Ejecting a disc that’s stuck in your Mac

If a CD or DVD refuses to eject, and it’s definitely not in use by any programs, try restarting the Mac whilst holding down the left mouse button. This should force the opening of all optical drives and eject your troublesome disc. You could also open Terminal and type drutil tray open, then hit [Enter]. If other devices like USB or FireWire hard drives, memory sticks or iPods refuse to eject, the safest course of action is to shut down the Mac, disconnect the device and then restart. Often, a device will then behave normally.

via Quick fixes for 10 common Mac problems | News | TechRadar UK.

Top 5 Effective E-mail “Do’s

Top 5 Dos

5. Put important information in bold, so it’s easier to see. Likewise, if you’ve addressed an e-mail to several people and there’s an action for a certain person, bold his or her name when you address the issue. Use bold sparingly, though.

4. If action is required, say so at the start of the e-mail. Don’t tell a long story with the requested action at the bottom. This is called the BLUF method, but I also tend to call it “getting to the verb.”

3. Keep your signature short and professional. Lose the pithy quote and just include your title and phone number.

2. Keep the subject line relevant. If the topic changes over the course of a long thread, update the subject so it’s relevant.

1. Proof your e-mail before you send it. And make sure your spell checker is running.

via Top 5 Best Practices for Writing Effective E-mail | Business Hacks | BNET.

Top 5 Effective E-mail “Dont’s

Top 5 Don’ts

5. Don’t ever type anything in ALL CAPS, even to get someone’s attention. If you need to catch someone’s eye with something important, put it in bold.

4. Don’t include your entire team or your boss on every e-mail you send. Be selective.

3. Don’t send large attachments unless absolutely necessary, especially to a mailing list or distribution list. If possible, upload your files to the cloud, such as DropBox or MemoPal and provide a link.

2. Don’t send e-mail when you’re emotional. If you’re responding to someone that has made you angry, save the message in your drafts folder until you can proof-read it more objectively, and then send the e-mail.

1. Don’t try to be funny, especially to a mixed audience. The chances of being misunderstood are astronomical.

via Top 5 Best Practices for Writing Effective E-mail | Business Hacks | BNET.

Mail features you aren’t using: The Photo Browser

Want to attach an image to an e-mail message? Use Mail’s Photo Browser to grab a photo from your iPhoto library without launching iPhoto.I can’t tell you how many times I’ve wanted to mail someone a photo, and my first impulse was to launch iPhoto and then drag an image into Mail or use iPhoto’s Share -> Email command. But there’s a quicker and easier way. In Mail, just choose Window -> Photo Browser. A floating window appears instantly, showing the complete contents of your iPhoto library. Locate the picture you want, drag it into a message window, and you’re done.

via The seven most underused Mail features | Business Center | Working Mac | Macworld.

Mail features you aren’t using: Plain Text

This may be a bit of a personal bias, but I like to receive e-mail in plain text (so that I get to decide what font, size, style, and color messages use). I also like to extend that courtesy to others. Mail uses Rich Text by default for outgoing messages, but you can change this by choosing Mail -> Preferences, clicking on the Composing icon on the toolbar, and choosing Plain Text from the Message Format menu. (To change the format for an individual message, choose Format -> Make Rich Text or Format -> Make Plain Text.) To force incoming mail to display in plain text by default (which isn’t possible for all messages), you need to quit Mail, open Terminal (in /Applications/Utilities) and enter the following command: defaults write com.apple.mail PreferPlainText -bool TRUE. To switch to styled text (if available) when viewing a plain-text message, choose View -> Message -> Best Alternative.

via The seven most underused Mail features | Business Center | Working Mac | Macworld.