Securing Wireless Networks

Cyber Security Tip ST05-003
How do wireless networks work?

As the name suggests, wireless networks, sometimes called WiFi, allow you to connect to the internet without relying on wires. If your home, office, airport, or even local coffee shop has a wireless connection, you can access the network from anywhere that is within that wireless area.

Wireless networks rely on radio waves rather than wires to connect computers to the internet. A transmitter, known as a wireless access point or gateway, is wired into an internet connection. This provides a “hotspot” that transmits the connectivity over radio waves. Hotspots have identifying information, including an item called an SSID (service set identifier), that allow computers to locate them. Computers that have a wireless card and have permission to access the wireless frequency can take advantage of the network connection. Some computers may automatically identify open wireless networks in a given area, while others may require that you locate and manually enter information such as the SSID.

What security threats are associated with wireless networks?
Because wireless networks do not require a wire between a computer and the internet connection, it is possible for attackers who are within range to hijack or intercept an unprotected connection. A practice known as wardriving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then usually posted online. Some individuals who participate in or take advantage of wardriving have malicious intent and could use this information to hijack your home wireless network or intercept the connection between your computer and a particular hotspot.
What can you do to minimize the risks to your wireless network?

* Change default passwords – Most network devices, including wireless access points, are pre-configured with default administrator passwords to simplify setup. These default passwords are easily found online, so they don’t provide any protection. Changing default passwords makes it harder for attackers to take control of the device (see Choosing and Protecting Passwords for more information).

* Restrict access – Only allow authorized users to access your network. Each piece of hardware connected to a network has a MAC (media access control) address. You can restrict or allow access to your network by filtering MAC addresses. Consult your user documentation to get specific information about enabling these features. There are also several technologies available that require wireless users to authenticate before accessing the network.

* Encrypt the data on your network – WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) both encrypt information on wireless devices. However, WEP has a number of security issues that make it less effective than WPA, so you should specifically look for gear that supports encryption via WPA. Encrypting the data would prevent anyone who might be able to access your network from viewing your data (see Understanding Encryption for more information).

* Protect your SSID – To avoid outsiders easily accessing your network, avoid publicizing your SSID. Consult your user documentation to see if you can change the default SSID to make it more difficult to guess.

* Install a firewall – While it is a good security practice to install a firewall on your network, you should also install a firewall directly on your wireless devices (a host-based firewall). Attackers who can directly tap into your wireless network may be able to circumvent your network firewall—a host-based firewall will add a layer of protection to the data on your computer (see Understanding Firewalls for more information).

* Maintain anti-virus software – You can reduce the damage attackers may be able to inflict on your network and wireless computer by installing anti-virus software and keeping your virus definitions up to date (see Understanding Anti-Virus Software for more information). Many of these programs also have additional features that may protect against or detect spyware and Trojan horses (see Recognizing and Avoiding Spyware and Why is Cyber Security a Problem? for more information).

Authors: Mindi McDowell, Allen Householder, Matt Lytle Copyright 2005 Carnegie Mellon University. Terms of use

Last updated March 11, 2010

Why is Cyber Security a Problem?

Cyber Security Tip ST04-001
What is cyber security?

It seems that everything relies on computers and the internet now — communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else’s system?

Cyber security involves protecting that information by preventing, detecting, and responding to attacks.

What are the risks?
There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there’s no 100% guarantee that even with the best precautions some of these things won’t happen to you, but there are steps you can take to minimize the chances.

What can you do?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with them.

Hacker, attacker, or intruder – These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).

Malicious code – Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. Malicious code can have the following characteristics:
o It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
o Some forms propagate without user intervention and typically start by exploiting a software vulnerability. Once the victim computer has been infected, the malicious code will attempt to find and infect other computers. This code can also propagate via email, websites, or network-based software.
o Some malicious code claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.

Viruses and worms are examples of malicious code.

Vulnerability – In most cases, vulnerabilities are caused by programming errors in software. Attackers might be able to take advantage of these errors to infect your computer, so it is important to apply updates or patches that address known vulnerabilities (see Understanding Patches for more information).

This series of cyber security tips will give you more information about how to recognize and protect yourself from attacks.

Authors: Mindi McDowell, Allen Householder Copyright 2004, 2009 Carnegie Mellon University. Terms of use

Understanding Your Computer: Web Browsers

Cyber Security Tip ST04-022

Web browsers allow you to navigate the internet. There are a variety of options available, so you can choose the one that best suits your needs.

How do web browsers work?

A web browser is an application that finds and displays web pages. It coordinates communication between your computer and the web server where a particular website “lives.”

When you open your browser and type in a web address (URL) for a website, the browser submits a request to the server, or servers, that provide the content for that page. The browser then processes the code from the server (written in a language such as HTML, JavaScript, or XML) and loads any other elements (such as Flash, Java, or ActiveX) that are necessary to generate content for the page. After the browser has gathered and processed all of the components, it displays the complete, formatted web page. Every time you perform an action on the page, such as clicking buttons and following links, the browser continues the process of requesting, processing, and presenting content.

How many browsers are there?

There are many different browsers. Most users are familiar with graphical browsers, which display both text and graphics and may also display multimedia elements such as sound or video clips. However, there are also text-based browsers. The following are some well-known browsers:

• Internet Explorer
• Firefox
• AOL
• Opera
• Safari – a browser specifically designed for Macintosh computers
• Lynx – a text-based browser desirable for vision-impaired users because of the availability of special devices that read the text

How do you choose a browser?

A browser is usually included with the installation of your operating system, but you are not restricted to that choice. Some of the factors to consider when deciding which browser best suits your needs include

• compatibility – Does the browser work with your operating system?
• security – Do you feel that your browser offers you the level of security you want?
• ease of use – Are the menus and options easy to understand and use?
• functionality – Does the browser interpret web content correctly? If you need to install other plug-ins or devices to translate certain types of content, do they work?
• appeal – Do you find the interface and way the browser interprets web content visually appealing?

Can you have more than one browser installed at the same time?

If you decide to change your browser or add another one, you don’t have to uninstall the browser that’s currently on your computer—you can have more than one browser on your computer at once. However, you will be prompted to choose one as your default browser. Anytime you follow a link in an email message or document, or you double-click a shortcut to a web page on your desktop, the page will open using your default browser. You can manually open the page in another browser.

Most vendors give you the option to download their browsers directly from their websites. Make sure to verify the authenticity of the site before downloading any files. To further minimize risk, follow other good security practices, like using a firewall and keeping anti-virus software up to date (see Understanding Firewalls, Understanding Anti-Virus Software, and other US-CERT Cyber Security Tips for more information).

---

Author: Mindi McDowell

---

Copyright 2004, 2010 Carnegie Mellon University. Terms of use

Mail.app – Rebuilding mailboxes

In some cases, you might need to rebuild a mailbox to update the list of messages in the mailbox–for example, if messages appear to be missing or garbled, or if you can’t find all relevant messages by searching. Rebuilding a mailbox can take awhile; it’s recommended for fast Internet connections only.

To rebuild a selected mailbox:

Choose Mailbox > Rebuild.

For IMAP accounts, locally cached messages and attachments are discarded and the messages and attachments are downloaded again from the server to your computer. Your mailbox appears empty until the download is complete.

Facebook privacy: a guide – Ars Technica

Facebook privacy: a guide

Facebook has decent privacy controls, but most users don’t realize how to take full advantage of them. Ars guides you through Facebook’s privacy settings so that you can be both social and respectable at the same time.

Read the complete article: Facebook privacy: a guide – Ars Technica.