Mobility Today Live is sponsored by BodyGuardz.
Mobility Today & Mobile Electronics News
 

    Home Hardware Store Software Forums News Reviews Podcasts Advertise Contact Us XML Feed
Search Mobility Today
Login or register, it's free!
Recent Mobility Discussions
Bar Refaeli Wallpapers
I found 50 smoking hot 320x480 Bar Refaeli wallpapers here:
Forum: palm Pre
by Richard Cooper, 6 hours ago
Recent Mobility Reviews
View all past reviews »
Recent Mobility News
Full News Archive »
Mobility Today Store
Accessory Deals
Batteries
Bluetooth
Car Kits
Card Readers
Cases
Chargers & Cables
Cradles
GPS Navigation
Headphones
Headsets
Keyboards
Memory Cards
Music & Video
Printers
Recovery Service
Screen Protectors
Signal Boosters
On CD-ROM
Spare Parts
Styli
WiFi
Mobility Today Forums
Cellular Carriers
Apple iPhone
GPS
Mobile Computing
Palm
Research in Motion
Symbian
Tech Zone
Windows Mobile
Mobility Today Podcasts
Audio Podcast
Video Podcast
Audio RSS Feed
Video RSS Feed
iTunes Audio Feed
iTunes Video Feed
Yahoo Podcast Feed
Skype Us
Mobility Today Links
About Us @ Mobility Today
Advertise
Contact the Staff
Dave's Blog
Home » Reviews » Mobility Today » SECURITY IN A MOBILE WORLD! ---- PART I

SECURITY IN A MOBILE WORLD! ---- PART I

By , posted Thursday, Mar. 16th, 2006
Reader Comments: 8



THE PRACTICAL APPLICATION OF SECURITY: LOCKING DOWN YOUR NETWORK

Ok, hopefully I have managed to convince you that it IS in your best interest to “Lockdown” your Router or Access Point. Along these same lines, there are many steps you can take to reduce or minimize your Security exposure. Here are a few of the more simple (yet exceedingly important) issues to consider:

1.) Change the default password: The default passwords used by the larger Router/AP manufacturers are well known among the hacking communities. Changing this setting should be your first priority once you plug in and log into the new Router/AP to begin configuring it. Always pick a password that will be extremely complicated and is not composed of words you would find in a dictionary (since you don’t want a dictionary attack on the password to succeed).

2.) Enable your Router/AP Firewall: Most every Router/AP has some kind of Firewall built into it, and most are enabled by default. If your Firewall is disabled by default, enable it as soon as is possible! If your Firewall is managed (that is to say, the manufacturer provides updates to the Firewall that include patches for the newest vulnerabilities, and updated definitions which teaches the Router how to recognize the newest hacking exploits.

Just installed your Firewall? Do you think your Internet connection is secure? A quick check (less than 3 minutes) at Gibson Research Corporation's ShieldsUP! website will tell you what (if any) ports your Router still has open.

3.) Change your “default” SSID name: Your (Service Set Identifier) name (or network name) should be changed from the default name to something that does not describe you, your company (for those in business environments), or your surroundings. Additionally, you should avoid basing this name on any personal information like your family name, address, apartment name/number, etc.

Continuing to use the SSID name that your Router came with (referred to as the “Default SSID”) makes a hacker’s job easier because each vendor uses a different default SSID name. This means that a hacker could tell what brand of Router/AP you own based on the default name, and would also know which vulnerability to take advantage of to hack your Router/AP.

For Example:
- 3COM=101,
- Agere=WaveLAN,
- Cisco=tsunami,
- D-Link=default,
- Linksys=Linksys,
- HP=HPInvent

You should follow these Naming Convention guidelines for creating your SSID name:
- Omit underscore [disliked by Windows] from SSID name.
- It has been rumored (but not confirmed) that the dash character may need to be omitted due to some incompatibility issues with Unix systems. If you do not interface with *nix systems, my experience is that this is a non-issue.
- Use only Alpha-Numeric Characters to compose the SSID name.
- Limit length of name to 32 Characters, with a minimum of 4 characters.


4.) Enable Encryption: Use the highest encryption mode your Router/AP is capable of providing which is compatible with your devices. This ensures that the transmission of Wireless Data is as secure as possible

- Good: WEP or Wireless Equivalent Privacy is widely known to be a weak encryption protocol, and is therefore easily deciphered by some of the more knowledgeable hackers. However, it will still provide an effective “first line of defense” by encrypting the traffic between your wireless device and your Router/AP, and will successfully deter general freeloaders and amateur hackers .

- Better: A better level of protection is to use WPA-PSK (Wi-Fi Protected Access – Pre Shared Key) Authentication with TKIP (Temporal Key Integrity Protocol) encryption. This encryption scheme rotates the encryption key every few packets to further obscure the original Key, making a hacker’s job far harder. This encryption has no published or real-world vulnerabilities, but there are several “theories” as to how it can be attacked.

- Best: The best level of protection to use is AES (Advanced Encryption System), but this type of encryption generally requires newer Routers with faster hardware to properly handle the massive complexity of the AES encryption and decryption algorithm. This encryption scheme is rated very high and is currently unbreakable, although plenty of brain-trusts have published articles which theorize on the particular weaknesses of this technology. As of the time of the writing of this article, no known exploits exist which can actually crack or break this encryption technology.

1  2  3  [4]  5  Next »

Post your comments
Shhhh.. Nobody is supposed to know...Lol...
Posted by David Ciccone, Thursday, Mar. 16th, 2006
fantastic read f,sure and you do look like Patrick Norton form the Screensavers.
Posted by phil cotton, Thursday, Mar. 16th, 2006
Splendid work, Elrendhel! I'm waiting for Part 2 now.
Posted by MarcoMillions, Tuesday, Oct. 11th, 2005
Thanks everyone! I hope this article is of help to most users.

And no Dave, no one has ever said I looked like Patrick Norton from TechTV. :)
Posted by , Monday, Oct. 10th, 2005
Dave,

Great job. This is a great article for both new people and seasoned vets. Nicely done.

Thanks,

Steve
Posted by Steve Trotto, Monday, Oct. 10th, 2005
Great presentation!
Posted by jpmihalk, Monday, Oct. 10th, 2005
WOW - haven't had time to read this all the way thru, but I know I'm going to benefit so much from this. Elrendhel, thank you so much for all the incredible amount of work that this must have taken. It will be a tremendously valuable resource for this community.
Posted by Laura, Sunday, Oct. 9th, 2005
Dave what a fabulous job! I know all the time and hard work that went into this project and hope our readers benefit from this! I know I have! BTW did anyone ever tell you that you look like Patrick Norton from TechTV The Screensavers?
Posted by David Ciccone, Sunday, Oct. 9th, 2005
Login with your Mobility Today account below or Register to post a comment!

You may also use your Facebook account to post comments:

All trademarks are owned by their respective companies. All site video, graphic and text content is copyrighted to the respective party and may not be reproduced without express written consent.

Mobility Today is a Handheld Marketing Group, LLC company - © 2010 All rights reserved. [Privacy]
Content Management by Merge Web Design Vancouver