configuring your home network
DESCRIPTION
TRANSCRIPT
Simple ways to secure Simple ways to secure Wireless ComputersWireless Computers
Jay Ferron,
ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI
QuestionsQuestions
How many of you have more than one How many of you have more than one computer at home?computer at home?
How do you connect to the Internet (DSL, How do you connect to the Internet (DSL, cable, dialup)?cable, dialup)?
How many already have a home router? How many already have a home router?
Already have a wireless router?Already have a wireless router?
AgendaAgenda
What is a Home networkWhat is a Home network
Connecting things togetherConnecting things together
Firewalls and FilteringFirewalls and Filtering
Setting up a home routerSetting up a home router
Setting up Print and File SharingSetting up Print and File Sharing
QuestionsQuestions
Home NetworkHome Network
One or more computers connected:One or more computers connected: To the Internet with a routerTo the Internet with a router To each other in order to share Resources: To each other in order to share Resources:
Internet ConnectionsInternet Connections
Sharing FilesSharing Files
Sharing PrintersSharing Printers
What is a RouterWhat is a Router
Connects one network to anotherConnects one network to another
Sometimes called a “Gateway”Sometimes called a “Gateway”
In our case it connects to your cable In our case it connects to your cable modem or DSL Linemodem or DSL Line
Routers keep track of IP addresses and Routers keep track of IP addresses and physical (MAC) addresses of hostsphysical (MAC) addresses of hosts
Managed (As we shall see)Managed (As we shall see)
What is a Cable/DSL ModemWhat is a Cable/DSL Modem
Usually provided and controlled by your Usually provided and controlled by your ISPISP
Connects your home to the Internet.Connects your home to the Internet.
This is the device that gets your public IP This is the device that gets your public IP addressaddress
Normally has no firewall protectionNormally has no firewall protection
Make sure you use the right cableMake sure you use the right cable
What is a FirewallWhat is a Firewall
A device the filters packets or trafficA device the filters packets or traffic
Its job is to be a traffic copIts job is to be a traffic cop
You configure the firewall:You configure the firewall: What will allow to passWhat will allow to pass What will it blockWhat will it block
Hides your home network from the outside Hides your home network from the outside worldworld
Can be either in hardware or softwareCan be either in hardware or software
Firewall ProtectionFirewall Protection
1.1. Implement a firewall (checks incoming traffic at the network before it gets to your home Implement a firewall (checks incoming traffic at the network before it gets to your home network) Default – Blocks all Incoming connectionsnetwork) Default – Blocks all Incoming connections
2.2. Leaving you home network default is allow all outbound connectionsLeaving you home network default is allow all outbound connections
3.3. Hardware firewalls protect you home network by stop all traffic before it get to your Hardware firewalls protect you home network by stop all traffic before it get to your computers computers
4.4. Personal software firewall on your computer blocks incoming and outgoing (lets you know Personal software firewall on your computer blocks incoming and outgoing (lets you know what is leaving your computer)what is leaving your computer)
FirewallHome
NetworkHome
Network
InternetInternet
Firewall RoutersFirewall Routers
The idea is layers of protectionThe idea is layers of protection
Examples of home combo units includeExamples of home combo units include DlinkDlink NetgearNetgear LinksysLinksys
Software FirewallsSoftware Firewalls
Add additional protection by:Add additional protection by: Controlling what leaves your computerControlling what leaves your computer Adding a second level of protectionAdding a second level of protection By being aware of application level attacksBy being aware of application level attacks By allow you to schedule By allow you to schedule
Usage of the internet by time (control access at Usage of the internet by time (control access at night)night)
By location (block content for young children)By location (block content for young children)
Software Firewalls for Home UseSoftware Firewalls for Home Use
McAfee FirewallMcAfee Firewall
Symantec’s Norton Personal FirewallSymantec’s Norton Personal Firewall
Zone AlarmZone Alarm (Free) (Free)
Computer Associates with Firewall (free)Computer Associates with Firewall (free)
Windows Firewall in XP Service Pack 2 (free) Windows Firewall in XP Service Pack 2 (free)
WirelessWireless
What is wirelessWhat is wireless
Wireless Networking StandardsWireless Networking Standards 802.11 a, b, and g802.11 a, b, and g Recommend a standard “g” modelRecommend a standard “g” model
Wireless Security StandardsWireless Security Standards Recommend Wired Equivalent Privacy (WEP)Recommend Wired Equivalent Privacy (WEP) Wi-Fi Protected Access (WPA)Wi-Fi Protected Access (WPA)
Wireless Wireless Network Network StandardsStandards
StandardStandard DescriptionDescription
802.11802.11
● A group of specifications for A group of specifications for WLANs developed by IEEEWLANs developed by IEEE
● Defines the physical and MAC Defines the physical and MAC portion of the data link layerportion of the data link layer
802.11a802.11a
● Transmission speeds up to 54 Transmission speeds up to 54 megabits per second (Mbps)megabits per second (Mbps)
● Works well in densely Works well in densely populated areaspopulated areas
802.11b802.11b
● 11 Mbps11 Mbps
● Good range but susceptible to Good range but susceptible to radio signal interferenceradio signal interference
802.11g802.11g
● Enhancement to and Enhancement to and compatible with 802.11bcompatible with 802.11b
● 54 Mbps, but at shorter ranges 54 Mbps, but at shorter ranges than 802.11bthan 802.11b
802.1x802.1x
● Authenticates clients before it Authenticates clients before it lets them on the networklets them on the network
● Requires greater hardware and Requires greater hardware and infrastructure investmentinfrastructure investment
Lesson: Introduction to Securing Lesson: Introduction to Securing Wireless NetworksWireless Networks
What are the benefits of wireless networks?What are the benefits of wireless networks?
Common threats to wireless securityCommon threats to wireless security
Wireless network standardsWireless network standards
Guidelines for using security to mitigate risks to wireless networksGuidelines for using security to mitigate risks to wireless networks
Wireless network architectureWireless network architecture
What Are the Benefits of Wireless What Are the Benefits of Wireless Networks?Networks?
● Mobile users moving between offices save time andMobile users moving between offices save time andeffort with a transparent connection to the corporate effort with a transparent connection to the corporate networknetwork
● Mobile users moving between offices save time andMobile users moving between offices save time andeffort with a transparent connection to the corporate effort with a transparent connection to the corporate networknetwork
● Users can use e-mail, electronic calendars, and chat Users can use e-mail, electronic calendars, and chat technologies when away from their deskstechnologies when away from their desks
● Users can use e-mail, electronic calendars, and chat Users can use e-mail, electronic calendars, and chat technologies when away from their deskstechnologies when away from their desks
● The cost of provisioning network access to buildings The cost of provisioning network access to buildings is substantially loweredis substantially lowered
● The cost of provisioning network access to buildings The cost of provisioning network access to buildings is substantially loweredis substantially lowered
● The network can be easily scaled to respond to The network can be easily scaled to respond to different levels of demand when the organization different levels of demand when the organization changeschanges
● The network can be easily scaled to respond to The network can be easily scaled to respond to different levels of demand when the organization different levels of demand when the organization changeschanges
Operational benefits:
Business benefits:
Common Threats to Wireless Common Threats to Wireless SecuritySecurity
● Eavesdropping Eavesdropping
● SpoofingSpoofing
● Interception and modification of transmitted Interception and modification of transmitted datadata
● FreeloadingFreeloading
● Denial of service Denial of service
● Rogue WLANsRogue WLANs
● Eavesdropping Eavesdropping
● SpoofingSpoofing
● Interception and modification of transmitted Interception and modification of transmitted datadata
● FreeloadingFreeloading
● Denial of service Denial of service
● Rogue WLANsRogue WLANs
Guidelines for Using Security to Mitigate Guidelines for Using Security to Mitigate Risks to Wireless NetworksRisks to Wireless Networks
Specify the use of software scanning tools Specify the use of software scanning tools to locate and shut down rogue WLANs on to locate and shut down rogue WLANs on your corporate network your corporate network
Specify the use of software scanning tools Specify the use of software scanning tools to locate and shut down rogue WLANs on to locate and shut down rogue WLANs on your corporate network your corporate network
If you allow unauthenticated access to If you allow unauthenticated access to your wireless network, require a VPN your wireless network, require a VPN connection to access the corporate connection to access the corporate network network
If you allow unauthenticated access to If you allow unauthenticated access to your wireless network, require a VPN your wireless network, require a VPN connection to access the corporate connection to access the corporate network network
Require data encryption for all wireless Require data encryption for all wireless communicationscommunications Require data encryption for all wireless Require data encryption for all wireless communicationscommunications
Require 802.1x authentication to help Require 802.1x authentication to help prevent spoofing, freeloading, and prevent spoofing, freeloading, and accidental threats to your networkaccidental threats to your network
Require 802.1x authentication to help Require 802.1x authentication to help prevent spoofing, freeloading, and prevent spoofing, freeloading, and accidental threats to your networkaccidental threats to your network
Wireless Network ArchitectureWireless Network Architecture
BSS
BSS
DS
ESSIBSS
STASTA
STASTASTASTA
STASTA
APAP
APAP
Demo: Demo: Wireless Devices Wireless Devices
Clearsight ScannerClearsight Scanner
Demo: How to configure Wireless Demo: How to configure Wireless Firewall/router Firewall/router
Example:Example: Basic SettingsBasic Settings Wireless SettingsWireless Settings Backup SettingsBackup Settings Set Account name and passwordSet Account name and password Blocking and FilteringBlocking and Filtering
Steps to protect your wireless Steps to protect your wireless networknetwork
1. Change the default password on your router
2. Enable WEP on router and wireless workstation
3. Use MAC address filtering
4. SSID broadcast of
5. Prohibit Peer-to-peer (Ad Hoc) networking
5. Keep current on hardware bios upgrades
Demo: Demo: Rogue Wireless Devices Rogue Wireless Devices
AirSnareAirSnare AirSnareAirSnare
Weak PasswordsWeak Passwords
Your computer password is the Your computer password is the foundation of your computer securityfoundation of your computer security
No Password = No Security No Password = No Security
Old Passwords & Same Password = Little SecurityOld Passwords & Same Password = Little Security
Change the “administrator” password on your Change the “administrator” password on your computercomputer
QuestionsQuestions
WWW.MIR.NETWWW.MIR.NET
FOR COPIES OF THIS DECKFOR COPIES OF THIS DECK