Tuesday, April 8, 2014

Guidelines for securing Operating System Part 11 – Wireless Network Connections – Tech Tuesday

Hey all my dear readers! :D I hope you all are doing great! ^_^



Continuing the Security Tips series I started in July '13, today I wish to discuss with you all the topics listed after the following links. Just in case you want to access the last posts in this series, here are the links:

Part 1: General Guidelines - Click Here
Part 2: Microsoft Windows - Click Here
Part 3: Macintosh - Click Here
Part 4: Guest Accounts - Click Here
Part 5: Windows Firewall - Click Here
Part 6: Event Viewer & Netstat - Click Here
Part 7: Antiviruses - Click Here
Part 8: Data Encryption - Click Here
Part 9: Cryptography Tools & True Crypt - Click Here
Part 10: Browser Security - Click Here

Today I am going to discuss with you all certain aspects about Wireless Network Connections & Security.

Let's first consider in brief the structure of this post.

  • Introduction
  • Home Network
  • Steps for Home Networking
  • Wireless Networks
  • Setting up a Wireless Network
  • Common Threats to Wireless Network
  • Wireless Network Security
  • Conclusion/Comments

Introduction


A fast Internet Connection always enhances browsing experience; at the same time, it attracts the attackers seeking someone to play with! So knowledge about setting up a network is necessary, but this knowledge is incomplete without the knowledge about the Network Security.



Home Network


Home computers are widely used to send emails, listen to music, watch videos, download stuff, play games, etc. etc. etc.! And I guess most of the people have more than one computer these days. Many of these people do setup home network, but not all. So I would like to discuss how to do that, how to secure that, and to begin with, why to do that.

With a home network we can optimize the experiences of computers in a home network because:

  • A home network will let the users share Files and Documents
  • A home network will let the users share an Internet Connection
  • A home network will let the users share Printers and Scanners
  • A home network will let the users share Stereos, TV, game systems
  • A home network will let the users share DVD/CD Burners



Steps for Home Networking


Home Networking is the same thing I was telling you earlier, the network setup you use at your home (generally) to connect your personal devices like PCs, laptops, TV, etc.

To setup a home network you require:

  • At least two computers with a LAN card each to setup a network
  • One router to connect the computers (and Internet)
  • Optional: One Internet Subscription Line (If you wish to share an Internet Connection)

To setup a home network:

  • Check the computer’s hardware and make a note of this information
  • Purchase the required hardware, router/hubs/switch. If you wish to share Internet, prefer a switch/router. If you wish to share files, printer, etc. then a hub is good enough. If you wish a wired network, buy LAN Cables, viz. Ethernet cable with RJ-45 socket. If you wish to create a wireless network instead, you’d need additional wireless adapters (or dongles) to connect the devices without the Wi-Fi compatibility.
  • Make sure all the computers have Network Interface Card/LAN Card.
  • Make the connections
  • Select a host computer and connect it to the Internet. You can connect a Router instead.
  • Connect the other devices using the router/switch/hub
  • Install network adapters in all the ocmputers.
  • You might need to restart, though I’d recommend restarting.

Wireless Networks


Wireless networks are used to connect the computers to each other without any cables. They have become popular due to ease of installation and the increasing popularity of mobile devices (laptops, phones, tablets).

The major advantage of this wireless network is user mobility that is of course within a certain range, the range of the wireless network. In order to accommodate enough devices our devices providing this wireless network to the mobile devices should have enough bandwidth.



Setting up a Wireless Network


Now let’s discuss how to setup a wireless network in Windows 7 and Mac OSX.

Setting up a Wireless Network in Windows 7


I consider that you have got a wireless router, a wireless adapter (to connect your PC to the router, if you have Wi-Fi in that already, then you won’t need the adapter). The Wireless router will be fed with the Internet Connection, and the wireless adapter will help connect your PC to the wireless router, hus giving access to the Internet.

Steps:

  • In Start, in the search box, type Network and select Network and Sharing.
  • Click Set up a Connection or Network.
  • Click Set up a new network and click Next.

You can self-guided further! :P



Now consider you wish to make some modifications in this wireless network:

  • Select Manage Wireless Network from Network and Sharing Center
  • Click Add and select Manually create a network profile.


  • Fill in the details
  • Check the option Start this connection automatically and connect even if the network is not broadcasting and click Next
  • Select Change Connection Settings
  • Uncheck the option Connect to a more preferred network if available in the connection tab.
  • In the security tab, select Microsoft Protected EAP (PEAP) and click Settings.
  • Protected EAP properties popup: Check the option Validate server certificate.
  • In Trusted Root Certification Authorities, check Class 3 Public Primary Certification Authority.



  • In select Authentication Method, select Secure password (EAP-MISCHAP v2) and click the Configure button.
  • Uncheck Automatically use my Windows logon name password (and domain if any) and click OK to dismiss each of the open windows.
  • A balloon will appear near the system tray that reads, Additional Information is required to connect to <NAME that you provided>. Click this balloon.
  • Enter your NETID and password. Once validated, another balloon appears, “Additional Information is required to connect”
  • Click the balloon -> OK to agree and validate the server certificate.
  • After few minutes, you will be connected to your wireless network.






Setting up a wireless network in Mac


  • Click Network Pane in system preferences and choose AirPort entry.
  • Check the Show AirPort Status in Menu Bar check box.
  • Choose the system preferences.
  • Click the AirPort status icon in Menu Bar.
  • Click Create network and enter a name for the network.
  • Check the required password check box.
  • Enter a password for your network and then enter it again to confirm it.
  • Click OK.



  • Go to the upper right Airport icon.
  • Select the UConnect option from the drop down menu
  • Complete the User Name and Password fields, select Automatic for 802.1x, and check Remember this network.
  • Click OK
  • Accept the verification certificate by clicking Continue. Now you will be connected to UConnect shortly. If not, you need to check your profile.
  • Go to system preferences and click Network.
  • Verify that you are connected.
  • Select Airport to the left and click Advanced.
  • Click on the 802.1x tab and select the WPA:UConnect profile.
  • Verify that PEAP is the only protocol checked.
  • Select the Configure Trust buton.
  • Select the Servers tab. Click the + and select one of the available servers. Click OK.
  • Hit OK twice and click Apply



Common Threats to Wireless Network


If an attacker gains access to your wireless network, he/she can exploit this weakness to:

  • Read user email and instant messages as they travel across the network.
  • Monitor the websites visited by you.
  • Copy your usernames and/or passwords.
  • View files on the computers and spread malware.
  • Disclose your confidential information.
  • Interrupt the wireless service and implement unauthorized WLAN.
  • Send spam or perform illegal activities with your Internet connection
  • Slow your Internet and/or computer performance.

Wireless Network Security


I have discusses Antiviruses and firewalls in great detail in my earlier posts, and you should read them and make sure you have an updated copy of both. Other things that you need to take care of include:

  • Turn off the network during extended periods of idling/non-use.
  • Revisit WLAN network design for any incorrect access point placements.
  • Do not connect to unprotected wireless networks in public places.
  • Change the default SSID.
  • Change the default administrator password (and preferably usernames too).
  • Disable or turn off SSID broadcast for the network to make the network invisible to attackers.
  • Enable MAC Address filtering to keep track of all network MAC devices connecting to the router.
  • Data transmitting over wireless networks should be encrypted to prevent eavesdropping, interception, and data modification.
  • Network-level denial of service attacks are prevented by using user authentication.
  • Unauthenticated access to the wireless network can be prevented by using a virtual private network (VPN) connection and IPSEC.
  • VPNs keep communications safe by creating tunnels through which the encrypted data travels.
  • A network should be scanned using software scanning tools to locate and shut down rogue WLANs.
  • If the user is connected to an unprotected wireless network at public places, do not visit a website that requires a password unless the website is encrypted.

Conclusion/Comments


I hope you find all the relevant information you must know about the topic of security I discussed with you all today. For any queries or suggestions please feel free to comment here.

I hope you all have a great day ahead! :) Happy Tuesday :) See you all soon! :D


No comments:

Post a Comment

Kindly keep the comments clean and make quality comments that would be worthy in making this blog better! :)