Presentation is loading. Please wait.

Presentation is loading. Please wait.

SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web.

Published byEustace Wheeler Modified over 8 years ago

Similar presentations

Presentation on theme: "SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web."— Presentation transcript:

1 SOHO Security Recommendations

2 Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web site with this information Strong password  14 characters letters, numbers and symbols …… at least  Change it every 3 months ……. at least

3 Change the default SSID Service Set Identifier  Identifies the Wireless LAN The router has one from factory  LINKSYS6557  PRODIGY-2341  WIRENET4536 They give away mark/model  A search in google will give manufacturer and model  And configuration commands Eight characters long, minimum Alphanumeric and symbols Change the name “often”

4 Disable SSID broadcast Better to be anonymous  The attackers do not know of your existence They know there is network but the don't know the name The beacon frame carries the SSID

5 Enable WEP encryption …. at least WEP is not the best, but …......... it's better than not to have anything at all

6 Do not allow remote access Do not access your router remotely over the Internet  It is the default  Web server in the router (embedded) is dangerous If it is really needed  SSH or VPN (configure NAT)

7 Do not use default IP ranges Typical addresses are well known Network 192.168.1.0, 192.168.254.0 Assign new ones manually The attacker will know less about your network Less information → more work OR Disable DHCP

8 Change the AP default IP address Everyone knows  192.168.1.254, 192.168.1.1, 192.168.0.1, 192.168.0.254 It is the most important device in your network  Hide its IP address

9 Logout after any configuration Logout from the router Some attacks work if an account is still authenticated  CSRF (Cross Site Request Forgery)

10 Do not enable WPS Wi-Fi Protected Setup Very easy to set up clients and repeaters But lately known flaws make it easier for attackers to find out your password

11 Enable MAC filtering Every one can enter the network If they cannot enter they cannot do anything They cannot receive anything Besides encryption not instead of But sometimes is the only viable solution  Big companies  ITESM

12 Adequate AP location Maximize internal reception  Get to every machine Minimize external reception  Machines from the outside cannot receive aproper signal

13 Enable the firewall You have MAC/IP addresses and port numbers  ……. and more Design good rules The AP/router is the first point of defense  And sometimes the only one

14 Monitor and Log Monitor wireless traffic  To identify unauthorized activity  WIDS  Review the logs Check for unknown devices Enable router logging  Device access, intrusions, attacks, etc Review the logs…………….periodically

15 Disable UPnP Universal Plug and Play Allows the discovery among devices and establish connections for data sharing Intended for residential networks  Connections from and to the Internet  Seamlessly Can you live without P2P?

16 Utilizar 802.11i Much more robust than WEP It is alittle more complicated (?), but ….....

17 Turn off the network when not in use Disable DMZ Disable unnecessary services Disable PING response

18 Don’t forget to update your router firmware PERIODICALLY

Download ppt "SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web."

Similar presentations

DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber

Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.

Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security Awareness Chapter 5 Wireless Network Security.

Security Awareness Chapter 5 Wireless Network Security.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Wi-Fi Structures.

Wi-Fi Structures.
Chapter 9 Connecting to and Setting up a Network

Chapter 9 Connecting to and Setting up a Network
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
DVG-N5402SP.

DVG-N5402SP.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Similar presentations

Ads by Google