Nowadays, Internet Security is a must for any connected device. 

Unfortunately threats abound on the Internet and hackers, spammers, phishers and identity thieves are always finding new ways to wreak havoc on the unsuspecting or novice web user. If you’re not convinced just read a few of these articles on the BBC News site...

• Bloggers battered by viral storm
• Virus writers target web videos
• Net crime big fear for Britons
• Internet crime to hit homes hard
• Threats on the net
• FBI tries to fight zombie hordes

Scared? You should be... well scared enough to make sure you protect your devices.  If you take proper steps to stay secure then you can relax, just a little.

We recommend maximum protection with the full security set of Firewall, Anti-Virus , Anti-Spyware and Anti-Phishing software. To simplify things you can usually purchase all these softwares as part of an Internet Security Suite.  (Market leaders are Norton and McAfee). 

Make sure you keep your Internet Security software up to date with the latest versions and virus definitions etc. Most software will allow you to enable an auto-update feature, we recommend you set this to regular and frequent update interval, perhaps once a day or at the very least weekly.

Operating System Updates – As soon as security vulnerabilities are exposed in operating systems like Windows (XP/Vista/NT/2000) and Mac OS X, you can be sure that malicious hackers are busying themselves writing code to exploit them! To minimise your risk make sure that you regularly perform operating system updates.

• On Windows PC’s select “Windows Update” from your Programs menu. This will take you to the Windows Update page where you ‘check for updates’. You can also change your updates settings to configure the Windows Update checking to trigger automatically at regular intervals. (Preferably every day).
• On the Mac OS X (Apple) platform there is a similar process. Choose System Preferences from the Apple menu, then from the View menu select Software Update and click the Check Now (for early Mac OS X versions this is Update Now) button. (For Mac OS X 10.3 onwards you can access Software Update directly from the Apple menu).

Wireless (Wi-Fi) networks are increasingly commonplace in broadband connected homes. A home router receives the incoming broadband signal (usually served via ADSL or cable) and connects wirelessly to one or more computers which may be located anywhere in the home.

If your new broadband connection is via a home wireless router then there are additional security measures you need to take.

The wireless signal doesn’t stop at the exterior walls of your home. Unless you secure your home network for the exclusive use of your family, passers-by and/or neighbours, equipped with a PC and wireless modem (antenna) will be able to piggyback your valuable broadband bandwidth for free!

Debate rolls on about the ethics of such Wi-Fi piggybacking. Indeed, individuals have been prosecuted for it. (For more details see these BBC articles: ‘Is stealing wireless wrong?’ and 'Wireless hijacking under scrutiny' ) However, judging by the number of people prepared to admit they’ve done it, we don’t believe Wi-Fi piggybacking is an uncommon practice. The bottom line is that if you don’t secure your home wireless network you can’t guarantee that you’re getting the bandwidth you’re paying for.
 
A bigger reason to secure your home wireless network is the threat of malicious hacking. Remember, you’re home router is the first line of defence for each computer device you connected to it.

So, what steps are needed to secure a wireless home network?

The configuration of different wireless router hardware varies with make and model, but our Wireless Router Security Checklist (below) takes a look at some common settings that should be attended to in order to secure your home network.

---

 

Wireless Router Security Checklist

 

1. Set your router password.

Make sure you alter the password on your router from the factory supplied default. Potential hackers will be well aware of the factory default passwords, if you don't alter yours they might do it for you!

Make sure your chosen password is easy for you to remember but hard for others to guess. It should be at least 8 characters long and contain a combination of letters and numbers.

After resetting the password and configuring your router you are unlikely to use the password again often. If you think you may forget it, then write it down, but make sure you store it somewhere safe.

2. Disable remote router configuration.

Many router setups offer the option of remote configuration. Switching this on allows your router to be reconfigured via any computer connected to the Internet. Make sure this feature is switched off (this is usually the deafult setting). If for some reason remote router reconfiguration is absolutely essential to you then restrict this privilege to specific IP addresses where possible.

3. Reduce wireless transmission power.

Some wireless routers can be set to transmit at a reduced power level. It's a good idea to reduce transmission power to a level sufficient to reach any home connected device, but not strong enough to reach most devices located outside the home.

It's not an exact science, so doing this won't make your network fully secure, but by reducing the window of opportunity for hackers and freeloaders it will definitely help.

4. Change your SSID (Network name)

Change the SSID for your Wireless LAN (WLAN). SSID stands for 'Server Set IDentifier' and it represents the name of your WLAN network. Most default configurations will broadcast the SSID, which means that it will be visible to any wireless network within broadcast range.

Potential hackers or freeloaders often pay more attention to SSIDs that haven't been changed from the factory default (eg. hardware related SSIDs like Belkin54g, NetGear, Linksys etc). These default IDs suggest that the networks they represent may have very little configuration and weak security.

Also, when changing your SSID don't enter a name that gives away your address or identity. For example if you live at 55 Main Street don't set an SSID of '55MainSt'. Remember, malicious hackers may be out to steal your identity, don't hand it to them on a plate!

5. Turn off SSID Broadcast

The majority of the latest wireless routers now provide a configuration option to turn off the SSID broadcast feature. Always do this as it will effectively make your home network invisible to neighbours and passers-by. Unfortunately, a determined hacker equipped with a wireless sniffer, will still be able to detect your network, even with the SSID broadcast feature turned off.

6. Set-up Access Control using MAC filtering

Most home router setups can be configured to restrict access to external devices according to a pre-defined list of MAC addresses. This is known as MAC filtering. If you have a small set of connecting devices then MAC filtering is a good way to enhance the security of your home wireless network.

Unfortunately this is not bulletproof security. Experienced hackers know ways to obtain authorised MAC addresses and fool a wireless network into thinking their own devices posess one of these authorised MAC addresses. MAC filtering is still recommended though as it should exclude all but the most determined online intruders.

What is a MAC Address?

Every device that needs to connect to your home network will contain networking hardware (eg. a network adapter) with a unique 12 character MAC address that was allocated during its manufacture. MAC addresses are often represented in the format XX-XX-XX-XX-XX-XX, where the X values are hexadecimal digits in the range 0-9 and A-F.

How to determine the MAC Address of connecting devices.

The MAC address(es) of network aware devices are sometimes shown on a label pasted onto the hardware (much like serial numbers sometimes are). If not, you may need to run a configuration display application on the device to reveal the MAC address.

Eg. On a Windows PC, running "ipconfig /all" from the DOS command prompt utility will display the MAC address as 'Physical Address'. On a PDA running Windows Pocket PC software the MAC address is displayed by the "Asset Viewer" found on the "System" tab under "Settings".

This article (from Washington University in St. Louis) gives a guide to locating the MAC address on different operating systems.

If you still have difficulty determining the MAC address of your hardware check the user manual for instructions. If you can't find any instructions then contact the manufacturer's support desk and ask for guidance.

7. Enable wireless encryption.

There are 2 encryption standards available for most home networks, WEP (Wired Equivalency Privacy) and WPA (Wi-Fi Protected Access). Configuring either method of encryption involves setting up a key or passphrase on your home router and configuring each connecting PC or wireless device to use the same encryption method and the same key or passphrase.

WPA is the preferred choice as there are known vulnerabilities in WEP encryption which a determined hacker could potentially exploit.

As WPA is a relatively new standard, some older wireless devices (eg. DVRs and PDAs) may not support it. First check if there are any software or firmware updates to enable WPA on such devices. If not, you may have to resort to WEP encryption to allow these devices to connect to your wireless network. If you do, be sure to choose keys (passwords) that are difficult to predict and change them regularly (at least once a week).