RezwanAhmed & His Team || Software Engineer

Archive for July, 2013

Wireless Security |Wi-Fi|Keep Secure your Wireless Network |

One of the biggest concerns for wireless users is making sure their router and wireless network are secure.
There is no such thing as being 100 % secure. Once you send data over a wireless signal, you’ve already potentially exposed your data to hackers and once you’ve set up a router, Wi-Fi signal leeches are always a possibility.
Step 1: WPA2 

I think it’s common networking knowledge that there really is no excuse to not use any encryption method other than WPA2. In all but the oldest wireless devices, just about all modern wireless clients support it.

Step 2: Change Default Passwords 

You never want to set up a new router and leave the default password of either the SSIDs (if the router came preconfigured) or to the admin account, which gives access to the router’s management software. In fact, I like to change even the Guest Account default settings, if I enabled Guest Account and the router has guest credentials set up.

Changing the admin password, is usually found in the “System” or “Administration” areas of the interface. Changing the SSID’s passphrase is typically under “Wireless Settings.” By the way, you see the password I have set in the image below? Don’t use that one. That’s just a router for testing, my home router has a much stronger password.


Step 3 | Change the Default SSID name

I’ll look at wireless networks in range and see SSIDs such as “NETGEAR095,” essentially, SSIDs that are preconfigured and easily give away the make of the router. I also think perhaps the person who set up the router left the default admin credentials to the router’s software. Someone with strong intent could access an unsecured network, and with a quick web search, discover the default password to the admin account just by knowing the type of router. Give your network a name that does not reveal the make or model of your router.

Step 4 | Device Lists

Most routers have a device list that shows the wired and wireless clients currently connected. It pays to periodically take a look and familiarize yourself with your router’s device listing. You would only see a list showing a connected client’s IP address, MAC address and maybe the hostname.

Newer Router interfaces are getting fancier. The most recent interface on the CISCO Linksys routers shows all of this information plus an icon of the type of client that’s connected ( a picture of a bridge, a NAS, a computer and so on).

I’ve met with vendors who are also releasing cloud and mobile apps that let you remotely see what or who is connected to your network and alert you when a device connects. If this is an important feature for you, you can expect to see a lot innovation in intrusion detection and home networks soon.


Step 5 | Turn off Guest Networking 

I’ve never tested a router out – of – the box that had guest networking on by default. If I did—that router would not get a very high review rating. Guest networking allows others to access your routers and by default it’s usually unsecure access (although you can typically add security). That said, if you inherited your router from someone else, it pays to make sure guest networking is turned off (or at least secured) when you set the router up for your use. Doing so, requires usually nothing more than ticking off a checkbox in the router’s interface.

Step 6 | Hide the SSID 

Hiding the name of your wireless network (the SSID) is also referred to as preventing the SSID from broadcasting. Now, hiding the SSID is not in and of itself, a security measure. Snoopers still have ways to detect wireless signals in a given area. However for most other would-be leeches, not having your Wi-Fi network’s name broadcasted, is a good way to prevent anyone from jumping on. The downside, is you will have to manually type in the name when you want to connect a device—especially tedious for friends who drop by and want to connect to your Wi – Fi.

Step 8 | Keep Your Firmware Up to Date 

I think a lot of users can forget about this one. Periodically, router vendors will create and post new firmware for their products to their sites. Sometimes, this firmware can patch security holes. Routers keep getting easier and easier to update; newer ones will notify you when new firmware is available and some will allow you to do the entire firmware update without leaving the router’s interface—a feature that always gets a favorable rating from me. Don’t forget to keep client wireless adapters patched for the same reason, as well.

Step 9: Use Firewall Settings 

Most routers have some sort of firewall or WAN protection to guard the device from Internet threats. Higher – end dual – band routers tend to have more advanced firewall and security features (though you can throw a third-party, open – source software tool like Tomato on an old cheap router, which can add advanced functionality, too.)

For example, the Cisco Linksys AC1750 has settings that allow you to enable firewall protection for both IPv4 and IPv6 traffic, as well as filter potential threats such as anonymous Internet requests.

One caution though, if you use port forwarding to set up remote access back into your home LAN, enabling some WAN filtering, may cause problems with the remote access—as I discovered once. Still, that should not discourage most users to use the SPI firewall capabilities and WAN threat security features found in most wireless routers. Many of these security features can be enabled with a click. Advanced users can even use a feature found in lots of routers—setting up firewall rules to block specific types of services such as IDENT or Telnet from coming through your router.

Step 7 | Use WPS With Caution

Personally, I don’t use WPS (Wi – Fi Protected Setup) on my home network. I find it does not work consistently across wireless devices. Add to the fact that a security issue was discovered with the PIN method of connecting via WPS and it makes me want to stay far from the feature (for more on the security issue check out “Wi-Fi’s Protected Setup Woes”. To their credit, router manufacturers have been doing a good job of securing WPS on their equipment; however, I would still use it sparingly. Some wireless extenders I’ve tested can really only connect to a router via WPS but for other devices; connect them manually.

Fast, cheap Internet Satellites Launched

On the last Tuesday (25 June, 2013), The first four of 12 satellites in a new constellation to provide affordable, high-speed Internet to people in nearly 180 “under-connected” countries were blasted into Space.

The orbiters, part of a project dubbed O3b, for the “other 3 billion” people with restricted Internet access, were lifted by a Russian Soyuz rocket from Kourou in French Guiana at 1927 GMT, according to a live broadcast on the website of launch company Arianespace.03b-Edit-M20130626094533

The project was born from the frustrations of US Internet pioneer Greg Wyler with the  inadequacy of Rwanda’s telecommunications network while travelling there in 2007. He came up with a plan to bypass costly ground-based infrastructure like fibre-optics or cables by deploying a constellation of small satellites around the equator to serve as a spatial relay between users and the worldwide web using only satellite dishes.

Such a system would cover a region between the latitudes of 45 degrees North and 45 degrees South — the entire African continent, most of Latin America, the Middle East, Southeast Asia, Australia and the Pacific Islands.

“Today, a life-changing journey has begun for many of the remaining unconnected and underserved regions of the world,” O3B chairman John Dick said in a statement.

There are already geostationary satellites providing this type of services, but at a prohibitive cost for many end-users in this region.

Existing satellites generally obit at an altitude of some 36,000 kilometres (22,000 miles) above Earth, weigh in at a hefty four to six tonnes each, and take much longer to bounce a signal back to Earth, according to a background document compiled by O3b Networks.

The new satellites, built by the Franco-Italian company Thales Alenia Space, will orbit at 8,062 km and will weigh only 650 kilogrammes (1,400 pounds) each. Crucially, they will communicate with Earth four times faster, said the company, and six would be enough to assure permanent coverage.

“O3b’s prices will be 30 – 50 percent less than traditional satellite services,” said the document. And it added that a country like the Democratic Republic of Congo could move from being one of the most poorly connected on Earth to one of the best.

Project investors include Internet giant Google, cable company Liberty Global, satellite operator SES, HSBC bank and the Development Bank of Southern Africa.

The first four satellites had initially been scheduled to be sent into space on Monday but the launch was postponed due to bad weather. The next four satellites will be launched within weeks, according to Ariane space, and a final four “backup” orbiters early next year.

To refine its coverage, the constellation could in the end have as many as 16 supplementary satellites in addition to the 12 main ones, said O3b Networks.

The world’s fastest satellite Internet connection using a very small aperture terminal (VSAT) was demonstrated at a public lecture held at NTU. The VSAT is portable and has an antenna dish of only 1.2m, which can achieve a high data transfer rate of up to 155Mbps.

Reference |