Network Security
Home Network Security, Simplified
Many home users have unknowingly become computer geeks. Not
too long ago using the terms 'router' or 'wireless' signaled
the presence of the enthusiast or professional. No longer.
Now, routers, hubs, switches, Ethernet cards, firewalls and
a bewildering array of other network related buzzwords have
entered the home.
By making the installation of these devices easy and
inexpensive, vendors opened new sources of revenue for
themselves and offered a significant value to home users.
Now multiple home computers could share resources without
'sneaker net' - physically transporting files or moving
printer connections. Now the whole family could use a single
network connection to the Internet, and often without having
to string wires all over the house.
What users didn't get is what every networking and computer
professional has early on - training in how to secure that
gear from hackers.
But, don't panic. The settings from the vendor are often
quite good. Now, for some guidance...
RFM is a common acronym known to computer professionals. For
the sake of propriety I'll ignore the middle letter, but the
first and last stand for Read the Manual. It'll give you
common useful settings and configuration information. Now
read it again.
ROUTER PORTS
First, change the password and if possible rename the
administrator account. The person who bought the same model
you did has that information, and he may not be as
trustworthy as you.
Port 80 is the standard for HTTP, needed for any web
browsing. 'Ports' are network numbers used by software to
distinguish traffic. Open that, but only for specific IP
addresses or ranges going out. That way, only known
computers can generate traffic out of your home network.
That tip is imperfect if you acquire an IP address
automatically. I.e. use DHCP, as most do. But many providers
allow you to purchase one static address for your router.
That's the one that should have access out.
Why do you care about traffic going out? Because you can
infect others. Practice safe networking. Don't spread
viruses. Also, if you have wireless - see below - you may
not know who's on your network. Even if you don't and you're
not home, no one can sneak in with a laptop and get out of
your network. Yes, it's happened.
You'll have to open Port 80 for all incoming traffic, unless
you want to try to track which sites have which IP address -
nearly impossible.
If you use a desktop e-mail client, rather than being
entirely browser based, you need to open Port 25 for
outgoing mail (SMTP) and 110 for incoming (POP3, ignore the
acronym meanings).
And that's ALL... usually.
Manual or desktop FTP clients, which you should avoid
because of their weak security, will need another, and
specialized programs will require a few others. In most
cases you'll find their numbers easily discoverable. Keep
them to the bare minimum. The rule of thumb with network
security is: everything closed by default, allow only those
truly needed and only to those who need it.
By the way, if these sound a lot like firewall settings it's
because routers and firewalls have some overlapping
functionality. Routers route traffic, firewalls prevent or
allow it.
WIRELESS NETWORKS
If you have wireless gear, you have more to do. Some, by
default, allow anyone nearby to use them to access that
network and hence the Internet. That means not only the
teenager in the upstairs bedroom, but the neighbor next door
and the hacker parked at the curb can access resources
inside your home. Yes, that does happen.
Lock down your wireless gear by, you guessed it, reading the
manual to learn how to configure passwords and implement any
other security features available.
It isn't necessary to dedicate your life to becoming a
network or security expert in order to safeguard your
resources. But having a home network connected to the
Internet via a home router, puts you at extra risk compared
to dial-up or single-connection users.
If you don't spend a modest amount of time to take simple
steps today, someday you may spend much more after you've
been hacked.
ADVERTISING:
Google Adsense (Jasa Pembuatan Website dan Account Google Adsense -Murah)