Networks Archive

How To Secure Your Wireless Network

2009-04-09T15:35:00.001-07:00

People have more flexible time due to wireless network. Thanks to the invention of wireless. People can now work from home while taking care of their kids or doing house works. No more stress from traffic jam anymore. Is this great?

Well, there is something you should realize. Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken. As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, thus gaining access to your computer. They could load viruses on to your laptop which could be transferred to the company's network when you go back to work.

Believe it or not! Up to 75 per cent of WLAN users do not have standard security features installed, while 20 per cent are left completely open as default configurations are not secured, but made for the users to have their network up and running ASAP. It is recommended that wireless router/access point setup be always done though a wired client.

You can setup your security by follow these steps:

1. Change default administrative password on wireless router/access point to a secured password.

2. Enable at least 128-bit WEP encryption on both card and access point. Change your WEP keys periodically. If equipment does not support at least 128-bit WEP encryption, consider replacing it. Although there are security issues with WEP, it represents minimum level of security, and it should be enabled.

3. Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.

4. Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.

5. Block anonymous Internet requests or pings. On each computer having wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only. Computer to Computer (peer to peer) Connection should not be allowed.

Enable MAC filtering. Deny association to wireless network for unspecified MAC addresses. Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards. When adding new wireless cards / computer to the network, their MAC addresses should be registered with the router /access point. Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.

All computers should have a properly configured personal firewall in addition to a hardware firewall. You should also update router/access point firmware when new versions become available. Locating router/access point away from strangers is also helpful so they cannot reset the router/access point to default settings. You can even try to locate router/access point in the middle of the building rather than near windows to limit signal coverage outside the building.

There is no guarantee of a full protection of your wireless network, but following these suggested tips can definitely lessen your risk of exposing to attackers aiming at insecure networks.

Networking With Fiber Cables

2009-04-09T15:35:00.000-07:00

Fiber cables form one of the most important parts of the networking industry today. Fiber cables are composed of one or more transparent optical fibers enclosed in a protective covering and strength members. Fiber cables are used to transmit data by the mode of light. Various types of fiber cables available are multimode duplex fiber cables, single mode simplex fiber cables, single mode duplex fiber cables, and plastic optical fiber cables.

There are many fiber optic cable manufacturers who manufacture full line of fiber cables in both single mode and multi-mode, simples, duplex and multi-strand. Several manufacturers provide low cost, quick-turn, high volume fiber cables and fiber cable assembly solutions.

Cables with complete assembly of fibers, strength members and jacket refer to fiber cables. These fiber cables come in variety of forms depending upon their usability and place of use. It is important to identify the exact requirement of fiber cables whether they would be easy to install, splice or terminate, etc. This is necessary as it ultimately decides the cost of installing the fiber cables.

Fiber cables are required to protect fibers from external hazards. Thus before installing the fiber cables one should always assess the place of installation of fiber cables. Fiber cables required inside the house or a building are not exposed too much of hazardous condition thus simpler form and not-so-tough fiber cables can be used for installation. But if the fiber cables are to be installed for longer distances and outside premises then the cables should be robust. They should also be installed well beneath the ground to protect them not only from ground digging, water logging but also from prairie dogs.

Fiber cables comes in different types based on their usage patterns as well. The zip cord and simplex fiber cables refer to those used for desktop connections. Simplex fiber cables are one fiber, tight-buffered and jacketed. A zip cord is actually two simplex fiber cables joined by a thin web. On the other hand fiber cables made of several simplex cables are breakout fiber cables. This type of fiber cables is strong, rugged and larger. They are also a bit expensive but prove to be economic where distances are not too long and fiber count required is less.

Small fiber cables required for dry conduit run, riser or plenum are known as a distribution fiber cables that needs a breakout –box to be broken up or terminated in a panel box. They contain several tight-buffered fibers bundled under same jacket.

Aerial fiber cables are good enough for outside installation where as armored fiber cables are used for under-ground wiring where rodents are a problem. These fiber cables have metal armoring between two jackets to prevent rodents from tampering the cabling connections.

Loose tube fiber cables are perfect for plant trunk applications to prevent fibers from moisture or water. They can be buried directly in ground but must be handled carefully to prevent damage. Ribbon fiber cables have twelve or more fiber cables packed together laid in a rows. They are also a plant fiber cables which are gel-filled and are good for water blocking.

All fiber cable manufacturers manufacture different fiber cables but their product literatures should be carefully studied so as to assess which type of fiber cables they specialize in.

Network Security – The Real Vulnerabilities

2009-04-09T15:34:00.000-07:00

Scenario: You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked.

You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?

Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?

Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised.

This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to have a password reset. Most organizations use a system to generate usernames, so it is not very difficult to figure them out.

Your organization should have strict policies in place to verify the identity of a user before a password reset can be done. One simple thing to do is to have the user go to the help desk in person. The other method, which works well if your offices are geographically far away, is to designate one contact in the office who can phone for a password reset. This way everyone who works on the help desk can recognize the voice of this person and know that he or she is who they say they are.

Why would an attacker go to your office or make a phone call to the help desk? Simple, it is usually the path of least resistance. There is no need to spend hours trying to break into an electronic system when the physical system is easier to exploit. The next time you see someone walk through the door behind you, and do not recognize them, stop and ask who they are and what they are there for. If you do this, and it happens to be someone who is not supposed to be there, most of the time he will get out as fast as possible. If the person is supposed to be there then he will most likely be able to produce the name of the person he is there to see.

I know you are saying that I am crazy, right? Well think of Kevin Mitnick. He is one of the most decorated hackers of all time. The US government thought he could whistle tones into a telephone and launch a nuclear attack. Most of his hacking was done through social engineering. Whether he did it through physical visits to offices or by making a phone call, he accomplished some of the greatest hacks to date. If you want to know more about him Google his name or read the two books he has written.

It’s beyond me why people try and dismiss these types of attacks. I guess some network engineers are just too proud of their network to admit that they could be breached so easily. Or is it the fact that people don’t feel they should be responsible for educating their employees? Most organizations don’t give their IT departments the jurisdiction to promote physical security. This is usually a problem for the building manager or facilities management. None the less, if you can educate your employees the slightest bit; you may be able to prevent a network breach from a physical or social engineering attack.