Fortunately, the virus can be blocked by following good WiFi security practices. Unfortunately, many WiFi networks are not set up in a secure way.
Fortunately, the steps to secure a home WiFi network are not particularly difficult:
- Use AES encryption. WEP encryption and TKIP encryption have known weaknesses that are easily exploited. (Depending on your router, you would choose WPA2 or WPA encryption and select AES as the standard.)
- Use a password that is hard to break. It should have more than 20 characters, and should include a mix of upper and lower case letters, numbers, special characters, and even spaces. Entire sentences may be appropriate, if they are not publicly known.
- Change default administrative password and IP address. A surprising number of home installations still use the defaults.
- Turn off remote administration features. Administration should be required to be done over a wired connection.
- Verify that your firmware is updated. There are a number of bugs that have been reported against WiFi router firmware.
- Log out of your administrative sessions when you are done.
Beyond securing your own routers, you need to keep in mind that public routers may also have been infected. There are some steps you can take to protect yourself when connecting to public WiFi routers. Be aware that public networks are by definition insecure, whether WiFi or wired. There is little or nothing to stop a miscreant from trying to snoop your connection.
- Enable built-in firewall features on your computer, especially software firewalls. Deny all incoming connections.
- Make sure file sharing is turned off.
- Be aware that passwords may be sniffed by keyboard loggers, pulled from your computer's registry, or simply observed over your shoulder. By using a tool like LastPass or Password Safe, you can avoid having to type passwords while storing them in a secure, encrypted location.
- Use a VPN if possible.
- Use https (HTTP over SSL) to connect to vendor sites wherever possible.
No comments:
Post a Comment