How to Enable Wireless Network Security

The age of wireless network has approved the freedom from the hassles of wired ones and improved the mobility for computer system users. Such networks allow the users to access the Internet, without the constraints of being physically next to to the line of connection. Despite the security threats mixed up, many people don’t take the matter of securing their wireless networks seriously. It is vital to setup a secure wireless network as it prevents illicit people from easily connecting to the network to download different things. Wireless Internet access is swiftly gaining popularity over the whole world. Most people prefer the unplugged practice that wireless networks provide. Wi-Fi hot spots have mushroomed everywhere and home users are increasingly going the wireless way. A wireless network operates much like a radio station as it transmits data over the waves. While this feature enables portability and unplugged access, it has a downside, which is exposure of your network to eavesdroppers and hackers. It’s very essential that you should know the steps to secure a wireless network, which can effectively prevent malicious attacks. Here are a few basics on how to secure a wireless network :-

 

SSID
SSID (Service Set Identifier) is the name given to exact network. It is essential for all devices on the wireless network to use the same SSID, in order to communicate with each other. The SSID of a wireless network can be placed manually, or it can be generated automatically. While setting the SSID manually, it’s important to make it something difficult to figure out. Routers and access point devices usually provide a methodology to change the SSID for network access. For this purpose, the first step is to log into the router through the web browser (like Internet Explorer). A window appears asking for user name and password, which are both ADMIN by default. As soon as the user enters the password, the router configuration window opens. The SSID must be entered here, and a wireless channel should be selected. While securing a wireless network, the user should not forget to disable his SSID wireless broadcast, before applying the changes.

WEP and WPA Encryptions
Encryption is an chief aspect of network security and helps to protect the user data from prying eyes. Almost all the wireless equipment comes with WEP (wired equivalent privacy) and WPA (Wi-Fi protected access) encryption schemes. These encryption schemes can be enabled or disabled, depending on the requirement of the user. WEP is a scheme which was included with the first generation of wireless networking equipments. However, it consists of some serious flaws, which led to the growth of WPA. WPA provides stronger wireless data encryption as compared to WEP but requires the configuration of all the communicating devices for it’s functioning. After enabling encryption on his router or access point, one should configure an additional wireless network devices. WPA provides better security against snoopers and hackers. For the configuration of WEP / WPA, the user should log on to the router as well as enable the wireless tab / wireless security. He can make a choice between WEP or WPA encryption, the latter being more secured. The user can choose between 64 or 128 bit encryption. A hexadecimal WEP / WPA key should be generated before applying the changes.
After the configuration of WEP / WPA and SSID, the final step involves the restriction of user access in the wireless network. This can be done by inflowing the MAC address of the wireless computer and selecting ‘restrict access’, during the router configuration. MAC address of a computer can easily be seen by typing “ipconfig/all”, in the command prompt. The above mentioned steps are a simple answer of how to secure a wireless network. After configuring the router, the user should unplug it from the wireless computer, and establish the wireless software and adapters on the wireless computer. The WEP / WPA encryption key should be kept in records securely, and when prompted, the user should enter it.

If you need further assistance please visit http://www.livetechcare.com

 

Network Security Control

The incidents of security attacks are increasing and frequent accounts of serious security incidents are published by the news media. So, you might have come to a conclusion that network security is hopeless. But, luckily that is not the case since security issues can be addressed by different methods like overlapping controls for defense, reference monitors for access control and encryption for integrity and confidentiality. The most prominent network security control measures include encrypted e-mail, intrusion detection systems and firewalls.

Firewall

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices that is configured to permit or deny network transmissions based upon a set of rules and other criteria.

Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which inspects each message and blocks those that do not meet the specified security criteria.

There are several types of firewall techniques:

1. Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. It is susceptible to IP spoofing.
2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

Intrusion Detection System

An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system.

There are several ways to categorize an IDS:

• misuse detection vs. anomaly detection: in misuse detection, the IDS analyzes the information it gathers and compares it to large databases of attack signatures. Essentially, the IDS looks for a specific attack that has already been documented. Like a virus detection system, misuse detection software is only as good as the database of attack signatures that it uses to compare packets against. In anomaly detection, the system administrator defines the baseline, or normal, state of the network??s traffic load, breakdown, protocol, and typical packet size. The anomaly detector monitors network segments to compare their state to the normal baseline and look for anomalies.
• network-based vs. host-based systems: in a network-based system, or NIDS, the individual packets flowing through a network are analyzed. The NIDS can detect malicious packets that are designed to be overlooked by a firewall??s simplistic filtering rules. In a host-based system, the IDS examines at the activity on each individual computer or host.
• passive system vs. reactive system: in a passive system, the IDS detects a potential security breach, logs the information and signals an alert. In a reactive system, the IDS responds to the suspicious activity by logging off a user or by reprogramming the firewall to block network traffic from the suspected malicious source.

Though they both relate to network security, an IDS differs from a firewall in that a firewall looks out for intrusions in order to stop them from happening. The firewall limits the access between networks in order to prevent intrusion and does not signal an attack from inside the network. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system.

Encrypted e-mail

Email encryption protects private, sensitive and valuable information communicated via email. Email encryption can be deployed using email encrypting software, secure email servers or secure webmail centers. E-mail encryption can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them; while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send.

If you need further assistance please visit http://www.livetechcare.com