Get Off My LAN! 10 Quick Tips to keep intruders out of your network.
Written by Ben Friedman, August 1st, 2016
Intruders are out there! You may have personally had to to deal with somone undesirable making their way into your network. Sometimes these intruders leave relatively benign messages, pranks, or make long distance calls for free. Something their intentions are more malicious, sometimes they hold the data on your computer for ransom. Whatever their intents, it's generally your desire to keep them out and to prevent them from finding a way in. For the average joe, this can be an overwhelming task, where does one even start? We hope we can give you a leg up with these 10 quick tips on how to keep yourself from getting compromised!
#1. Change your default passwords.
You wouldn't believe how often this is an issue. It's very possible that right now the router you're connected to still has the default username and password to login. This issue is so prevalent that many of us at Axolsoft have run into groups who have been directly compromised as a result. The first step to solving this one is making sure to read the manual, yes it can be boring, but it could be the difference between you surfing the web, and you trying to factory reset your router after you've been locked out. Most router manuals (and any other device for that matter) will have a section regarding how to access and change the default password. Again, this is regarding the login for your router management, not your wifi password. If you can't find your router manual, or never received one, you can usually google your router online and find it there. To login you can visit 10.0.0.1, 192.168.0.1 or 192.168.1.1 on your LAN (local area network) to visit your router's login screen in most cases.
#2. Take Care with Unknown Emails.
It may have a very intriguing subject, but if you don't know who it's from or what it is, trash it. It's possible that what you've been sent is more than an email, and it's better left unopened. The minute you click on a malicious email you are quite possibly opening yourself to an attack, even if you run anti-virus.
#3. Don't use Dropped USBs
This is a classic one. You find a usb lying around in a parking lot, you snag it and think of what a bargain you just got! Little do you know you just picked up a nasty keylogger or trojan waiting to run the moment you use it.
#4. Be Careful with your Passwords
We all have trouble remembering passwords from time to time, and sometimes we write them down. If you do this be careful with where you put them. Instinct generally leaves us putting them within close proximity to our desks or workspaces, and an unsavory guest may exploit this by starting there. Sticky notes on the back of your computer or a book in your drawer are generally not good places to hide your passwords. Instead put your passwords in a safe, lockbox or other secure location. If you have neither of these put them somewhere away from your computer space. It may be more inconvenient, but someone browsing your computer space will come up empty handed when they try to break in.
#5. Pick Good Passwords
Passwords should have some length to them. Generally passwords 9 characters or less should not even be considered, if whomever you supplied the password to is compromised, yours it probably going to be among the easier ones to break. When choosing a password there should be a balance between memorability and length. Complexity is an added benefit but increasing your password's length is generally a more beneficial (and memorable) choice. Try to make your passwords 12 characters or longer if you can, and if you're having trouble picking passwords use variations on phrases you can remember. Don't use the cow jumped over the moon though, as that's widely known. If you can google it, so can your attackers. Usually the more obscure your password, the better, and better yet being known only by you.
#6. Don't Reuse Passwords
This is a tough one. We all have a bad habit of continually just using the first thing that comes to mind that's safe, one of our existing passwords. Although this is easy, it's exploitable. One password could in theory give access to such things as your bank, social media and work accounts. All it takes is for them to get the one password and they could have it all. You wouldn't use the same key for multiple houses or cars, so why would you do it for your logins. Take the time to make your passwords unique, a hacker will definitely hate you for it :) .
#7. Make sure you have Anti-Virus and a Firewall installed
In the event that someone or something does gain access to your network or personal computer, you want to mitigate everything they could possibly do. A good firewall or anti virus can help sandbox, capture or block anything attempting to move in or out of your computer or network. Some great anti-virus programs out there like Avast and McAfee can help. Programs like Little Snitch or Hands Off can do a great job monitoring everything that goes in or out from your computer as well.
#8. Protect your Web Browser
Often attacks coming from websites are the initial vectors by which we're compromised. One wrong click and you're infected. Luckily there are some great addons that can help keep you safe. In particular No Script for Firefox and Script Safe for Chrome help block malicious JS from attempting to run. Not only does this protect you, but it can also keep you from being tracked by analytics!
#9. Don't Click on Questionable Links
Beware clicking advertisements and links you are generally uncertain of. Hovering over a link in Chrome and Firefox will show you the destination url in the bottom left corner of the screen. If you don't recognize the url, or it doesn't look quite right, don't click it. Alternative urls like faceb00k.com and fac3book.com may try to trick you, so be wary.
#10. Stay Up to Date
Last but not least keep your software up to date, your computers up to date and yourself up to date. All the security mechanisms in the world are only as good as you are at enforcing them. Stay in touch with security issues related to your systems and help relay those issues to others.
With a bit of research and sharing we can hopefully help make everyone's networks a little safer.
Questions? Corrections? Concerns? Contact us at firstname.lastname@example.org