Securing a SOHO Network

Question 1

SSID management - Securing a SOHO Network

Answer 1

• Service Set Identifier - Name of the wireless network
• Change the SSID to something not-so obvious
• Disable SSID broadcasting?
  
  • SSID is easily determined through wireless network analysis
  • Security through obscurity

Question 2

Wireless encryption - Securing a SOHO Network

Answer 2

• All wireless computers are radio transmitters and receivers
• Solution: Encrypt the data - Everyone gets the password
• Only people with the password can transmit and listen

Question 3

Antenna placement - Securing a SOHO Network

Answer 3

• Central coverage to reach all areas of the building

* Don’t overlap frequencies

Question 4

Power level controls - Securing a SOHO Network

Answer 4

• Usually a wireless configuration - Set it as low as you can
• Consider the receiver - High-gain antennas can hear a lot

Question 5

MAC address filtering - Securing a SOHO Network

Answer 5

• Media Access Control - The “hardware” address
• Keeps the neighbors out - Additional administration with visitors
• Easy to find working MAC addresses through network analysis
• MAC addresses can be spoofed
• Security through obscurity

Question 6

Using WPS (Wi-Fi Protected Setup) - Securing a SOHO Network

Answer 6

• Allows “easy” setup of a mobile device
• Different ways to connect
  
  • PIN configured on access point must be entered on the device
  • Push a button on the access point
  • Near-field communication - Bring the mobile device close
  • USB method - no longer used

Question 7

The WPS hack - Securing a SOHO Network

Answer 7

• December 2011 - WPS has a design flaw
• PIN is seven digits and a checksum
• Seven digits, 10,000,000 possible combinations
• The WPS process validates each half of the PIN
  
  • First half, 4 digits. Second half, 3 digits.
  • First half, 10,000 possibilities. Second half, 1,000 possibilities
• It takes about four hours to go through all of them

Question 8

Defualt usernames and passwords - Securing a SOHO Network

Answer 8

• All access points have default usernames and passwords
• The right credentials provide full control/admin access
• Very easy to find the defaults for your WAP or router

Question 9

IP addressing - Securing a SOHO Network

Answer 9

• DHCP (automatic) IP addressing vs. manual IP addressing
• IP addresses are easy to see in an unencrypted network
• If the encryption is broken, the IP addresses will be obvious
• Security through obscurity

Question 10

SOHO firewalls - Securing a SOHO Network

Answer 10

• Small office / home office appliances
• Wireless access point, router, firewall, content filter
• May not provide advanced capabilities, i.e., dynamic routing, etc.
• Install the latest software - Update and upgrade the firmware

Question 11

Firewall settings - Securing a SOHO Network

Answer 11

• Inbound traffic - Extensive filtering and firewall rules
  
  • Allow only required traffic
  • Configure port forwarding to map TCP/UDP ports to a device
• Outbound traffic
  
  • Blacklist - Allow all, stop only unwanted traffic
  • Whitelist - Block all, only allow certain traffic types

Question 12

Disabling ports - Securing a SOHO Network

Answer 12

• Enabled physical ports - conference rooms, break rooms
• Always administratively disable unused ports
• Use Network Access Control (NAC) - 802.1X controls

Question 13

Content filtering - Securing a SOHO Network

Answer 13

• Control traffic based on data within the content
• Corporate control of outbound and inbound sensitive data
• Control inappropriate content - not safe for work, etc.
• Protection against evil - Anti-virus, anti-malware

Question 14

Physical security - Securing a SOHO Network

Answer 14

• Physical access = Relatively easy hack
• Door access - Lock and key, electronic keyless
• Biometric - Eyeballs and fingers
• Always have a documented and well established process