InfoSec News

An Iranian intelligence official Saturday said that authorities had detained several "spies" connected to cyber attacks against its nuclear program.
 
Technically inclined people usually dread mainstream blockbusters that center on technology and computers. But you'll love these two Facebook movies.
 

Savid Technologies' CEO Michael Davis Gives Successful Presentation at Infosec 10
Melodika.net (press release)
Technologists and security professionals came out in full force on September 14th at Infosec in Nashville to hear Michael Davis ...

 
Manufacturers really aren't doing many of the home users any favours. Devices are sold with worse than lame default settings in the guise of usability. Personally I think that many manufacturers are underestimating the capacity of people to follow instructions, but then I guess Heinz Ketchup does have on the instructions put on food, so maybe Im wrong.
Manufacturers could make things easier for us and many of them kind of do. We now have external hard drives where the backup is a push of a button (even my mother knows how to drive that one) and many of the network devices come with one button configuration settings to secure the network. Personally I've had limited success with this, but maybe I'm buttonny challenged.
I know that your home network is as secure as you can possibly make it, but alas your neighbours, cousin, brother, parent, grandparent, etc, network is not up to the same specs. It has been or will be used in the future to spread evil such as Zeus, Stuxnet and even Kevins favourite, slammer. Securing the PC helps, but you do need to secure the network as well.

So lets get stuck into it.

Make sure that the device connecting to your service provider at least has some statefull filtering capabilities. They should only allow outbound traffic, but you may wish to check that.
Change the default Passwords. Many devices come with default passwords, typically admin or blank. Many people still have their internet facing devices with these default passwords.
Use long passwords. It will only be used infrequently, so it might as well be a long one. Youll want to write it down and keep it safe, use paper and not a file on the computer. Providing you dont staple it to your windows, keeping the passwords written down should be fine.
Control who connects. Whether you have a wired network or wireless make sure you know what is connecting to your network, your laptop, fridge, media centre, etc. You might want to consider using mac filtering. Not the best, but better than nothing.
If there are security settings available use them. Keep in mind that the security of your network is often dependent on the least secure device. For example I have a couple of older devices that can only use WEP 40 keys. So if I want to use it I either reduce the security of the whole environment, or as in my case, I have a second access point in a little DMZ off the main internet connection.
For wireless networks WPA-PSK is the minimum to use.
Harden devices. Just like corporations any device you connect to the network should be hardened. Many of the network connected printers have so many services open that will never be used, so shut them down.

Now unless you want to be the extended familys internet helpdesk (might be the only way you get to see them) I suggest that you write down down basic instructions for them, or set things up so they never have to touch it again.



Ive made a start feel free to add those things you do for your family to keep their network clean.



Mark H (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft filed patent infringement complaints against Motorola and its Android phones in the International Trade Commission and U.S. federal court Friday, indicating that the software giant may hope to use its strong patent position as one way to set its mobile software apart from the competition.
 

Internet Storm Center Infocon Status