Section 70. About Basic Network Security

70. About Basic Network Security



Create a User Account

About Sharing Network Resources

About Backing Up and Restoring Data

About Malware

Network securityincluding security for a home workgroup networkrevolves around protecting information, meaning network data. On a large corporate network, the data might be the social security numbers and credit card numbers for thousands of people. On your home network, the data might be your home budget file or a list of addresses for this year's Christmas cards.

Data and other network resources must be protected from internal intrusion (such as a legitimate network user who deletes important files) and external intrusion (such as a computer virus or illegal hacker on the Internet). Corporate networks spend tons of money on different security measures to protect their network data. And although network security is also important to the home network, you don't have to try to duplicate the measures taken on large networks to protect important information.

Network security, even security on a home network, is focused on network access and resource access. To protect network data, you must secure the network from unauthorized access (from the outside) and also protect data when it's accessed by an authorized user (from the inside).

In terms of locking down the network from outside intrusion, a WiFi network connected to a high-speed Internet connection device such as a DSL router or cable modem has two potential avenues for outside attacks: the WiFi infrastructure and the persistent connection to the Internet.

How does one negate (or at least greatly limit) the possibility of outside attacks on a home network? The key tool in securing the home network is the WiFi router. The router provides security options that secure both the WiFi medium or infrastructure (the radio waves used to communicate over the network) and the connection to the Internet. First let's take a look at securing the WiFi medium.

Sending data over radio signals that have not been secured is pretty much akin to leaving all the doors in your house open when you go on vacation. Your WiFi router provides you with settings and security features that can greatly enhance the overall security of the WiFi home network. Most WiFi routers offer the following settings for securing the WiFi medium:

  • Change WiFi Router Password: Although this doesn't stop network intrusions, periodically changing your router's password does make access to the router's configuration more secure. The default passwords for router administration are typically well-known generic passwords such as password; the sooner you change the password that came with your router, the safer you'll be. See Change Router Password for more information.

  • Enable/Disable SSID Broadcast: Although disabling the broadcast of the Server Set ID (SSID) or network name by the WiFi router using a radio signal doesn't actually secure the network from outside intrusion, it does stop the WiFi router from advertising that the WiFi network exists to anyone within range who cares to listen. For more information, see Turn Off Server Set IDs (SSIDs) Broadcasts.

  • Firewall Settings: A firewall can protect an internal network from attacks from the outside over the persistent Internet connection. The number of firewall settings available to you depends on the router you have purchased. For more information, see About Firewalls and Configure Router Firewall Settings.

  • WiFi Card Access List: The WiFi router can be configured so that only computers that have their MAC (Media Access Control) or hardware address for their WiFi network adapter recorded in the router's access list will be allowed to connect to the WiFi network. For more about MAC addresses and router card access lists, see About Network Interface MAC Addresses and Create a WiFi Network MAC Access List.

  • Key Authentication and Data Encryption: A way to protect the WiFi network from intrusion over the network medium (the radio signals) is to require that computers attempting to connect to the network be authenticated (or approved) by the WiFi router. Data traveling on the network medium that is intercepted can also be protected if you first encrypt that data. Most WiFi routers provide two different types of WiFi security strategies: WEP and WPA. For more about WEP and WPA see About 802.11 Security Strategies, Configure Wired Equivalent Privacy (WEP) Security, and Configure WiFi Protected Access (WPA) Security.

When you take advantage of the different ways to protect your workgroup from outside attacks (including problems with viruses and other malware, as explained in About Malware), you still need to protect the data from security breaches inside the network. This is usually a problem with the accidental deletion of important files or the fact that important data has become corrupt and unusable.

On large networks, data is protected by a network administrator who assigns each user a set of permissions related to data entry. However, because shared data is actually spread across a number of computers (shared folders reside on individual computers and are managed by the users on those computers), you really can't control users on a workgroup the way administrators of large networks can control network resources on centralized servers. So, protecting data from problems that originate on the inside of the network, such as a file being inadvertently deleted or corrupted, is really best handled by backing up the data on each individual computer (see About Backing Up and Restoring Data).

Another problem with workgroup networks is that if a folder is shared in a workgroup, it is available to everyone in the workgroup. Therefore, it is important that the users on the network act responsibly in terms of working with shared folders and the contents of these folders. It is also important that each computer on the network have an up-to-date antivirus software product installed because it is fairly easy to spread a virus or other malware in a workgroup networking environment (see Install and Use Antivirus Software for more about antivirus software).

The biggest security risk to networks, including small home workgroups, is intrusion by malware (such as addware and viruses) and security holes (ports) in different software applications used to connect to the Internet (such as Internet Explorer). One way to help shore up your defenses against hackers who attempt to exploit open ports on your computer is to lock these ports down and stop external access to the internal network. This is what firewalls do; they act as an intermediary between your private network and the public Internet. Configure Router Firewall Settings looks at how firewall settings are configured on a WiFi router that supplies firewall capabilities.


Task About Content Filtering and Opening Ports discussed ports, including the well-known ports for filtering Internet content and services. Ports can be exploited on your computer as a way for an outside attacker to actually take control over your computer.

Home Wireless Networking in a Snap
Home Wireless Networking in a Snap
ISBN: 0672327023
EAN: 2147483647
Year: 2007
Pages: 158
Authors: Joe Habraken © 2008-2017.
If you may any questions please contact us: