When we discuss security as an integral part of our cyber life, it is important that we take sufficient care that the home network and the devices that are used at home are secured. There are several areas at home in which we use Internet and IP-enabled devices. These include your home network (wired & wireless), personal computing devices, smart phones, official computing devices, network-enabled printers, and other smart appliances. While we look at security, all of these devices need to be reviewed for security best practices to ensure that the risk of an attacker penetrating or compromising these devices is reduced. This post concentrates on securing three main entities in a home network.
Do you have a lot of passwords? Are they too hard to remember? Then use a secure password storage database. Password Safe, Password Gorilla, xPass, and several other tools are available. They all remember your user names, passwords, URLs, etc, and store them all in a strongly-encrypted database.
On *nix systems, check your sshd_config and ssh_config files. In both files, the Protocol line should read “Protocol=2″ and NOT “Protocol=2,1″ or similar values that include protocol version 1 as an option. Putty should be configured to use only protocol version 2 as well.
Failure to check your SSH configuration can lead to a downgrade attack, where user credentials and the entire SSH session are recovered in the clear. If you are using SSH protocol version 1, your SSH session is no more secure than Telnet.
Passwords for computer authentication are as old as multiuser computers, and are not the best form of authentication we have. Certificates are better, but harder to manage. So, for most purposes we are stuck with passwords.
Many people deal with the proliferation of passwords either by using very weak passwords or using the same password in multiple places. The obvious downfall is that if one site gets compromised, you may lose many accounts.
Another problem is using computers you don’t trust. Sometimes you are traveling and need to access your bank from an Internet cafe or hotel computer, which may have keystroke loggers.
The root of the problem is reliance on human memory. Luckily, every time we need a computer password, we have a great memory tool at our fingertips.
Many people often think that information and network security is just about technology and how reliable or sophisticated these technologies are. Additionally, many people ask why after spending tons of money on network and security gear, their network still gets hacked, information is lost and business continuity is disrupted. For example, often questions like these run through their minds: “Am I not buying the right security products? Am I not configuring or deploying them correctly? Do I have the right staff to run my network?”