Is Public WiFi Safe to Use?

Cyber Security, Free WiFi, Hackers, Ophtek, PC Security, WiFi, , , , ,
19
Mar 2019

Most public spaces from coffee shops through to shopping malls now contain some form of public WiFi, but are these public networks 100% safe to use?

When your office based employees connect to the internet, they’re making this connection through your own network. And this means that you’re able to monitor all incoming and outgoing activity. Rather that monitoring which websites your employees are visiting, though, the main reason for monitoring these connections is to make sure that nothing malicious is entering your network. Remote workers, however, are likely to take advantage of public WiFi as a considerable amount of their work will be completed away from your work connection.

Due to the unique nature of each and every public WiFi network, it’s crucial that you understand the concerns surrounding these types of connections.

The Dangers of Public WiFi

Public WiFi may appear to be extremely convenient, but there are a number of security issues attached to connecting to public hotspots such as:

  • Lack of Details: When you connect to a public WiFi network there’s no way of knowing exactly what you’re connecting to. This, in itself, is a dangerous move and is one of the main reasons why public WiFi is frowned upon by security experts. 
  • WPA2 Vulnerability: Most public WiFi uses WPA2 encryption to protect data, but the security of WPA2 has been called into question over the last few years due to the discovery of a major vulnerability in its code. 
  • Malware Threat: Due to the lack of security surrounding public WiFi networks, it’s very easy for a hacker to position themselves in between the connection point and, for example, your laptop. This allows the hacker the opportunity to discreetly upload malware to your device and execute its malicious payload.

Should You Use Public WiFi?

Clearly, there are a number of risks involved in using public WiFi and the simplest way to avoid these dangers is by completely avoiding these connections. However, there are certain scenarios where it’s crucial that your remote employee needs to connect to whichever network is available. And in these cases you should follow these best practices:

  • Use a VPN: A virtual private network (VPN) is a service that creates an encrypted connection between your device and the remote server of your VPN. Any hacker who manages to intercept this connection will only be able to view a highly encrypted message which will be absolutely useless to them. 
  • Verify the Connection: One of the simplest ways to evaluate the connection on offer is to double check the legitimacy of the available connections with an employee at the location in question. At the very least they will be able to confirm whether the connection is genuine or fake. 
  • Use Anti-Malware Software: Protecting yourself with anti-malware software should be a given, but when people are using remote devices they fail to appreciate just how vulnerable these are. Even the simplest form of anti-malware software provides an effective defense, so make sure your device is protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Improving WiFi Security for Your Business

Network, Security, Security Threats, WiFi, wireless network, , , ,
11
Apr 2018

Wireless networks are crucial for organizations to operate in the modern business landscape, but it’s critical that your wireless network is secure.

Increased mobility, production and scalability are the three main reasons why your organization will have embraced WiFi. Allowing you to remain competitive, WiFi is a service that you simply can’t be without. Therefore, security is more crucial than ever when it comes to wireless networks.

To help you get a better understanding of how to defend your network, we’re going to look at improving WiFi security for your Business.

How to Protect Your WiFi Network

There are many ways that you can secure your WiFi network, keep hackers out and ensure that productivity remains at an all-time high:

  • Keep on Top of Updates: Your router and associated hardware will regularly receive firmware updates that improve performance and, more importantly, patch any potential security issues. Unfortunately, many people put these updates on the back burner as the install processes are considered a little fiddly. However, while the install time and necessary reboots are irksome, they pale in comparison to your WiFi network being compromised.
  • Change Default Login Credentials: In order to access WiFi devices for the first time, these devices will come with default login credentials to allow the owner to configure them for their network. These default credentials, however, represent a major security risk as they rarely differ between devices. And that means that anyone with a list of default credentials – freely available online – can log on to your WiFi devices if they haven’t been changed.
  • A VPN Can Hide Your Network: A virtual private network (VPN) is a useful service which provides additional security to your WiFi network. A VPN server will hide all the connection details of PCs and devices on your network, so this makes it significantly harder for hackers to find a flaw in your defenses.
  • Keep Guest WiFi Networks Separate: Most organizations provide a guest WiFi network for visitors or staff to access with their own devices. While this is a generous offering, you need to make sure that guest WiFi networks are kept separate to the rest of your networks. Surrounding the individual networks with firewalls also helps to ramp up the defenses between your sensitive data and external breaches.
  • Secure Ethernet Ports: Network peripherals are always at risk of being compromised by unsecured ethernet ports. By simply plugging a cable into an ethernet port, a hacker can gain a foothold into your wireless network. The solution to this problem is, thankfully, relatively simple: enclose network peripherals within locked cases and limit key ownership.
  • Enable WPA2 Encryption: If your WiFi network is not encrypted then it means that the data being transferred over it is open to external parties. As a business, it’s a certainty that the data transferred over your network will be sensitive e.g. customer details, payroll information and emails. However, by enabling WPA2 encryption on your network, it will guarantee that your data will be scrambled as it’s transmitted. As a result, anyone ‘listening in’ will be unable to exploit the data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
Everyone Needs Guest Wifi
Everyone Needs Guest Wifi

How to Setup Guest Wifi

Network, Office IT, Office Network, Security, ,
08
Oct 2014

Everyone Needs Guest Wifi

Now that you understand the benefits of having a guest Wi-Fi network. It’s really simple to set one up, so here’s a quick guide on how to setup guest wifi.

1 – Access your router’s admin page.

This is so that you can access your router’s settings and configure it to add a guest Wi-Fi network. Simply enter your router’s LAN IP address into the web browser which should start with http:// followed by the IP address. If you didn’t already know, an IP address is a set of four numbers separated by periods. It should look something like:

http://192.168.1.1

Where can you find your router’s LAN IP address?

Some routers may already be labelled with a sticker at the bottom or to the side of it. Alternatively, you can find out by:

On Windows: Run a command prompt box, type the command “ipconfig” which should display some output. Take note if the IP address that displays “default gateway”

Get the IP address of your router

On a Mac: Enter network preferences, and then go to the “Advanced “ button, followed by the TCP/IP tab. Find “Router”, which will display the router’s IP address.

Mac_Network_Preferences

Apple device: head over to settings, go to Wi-Fi, then look for the “i” button to the right of your network name and click it. You should see the IP address under “router”.

Android device: This needs a separate App to view you router’s IP address. We suggest on to use called Fing.

Once you have your router’s IP address, type it into your web browser and access the login page. Simply enter your default admin ID and password (this should be labelled on your router). If unsure, you can contact your ISP (Internet Service Provider) to find out.

2 – Guest Network.

Belkin Router Guest Wifi Settings

Once you’ve successfully logged into you router, you’ll see that you can configure its settings. Look out for a setting or tab worded as “Guest Network” or something similar to it. This can vary from one router to another.  Note: that newer routers support guest networks, but some may not have this feature at all.  Check your router’s packaging or manual to confirm if it has the ability to provide a guest network.

3 – Configure and save. 

Enable your guest network by clicking on “enable”, along with any other preferred settings of your choice, save it, and you’re done!

It’s simple to do, right?

Now you know to set up a guest network so you can overcome the potential pitfalls mentioned in our previous article. Not only is this setup a win-win situation for all, you’ll also have peace of mind with having a secured LAN where nobody can see your private files, data or internet traffic, whilst maintaining a trustworthy relationship with your guests or customers.

For more ways to secure your home or office networks, contact your local IT professionals.

Read More
Everyone Needs Guest Wifi
Everyone Needs Guest Wifi

Everyone Needs a Guest Wifi

Office IT, Office Network, , ,
06
Oct 2014

Everyone Needs Guest Wifi

Providing wifi has become so popular that you’ll find it in just about every establishment. Having a guest wifi is a necessary safeguard for your data. 

You can see this for yourself by simply looking at the available Wi-Fi networks broadcasted and picked up by any device like your smart-phone, tablet or laptop. As Wi-Fi can be easily accessed in many businesses, from coffee shops, to fast foods chains, to airports and public transport, why shouldn’t your business or home offer it too? 

Practical reasons why setting up a guest network is important

Accommodating business needs.

Providing guest wifi for customers or visitors

After all, it’d be very inhospitable to turn down Wi-Fi requests from associates, guests or customers who need access to the Internet. By setting up a guest Wi-Fi network, you can grant them the right to stay productive on their projects, allowing them to access their emails or their files on the cloud, without them having to resort to doing it all on their smart-phone. How many times have you had, or will you be having temporary staff, contractors and visitors on-site, needing Wi-Fi access or at least an internet connection of some sort? After all, it’s impolite to say no to them, right?

Keeping the LAN (Local Area Network) private.

OnsitePCSolution_Update_Security

It’s wise to separate the business’ or home LAN from unauthorized public access. Your LAN will typically hold internal files, folders, display device names and access to the intranet. As the saying goes, it’s best to be safe than sorry. This will tighten up any vulnerability from both accidental and intended malicious activities which could otherwise compromise any part of your business.

Providing a different password.

Password for your wifi

You wouldn’t want to give the same password to just anyone who will be able to note and potentially store it for later use, especially if it’s for any of your own personal business accounts. Besides, some passwords can have a simple format which can make it easy for anyone to guess. It’s time to close that vulnerability!

Setting up a Guest Wi-Fi Network

Now you understand the reasons and the benefits of having a guest Wi-Fi network. It’s really simple to set one up.  Our next guide will walk you through the general steps on how to do it.

For more ways you can protect your privacy, data and business from breaches, contact your local IT professionals.

Read More

Is Your Office or Home D-Link Wifi Vulnerable?

Office IT, Office Network, , ,
16
Oct 2013

DLink_Router

An easy hack that affects D-Link routers has recently been discussed in this article from devttys0.com. The writer of the article, Craig, goes through the steps of how the exploit works in great detail. If you are running a D-Link router in your home or office, should you be worried? We will go over a summary of the exploit here.

What’s the problem?

In a nutshell, if someone is connected to your home or office network they can change the user agent, which tells the website a little bit of information about your computer, giving them access to change the main settings of your D-Link router. The user agent needs to be set to “xmlset_roodkcableoj28840ybtide” which is backwards for “Edit by 04882 Joel Backdoor”, further pointing to this being originally used as a backdoor to the D-Link settings.

dlink-admin-page

Once an attacker is connected to your D-Link settings they can change passwords, network settings and wireless settings. A hardware reset should fix you right up if you are attacked.

How can I check my home/office wifi?

The first thing you want to do is to flip your D-Link router over and check if the model matches any of the following:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240

Several Planex routers also use the same firmware:

BRL-04UR
BRL-04CW

Even if your model number is not listed, there is no guarantee the D-Link or Planex router you are running will not have the same or similar problem. The exploit was tested on a specific version of the D-Link router software but there is no note of it being fixed. The only way to be 100% sure your D-Link device is not affected is to try the exploit explained in the above article yourself, or ask your office/home IT support staff.

What to do if I am running an affected router?

You do have a few options if you are running a D-Link router that could be vulnerable.

1. Make sure the settings of your router are not accessible from the internet. This will help prevent attackers from the internet, but if someone is connected to your wifi or network in your home or office you are still vulnerable.

2. Replace your D-Link router with a model that is not affected. This may be the only guaranteed way to avoid becoming a victim.

Onsite PC Solution is based in San Jose California and provides small and medium sized business IT support.

Read More
1 2