Secure your Wireless Network (Home)


Most people now know how important it is to secure your home wireless, however many still don’t know all the steps available to protect your wireless beyond setting a password.  Here some tips to provide advanced security to your home wireless network.

  1. Change the administrative password.  Use a strong password.
  2. Set your wireless name to something that would not be easily associated with you.  Do not use your address, name, car make, etc.
  3. Turn off broadcasting of your SSID (name of the wireless connection setup in step number two above).  Some devices require broadcasting to setup and connect the first time, if this is the case turn on broadcasting of your SSID, connect the device, then disable it again.
  4. Use WPA2 Encryption.  Again, use a strong password as you did to setup your administrative password.  Do not use the same passwords.
  5. Use MAC Security.  What is MAC security?  Each system (network card) has a virtually unique MAC address.  Much like an IP address, however it is an address provided by the maker of the network card and not dynamic.  Setting up your wireless to only allow specific MAC Addresses (your MAC Addresses) further reduces the chances an unauthorized individual could use your wireless.  You can find your MAC address for any device generally fairly easily by Goggling “how do i find the MAC address for”…
  6. Turn off DHCP.  DHCP is a service provided by your wireless router that provides an IP address to each machine that is allowed on the wireless network.  Turning off DHCP and setting the IP addresses manually for each device is the safest, however I find it to be quite a pain so instead I limit the DHCP scope (range) to only the number of IP addresses of devices I will have connecting and then assign each one to a device.  This then associates an IP address with a MAC address and eliminates  the need to manually set IP addresses on each device.
  7. If you have the option and do not need your wireless devices (such as a laptop) talking to other devices (such as a wireless printer) then disable communication between devices.  Many home wireless routers do not support this option, so you may not be able to enable it.
  8. If you have options to limit the range (strength) of your wireless signal set it to the level that ensures it works for you but not higher.  Setting it higher than is needed makes your wireless network available in ranges you would not need it, thus increasing the chances that someone else might try to use it.

Creating a Strong Password 101


Most authentication is still based on username and password, personally I feel this is adequate for most of my personal accounts as long as I use a strong password. I do wish MY Bank offered two factor authentication, but alas it does not yet.

So, if a strong password is ALL you have to protect yourself how do you create one and more importantly how do you remember it? Let’s start with creating a strong password…

CREATING A STRONG PASSWORD

  • Pick two or three words that are 10 or more letters in length.
  • Use unrelated words
  • Substitute at least one letter for a number, such as 4 for A or 3 for E.  Do not substitute ALL possible letters for numbers.
  • Add a punctuation.
  • Capitalize at least one letter.

Sound doable?  Now, the real challenge is remembering it.  If you absolutely cannot remember passwords then I suggest using the Password Safe, just make sure your password to access the safe is VERY secure.  This allows you to remember only one password and have access to all your other passwords contained in the safe.  For those of you that  feel up to the challenge try running an installation of TeamPass.  It is what I personally use.  Just make sure to back it up and NEVER change the salt.  You should be able to but it is not supported yet and you will lose ALL of your passwords as well as all passwords for all others.  I suggest not putting this site on the internet.

EXAMPLE 1

  • picture leaf
  • pictur3 l3af
  • pictur3#l3af
  • Pictur3#l3aF

Now what you have to remember….

  • picture#leaf with e’s substituted for 3’s and the first and last letters capitalized. 

EXAMPLE 2

  • space manhole
  • sp4ce m4nhole
  • sp4ce.m4nhole
  • sp4cE.M4nhole

Now what you have to remember….

  • space.manhole with a’s substituted for 4’s and the last letter of the first word and first letter of the last word capitalized.

Google Authenticator for SSH access on Ubuntu 11.04 – OTP


This video describes at a high level what it takes to configure Ubuntu 11.04 ssh access to require a verification code from Google Authenticator. Here are some useful links:

WebbyNotes Guide:
http://guides.webbynode.com/articles/…

Guide by Jean-Francois Theroux (Installation / Configuration):
http://blog.theroux.ca/security/ubunt…

Download the Ubuntu Google Authenticator package for Ubuntu:
https://launchpad.net/ubuntu/+source/…

Background can be found here:
http://gnome-look.org/content/show.ph…

YOUTUBE VIDEO LINK
http://www.youtube.com/watch?v=UTjdW3F6GOc

Test Your Password Strength Against John the Ripper


This is a demonstration video on how to test the strength of your passwords on an Ubuntu system against the John the Ripper password cracker. It is important to know how fast these tools can actually work to crack passwords and how to protect yourself against them finding your password. In my example password, password1 and elephant were all found in under 20 seconds and I don’t have a fast machine. Btw… these were test accounts I removed immediately after making the video 🙂

YOUTUBE VIDEO LINK
http://www.youtube.com/watch?v=8oNYJyNF-WI