|
| |
 |
In this tutorial I will discuss some simple changes you can make to improve the
security of computers connected to a broadband/high speed Internet service. I
also provide some tips to improve the security of computers using wireless
technology. The configuration changes I discuss are specific to a 2WIRE
brand "gateway". However, the configuration changes and concepts I cover are
relevant to other similar equipment.
Have a great day, Tom
|
|
|
|
|
This tutorial is intended to help SOHO (small office, home office) and home
computer users. NOTE: I do not cover online video game, p2p or
BitTorrent specific set up issues or settings in this tutorial.
I use a 2WIRE brand "gateway" for all the examples in this tutorial. 2WIRE brand
products are often included with broadband/high speed Internet service provided
by AT&T/Yahoo, Verizon, Netzero, Juno, Qwest and some large European and Asian
providers. However, the configuration changes and concepts I discuss are relevant
to other similar equipment.
|
| |
|
In this section of the tutorial I discuss the basic setup and configuration of
the "firewall" component of a 2WIRE brand "gateway" or equivalent device. A
firewall is similar in some ways to a traffic light used to control the flow of
automobiles. A traffic light can stop or allow automobile traffic to continue on
its way. Similarly, a firewall can be used to stop or allow certain types of
computer related traffic to and from your computer. Once your computer is
connected to the Internet it is exposed to many different types of computer
related traffic. Not all the traffic that reaches your computer is necessary for
you to browse the Internet, send and receive e-mail or enjoy online multimedia
(audio and video). Some types of traffic can present a potential danger to the
security of your computer/s and therefore anyone who uses it/them.
|
| |
why is this important to you?
A properly configured "firewall" can improve the security of your computer/s and
local network if you have one set up. For example, your computer would not have
been infected by the "Blaster/Lovsan" virus
if it was protected with a firewall. The Blaster/Lovsan virus was transmitted via
network and Internet traffic. It was responsible for infecting hundreds of thousands
(maybe more) of PC's running versions of Microsoft's Windows in the year 2003.
|
| |
|
The configuration changes I suggest can increase the protection offered by the
firewall component of the 2WIRE 2700HG-B "gateway" or similar device. For example,
the changes I suggest can limit the ability of a malicious individual to communicate
with and control your computer if a
"Trojan"
has been installed on you computer. This added protection can be important because
Trojans sometimes include
"Keyloggers"
which can be used to steal passwords, usernames and any information you type using
your computers keyboard. Malicious individuals and some types of computer
(worms)
scan the Internet for vulnerable computers to infect. We will adjust firewall
settings to limit the information gathering ability of these types of "scans".
|
| |
|
A good approach when configuring a firewall (or computer) is to enable (allow)
ONLY those features and services you need and use. The 2WIRE 2700HG-B
"gateway" and many similar devices come delivered from the broadband service
provider with all the units features enabled by default. These devices are also
often configured to allow many types of traffic that may be unnecessary for the
average home or SOHO (small office, home office) computer user.
|
| |
|
Some of the types of traffic allowed by default reduce the security of any computer
connected to the device. For example, the 2WIRE 2700HG-B "gateway" and similar
devices allow "Telnet" traffic to pass/flow to your computer. A "Telnet"
application can allow someone to remotely connect to your computer. Once connected
a person can control your computer in many ways to include the ability to delete
files from your computer. If important operating system files are deleted your
computer may not function properly (if at all). FTP (File Transfer Protocol) is
also enabled by default. FTP allows files to be sent to (uploaded), deleted or
copied (downloaded) from your computer. FTP could be used by a malicious
individual to upload (add) any type of malware (viruses, Trojans
(backdoors), worms, etc.) to your computer.
|
| |
The configuration changes I suggest should NOT interfere with your
ability to:
- Send and receive e-mail.
- Browse/view the Internet
- View or listen to MOST multimedia (video, audio) content on the Internet.
Configuring a firewall (with security in mind) like the one included with the
2WIRE 2700HG-B "gateway" and similar devices may take a little experimentation
and research. Some Internet enabled applications will require you to enable (allow)
additional types of "traffic" other than the settings I suggest. For example, at
the time I wrote this tutorial you must enable (allow) "All Other Protocols" in
order for the multimedia player called
"Real Player" to function
properly. Remember the rule: Only enable (allow) the features, services
and associated traffic you need. You will increase the security of any
computer/s connected to a broadband service if you use this approach.
|
| |
before we begin
For this tutorial I assume you have made all the required phone line, network
cable and other connections to your 2WIRE 2700HG-B (or similar) equipment and
computers. I assume your broadband access is configured and you have access to
the Internet. To make the configuration changes I suggest you need a desktop
computer or laptop connected to the 2WIRE 2700HG-B (or similar) via a network
cable (Ethernet cable).
-
Download and install the FREE password generation and management program called
"Password Agent Lite". We will use "Password Agent
Lite" to securely store the password we will assign to protect the 2WIRE's
(or similar) management interface. We will also use it to both generate and store
the "encryption key" that will be used to protect your wireless access point and
the computers connected to it. Password Agent Lite is also a great way to securely
store all those passwords and usernames you need if you shop, bank and pay your
bills online.
|
|
|
 |
|
| Copyright © 1995-2008 Advance Computers. All rights reserved. |
