II. Background

  1. Security is always balanced with, and often at risk due to other requirements
    1. Ease of use (or convenience)
    2. Functionality (or mobility)

III. Approach: Practice least privelege

  1. See computer firewall
  2. Disable Web-based remote management
  3. Disable WiFi Protected Setup (WPS)
    1. See Wi-Fi Communication
  4. Modify all router default settings
    1. Assign an SSID (unique discoverable name) to router that does not give away its owner (e.g. avoid "Smith Router")
    2. Change the DHCP private IP Range to another private IP range (e.g. 10.1.1.1 - 10.1.1.254)
  5. Use strong passwords (Router, WLAN)
  6. Disable services that are not needed
    1. UPnP - see Firewall above
    2. Integrated Webcam and microphone (may be turned on by malicious users via network connection)
  7. Resources
    1. https://www.tripwire.com/register/soho-wireless-router-insecurity/showMeta/2/

IV. Approach: Hardware tricks

  1. Network Hub (Hubbing Out)
    1. Network Hub inefficiencies are exploited for network troubleshooting
      1. All traffic on the hub is distributed to each computer on the hub (one collision path)
      2. Allows a monitoring computer to monitor all traffic to and from another computer
      3. Contrast with switch which divides out its traffic
    2. Step 1: Attach a network hub to the switch or network
    3. Step 2: Attach a monitoring or troubleshooting computer to the network hub
    4. Step 3: Attach target computer in question to the network hub

V. Approach: Utilities

  1. Protocol Analyzer
    1. Wire Shark
      1. https://www.wireshark.org/
      2. Visualize network traffic frame-by-frame (data layer 2, switch level)
      3. Use with a network hub (see above) to monitor traffic to another computer on the network
  2. Testing Firewall
    1. Shields Up
      1. https://www.grc.com/shieldsup
      2. Tests ports as well as UPnP settings

VI. Pearls: Travel

  1. Wireless: Wifi
    1. Use WPA2 connections (with a strong password)
      1. Do not use WEP or WPA (encryption broken in seconds to minutes)
    2. Hotel or conference wifi logins are no more secure than open wifi connections
    3. Ensure that open, free public connections (e.g. coffee shops) are not imposters
  2. Wired: Ethernet
    1. Hotels and conference wired connects have no significant security advantage over wireless
    2. Man-in-the-middle attacks (e.g. altered wall socket connections) and corrupted host are still risks
  3. USB Connections
    1. USB power stations are subject to "juice jacking"
      1. User plugs in their device to a power station (or friendly associates laptop) to charge
      2. Altered station or laptop can access data on the device
      3. Consider using a "USB Condom" (e.g. CyberStop) or set the device USB configuration to charge only

VII. References

  1. Scott (2016) Cyber Security While Traveling, Pluralsight.com

Images: Related links to external sites (from Bing)

Related Studies