See If You Can Find It

Tuesday, September 22, 2020

WLAN Security 2 - Maintenance and Utilization

 

 

Welcome back to KaosSec!

 

Before we get started, I just wanted to apologize for not having this up when I said I would. Between work, school, being with my son, studying for certifications, and taking part in Trace Labs, I didn't have the time I had hoped. But since we're here now, thank you for reading!

 

Now, let's take a look at some more things you should consider with your wireless network. Again, this is not an all-inclusive guide. However, this should get you going pretty well until you're ready to take a deeper dive.

 

Maintenance 

Maintaining is of the utmost importance - whether it applies to your network, your body, or your car - if you don't maintain, all of your hard work has been for nothing.

To start off with, you need to maintain a record of some sort on how many devices there are on your network at any given time. Make sure you know what kind of devices there are - phones, laptops, desktops, IoT devices, etc. Additionally, keep track of WHO is using these devices. If you keep up with this, it will be easier to spot an intruder in the future.

Keep networking and end user devices up to date. We've all been there. No one wants to restart their computer to let an update run its course. But it's a necessary part of tech-life. If you don't keep your devices up to date, you could potentially be leaving a gaping hole for intruders to walk right in. 

Conduct periodic scans in order to detect unauthorized devices, including rogue access points or evil-twins.

Monitor your traffic and devices. Get familiar with wireshark - take a look at what's happening on your network. Go through any event logs in your antivirus. It wouldn't hurt to have a free SIEM running either.


Utilization

When utilizing your network, you want to take as many precautions as you can (well, without making the network unusable). If you aren't cautious with how you're using the network you're on, you aren't performing defense-in-depth.

Disable automatic connections. Seriously. If you have automatic connections enabled, you're spraying out your network info any time you're away - as well as any other network you've forgotten to delete.

Utilize a VPN and/or anonymizer on the network. Having your own private connection on the network will prevent attackers from intercepting your data. Utilizing an anonymizer (such as orbot on Android) will help prevent anyone outside the network from identifying you.


 

 Don't share your credentials. You're most likely to be targeted by someone who knows you personally and is close to you. If this person has your credentials, it's that much easier for them to wreak havoc on your life.

Use a password manager - you should be using unique passwords/passphrases on all of your accounts. You don't want an attacker having access to everything if they get one password. But how are you supposed to remember all of those passwords? You don't. Utilizing a password manager not only keeps you from having to constantly reset your unique passwords, but it also saves time when logging in.

Understand what phishing is and how to recognize it. If an attacker is successful in their phishing attempt, it doesn't matter what technical controls you have in place. They're in. They own you. It's going to be quite the challenge to recover from.


Thank you for reading, please let me know what you think!

All images were sourced from unsplash, and all metadata has been left intact. Feel free to examine this and thank the author!


No comments:

Post a Comment