Three Free, Easy Ways To Protect Your Network
Whether the Conficker worm booms or fizzles, take it as a reminder to keep your networks safe. You could spend money on a security consultant--which isn't such a bad investment if helpful--but here are three free tricks to increase your network's security.
Use OpenDNS
Use OpenDNS Internet traffic gets routed through IP addresses; the text you type as a URL only sits on top of those numbers. Normally, when you type "pcworld.com," it gets referenced in a domain name server directory, which then routes you to the actual IP address. But what happens if that structure is compromised and an attacker can send your request to a different IP address?
Last year, a new, devious attack materialized with that technique. You'd type a trusted name as a URL, but instead of being routed to the correct server, you'd be sent elsewhere. You might even see the name of a bank in the URL bar, but you'd have no idea you're entering personal data directly into a hacker's site.
Domain name servers and operating systems were eventually patched to protect against this attack. But the OpenDNS server already anticipated the problem and is quick to react to threats. Use it instead of relying on your ISP's DNS servers.
On the client side, you can open the Network Connections Control Panel. Right-click the active connection, and pick Properties. Select Internet Protocol (TCP/IP), and click Properties. Click the radio button to Use the following DNS server addresses and enter 208.67.222.222 and 208.67.220.220.
Or you can enable it on your router, sending DHCP clients these details without additional intervention. The specific process varies, but you'll essentially log in and enter those IP addresses in the NAT area. Visit OpenDNS.org for some hardware-specific details.
Update Your Router Firmware
Psyb0t is a worm that was written to attack router hardware directly, embedding itself inside. It simply guesses the login and password for a range of routers, starting with the defaults. At the very least, you should be using a strong password, especially since many low-end routers don't let you change the login ID. (Try a password of about 12 characters with a mix of numbers, letters, and symbols.)
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
conficker
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
