Slide 1Slide 2Top 10 network security threats to businessesSlide 4Slide 5Securing your Wireless NetworkSlide 7Slide 8Slide 9HackingTypes of HackingSlide 12Slide 13SIGNS YOUR COMPUTER IS HACKEDHelpful sitesNETWORK SECURITY AND HACKINGEmmanuel DoryumuTOP 10 NETWORK SECURITY THREATS TO BUSINESSESInsiders - In many SMBs, business records and customer information is often entrusted to a single person. Without adequate checks and balances, including network system logs and automated reports, data loss from within can stretch over long periods of time.Lack of Contingency Plans - One of the biggest threats to SMBs relates to the business impact of post-hack, intrusion or virus. Many SMBs lack a data loss response policy or disaster recovery plan, leaving their business slow to recover and restart operations.Unchanged Factory Defaults - Hackers publish and maintain exhaustive lists of default logins (username and password) to nearly every networked device, and can easily take control of network resources if the default factory configuration settings are not changed.The Unsecured Home - In many small businesses, employees often take laptops home to work. In an unsecured home network environment, a business laptop can be dangerously exposed to viruses, attacks and malware applications. Reckless Use of Public Networks - A common trick by attackers is to put up an unsecured wireless access point labeled, "Free Public Wi-Fi" and simply wait for a connection-starved road warrior to connect. With a packet sniffer enabled, an attacker silently sees everything the employee types, and is then able to utilize that data for personal gain. Loss of Portable Devices - Much SMB data is compromised every year due to lost laptops, misplaced mobile devices and left behind USB sticks. Although encryption of mobile device data and use of strong passwords would ease many of these losses, many SMB users simply fail to secure their mobile devices and data. http://news.cnet.com/8301-13579_3-20003308-37.htmlCompromised Web Servers - Many SMBs host their own websites without adequate protection, leaving their business networks exposed to SQL injections and botnet attacks.Reckless Web Surfing - Now more than ever, malware, spyware, keyloggers and spambots reside in harmless looking websites. Employees who venture into supposedly safe sites may be unknowingly exposing their business networks to extreme threats. Malicious HTML E-mail - No longer are attackers sending e-mails with malicious attachments. Today, the threat is hidden in HTML e-mail messages that include links to malicious, booby-trapped sites. A wrong click can easily lead to a drive by download.Unpatched Open to Known Exploits - More than 90 percent of automated attacks try to leverage known vulnerabilities. Although patches are issued regularly, a short staffed SMB may likely fail to install the latest application updates and patches to their systems, leaving them vulnerable to an otherwise easily stopped attackSECURING YOUR WIRELESS NETWORK Secure your wireless router or access point administration interface1Almost all routers and access pointsEhave anEadministrator passwordEthat's neededEto log into the device and modify any configuration settings. Most devices use a weak default passwordElike "password" or the manufacturer's name, and some don't haveEa default password at all.EEAs soon as you set up a new WLAN router or access point, your first step should be to change the default password to something else. Don't broadcast your1SSIDMost WLAN access points and routers automatically (and continually)Ebroadcast the network's name, orESSID (Service Set Identifier). This makes setting up wireless clients extremely convenient since you can locate a WLAN without having to know what it's called, but it will also make your WLAN visible to any wireless systems within range of it.ETurningEoffESSID broadcastEfor your networkEmakes it invisible to your neighbors and passers-by (though it will still be detectible by WLAN "sniffers").EEnable1WPA encryption instead of WEP802.11's WEP (Wired Equivalency Privacy) encryption has well-known weaknesses that make it relatively easy for a determined user with the right equipment to crack the encryption and access the wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPAEprovides much betterEprotection and is also easier to use, since your password characters aren'tElimited toE0-9 and A-FEas they are with WEP. WPA supportEis built intoEWindows XP (with the latest Service Pack) and virtuallyEall modern wireless hardware and operating systems.EA more recent version, WPA2, is found in newer hardware andEprovides even stronger encryption, but you'llEprobably need to download an XP patch in order to use it.Remember that WEP is better than nothing1If you findEthatEsome of your wirelessEdevices only support WEP encryption (this is often the case withEnon-PC devices like media players, PDAs, and DVRs), avoid the temptation to skipEencryptionEentirely because in spite of it's flaws, using WEP is still far superior to having no encryption at all. If you do use WEP, don't useEan encryption key that's easy to guess like a string of the same or consecutive numbers.EAlso,Ealthough it can be a pain, WEP users should changeEencryption keys often-- preferablyEevery week.EE See this page if you need help getting WEP to work.EEReduce your WLAN transmitter powerYou won't find this feature on all wireless routers and access points,Ebut someEallow youElower the power of your WLANEtransmitter and thus reduce the range ofEthe signal. Although it's usually impossible to fine-tune a signal so precisely that it won't leak outside your home or business, with some trial-and-errorEyou can often limitEhow farEoutside your premises the signal reaches, minimizing the opportunity for outsiders to access your WLAN.EDisable1remote administration - Most WLAN routers have the ability to be remotely administered via the Internet. Ideally, you should use this feature only if it lets you define a specific IP address or limited range of addresses that will be able to access the router. Otherwise, almost anyone anywhere could potentially find and access your router. As a rule, unless you absolutely need this capability, it's best to keepEremote administrationEturned off. (It'sEusually turned off by default, but it's always a good idea to check.)HACKINGis a person who breaks