We had some identity thefts situations with our credit cards and Bank accounts. People using our credit cards and writing checks against our account.
How can I set up a really secure internet connection in my home ?
I use a Windows XP - wireless laptop to access the internet I have in my home. We use Comcast cable. We have a WPA secure internet. We use a Netgear Rangemax MIMO and the Comcast modem.
Somehow some people have managed to get both our credit card numbers and bank account numbers and even driving license number.
I use this internet to access all our bank accounts etc.
Because of the fraud that occurred, we want to make sure that we have a really secure internet connection.
What additional hardware, software etc do I need, if any ? Since I am not a techie, pls help me with as much detail as possible.
You probably did not loose all this info due to your wireless connection. your info probably got nabbed because someone hacked a merchant you use, or someone who uses your computer from within your house opened an email attached which contained malware like maybe a key logger on your computer.
1 Make sure you have active and up-to-date Anti Virus/Anti Spyware installed and are doing regular scheduled scans.
2 So your using WPA. What encryption/authenication mechanisim are you using. IE TKIP/AES for encryption or Pre-share or Radius for authentication?
3 Wireless will never be 100% secure. Due to the fact that your broadcasting data over the air it will always have a hicher risk of attack
4 Hide Your SSID
5 Don't use identifyable comment for your SSID. IE, Dont make your SSID your house address or your family name or anything else that can link your house/name to your wireless connection. it makes it to easy for someone to camp outside your house and hack away.
6 Dont open attachments or emails from anyone you dont know
7 Use a Statefull Inspection Firewall. Packet switching firewalls do not track the state of the data.
8 Disable services you dont need. If your not running a web server uninstall IIS.
9 Dont respond to any email which asks you to verify your username/ passwords, banking information, or any other personal info which appear to be coming from your banks fraud department. Banks will never ask you for your passwords in an email. If you get information like that call the bank directly to confirm if there is an issue.
10 Stop using cordless phones to communicate personal information during telephone conversations unless the conversation is encrypted. If you ever want to know what your neighbors really think of you, go out to radio shack and spend 50.00 on a police/fire scanner. Depending on the frequency your cordless phone is using many of these types of scanners can also pickup cordless phone conversations and play them out the speaker in plain text.
11 If you want 100% security on your pc then erase the data on the computer and unplug it and put in a box. there is no such thing as a
100% secure computer because they are inherently at risk due to physical and logical theft. As soon as you plug it into the internet that risk is elevated.
12 For god sakes if your using microsoft wallet....stop it. Dont click on the box to remember your usename and passwords either.
=95 Not all security issues are related to internet access, so make sure your other sources of information are secure also. o Do you print out copies of your account information? o Does your teenager (therefore their friends) have the password to your computer? o Do you keep all of your account information in a special folder or notebook? =95 It wasn=92t clear to me if all of your accounts were hacked. If it is a single bank or charge account, then maybe the security problem in on the other side, where you used the business services. I=92ve had 3 charge card numbers get out into the wild in the last 10 years (my personal and my business cards were compromised at the same time after an online book store was hacked) =95 As for internet and computer security do these things: o Install and run good spyware detector such as adaware(lavasoft.com) or spybot(safer-networking.org) for starters. o Install a good two way firewall, one that tells you about your programs accessing the internet. You may find that you have spyware reporting home. o Install and run updated antivirus programs. =95 Personal habits: o Make sure that anytime you are entering your information the address line of your browser shows =91https://=92 and there is a =91lock=92 icon on your browser window. o This will ensure that the communications between your computer and their computer is encrypted even if you are using wireless.
Not all SOHO routers you buy at Best Buy/Circuit City/Comp USA or other type stores are statefull.
I would like to see a non-commercial use router that gives you spot to put a confidentiality banner.... Linksys, Netgear and the alike dont make them like that, or atleast I have not seen one Yet. Security through Obscurity is not a fool proof Security practice. It does however make it more dificult to hack what cant see. If given the chance to hack client A which is easy to discover versus client b which is not. Some might say they would go after client a. some might say they would go after client b because client must have something to hide. it will take you longer to hack client b because it may take more work. In the extra time you may get caught.
In the most states in the US it is a crime to intentionally connect to any computer or network that you do not have direct ressponablity over.
Good luck with that! Must be some hell of an email client that can differentiate what is a malicous attachment and what is not.
I know Microsoft has turned out some crap over the years. Do you really think they are deliberately turning out crap. I dont think so. If that was true then they would have never achieved the status they are today. Do you agree that all exploits found are due to *random* programming errors. I mean who really makes a vulnerable product on purpose these days. I cant think of any CEO that wakes up in the morning and says lets go design a pile of crap today so we can be in the news more than TJX.... This does not mean that I like Microsoft products any more or less than I like Linux. It is just applying a little logical thinking. Most companies want to make money so the executives get rich. You dont do that by deliberatly putting bugs in your software....
I like the idea of the SSID as being "private_XYV"
I believe Netstumbler still shows channels even without the SSID being displayed.
I didn't claim that they're turning out crap. IE is perfectly suited for its intended usage scenario: as an ActiveX Rich Platform Client.
No. With IE, you can break security by simply working through the front door, using well-documented mechanisms in their exact functionality. It was never supposed to be secure in first place.
It's certainly not proven that your accounts were hacked via the internet. There are many ways people get access to your account. Do you shred paper copies rather than put them in the trash for someone else to see? Ex-partner?
Even it it was via the internet, it is by no means certain that it is technical failure in your hardware or software, but you may have been tricked into going to a site that is not your bank, but you think it is.
The usual process they use is
1) Send you an email that asks you to log into your account - various reasons are given for why they want you to do this.
2) Send you to some dodgy site, but make it appear ok, so you enter your login details.
3) Say the password is wrong, then redirect you to the real site, having taken your password and other information.
4) You enter your data for a second time, and your bank lets you in and all looks normal. But the dodgy site has taken your details.
But personally I would not use a Microsoft operating system - there have a long string of security issues with them. On the whole, UNIX based operating systems are more sucure. OSX on a Mac is one, but of course you need to buy a Mac. Solaris on a PC is another option. There are no known viruses for Solaris. It also happens to be free, which makes it cheaper than using a Mac.
Given a lot of attacks are done by tricking people into giving details, I'm amazed that banks don't implement a "security test" for people to undertake and pass before they are allowed access to internet banking. A bank could send you 20 emails, 10 spoofs and 10 real ones. If you managed to log into the real ones, and not be tricked by the spoof ones, then you have passed. If instead you don't get to all the real ones, or get tricked into one of the others, then you should fail the test and not be allowed to use internet banking until you have improved your knowledge. You can't drive a car without proving your knowledge of driving. I'm surprised banks allow one to use internet based banking until you can prove your competance.
Although I admit to doing it myself, if possible it would be better to used wired connections and not WiFi. I think WPA is quite secure, but a wired connection would be more secure.
A while back I got a letter from the VA stating that a laptop had been stolen and that the laptop had all my military records on it. Credit Bureaus, banks, etc routinely have break ins as well.
Most likely, your information was stolen from somewhere else. However, I would still recommend Shredding anything that is paper. Get a shredder that can shred CD/DVD's as well. People actually roam around in landfills looking for old backups and CDs with information on them. Don't us a cell phone to order pizza as anyone with a radio scanner can listen in (They can be easily modified and most cell phones are in the 700-900MHz range which hand helds can pick up).
Create a Faraday cage around your house so that electronic bugs won't work.
Put in extra insulation and sound proofing so that your neighbors cannot listen to you saying your credit card information with an audio amplifier.
From Absolute OpenBSD : UNIX for the Practical Paranoid by Michael Lucas the security on wireless internet is really bad and can be broken quite easily. I would switch to a wired network if you can. If you cannot live without wireless, get a copy of the book and setup an OpenBSD server to do your wireless.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.