Hackers use new tricks to steal IDs at DVinfo.net
DV Info Net

Go Back   DV Info Net > And Now, For Something Completely Different... > The TOTEM Poll: Totally Off Topic, Everything Media
Register FAQ Today's Posts Buyer's Guides

The TOTEM Poll: Totally Off Topic, Everything Media
Let's talk about anything media related.

Reply
 
Thread Tools Search this Thread
Old June 1st, 2005, 09:43 AM   #1
Regular Crew
 
Join Date: Apr 2003
Location: Cambridge, MA/Crete, Greece
Posts: 189
Hackers use new tricks to steal IDs

While I was trying to find out how I can know if someone "borrows" my wireless network, I came across this very informative article on online identity theft. If you are not familiar with the terms "evil twins" and "pharming," I suggest that you read this article.

http://www.sun-sentinel.com/business...ness-headlines

(BTW, for those interested in helping me out... I have a D-Link DI-614+ router that connects to my mac and the DSL modem, and would like to know if there is a feature/setting that would indicate whether or not my wireless network is used by unauthorized users such as my neighbors.)
__________________
Stelios G.M.

Stylianos Moschapidakis is offline   Reply With Quote
Old June 1st, 2005, 09:48 AM   #2
Major Player
 
Join Date: Feb 2004
Location: Philadelphia, PA, USA
Posts: 548
Most routers have a feature that allows you to view a list of all computers connected to your network (wireless or otherwise). The list is typically accessable through a web browser.

Perhaps you could work up an AppleScript (or use Automator if you're on Tiger) to capture this page on a regular basis and flag any instances of a "strange" visitor listed on your network.
Nick Jushchyshyn is offline   Reply With Quote
Old June 1st, 2005, 06:15 PM   #3
Trustee
 
Join Date: Jul 2003
Location: US
Posts: 1,152
Nick,

In the router menu click on Status. On the right side of the menu will be buttons for Log (which is self explanatory), and Wireless, which will show the computers currently connected to your network.

I strongly recommend you do the following to secure your network.

1. Update to the latest firmware for your router. You can get it by going to the Tools>Firmware category in the router menu and clicking the link to check for an update.

2. Change both the default ADMIN and USER passwords (located in the Tools menu). Every hacker worth his salt knows them. And don't make them something like "password". A good password has a mixture of upper/lowercase letters, numbers, and you could throw in a special character for good measure.

3. Enable network encryption. See http://support.dlink.com/faq/view.as...C%20/%20DI-784.

4. Enable MAC filtering (Click on “MAC filters” under Advanced>Filters). This will only allow the computers you specify to access your network. See http://support.dlink.com/SupportFAQ/...plateId=33638# for more information.

5. Change the default SSID (network name). (Again, every hacker will know the default.) It's under the Wireless category. And disable the SSID broadcast (under Advanced>Performance).

6. Check to make sure Remote Management is disabled (Tools>Admin).

7. Limit the number of IP addresses the router can assign to just the number you need for your computers. To do this click on the DHCP category and change the starting and/or ending IP address range.

It would probably be a good idea to disable UPNP (Universal Plug and Play) as well. It's under the Tools>Misc. category.

If you have the DI-614+ revision B with firmware v3.28 or higher you can enable WPA encryption, which is stronger than WEP. See http://support.dlink.com/faq/view.as...%20DI-524_revC.
Christopher Lefchik is offline   Reply With Quote
Old June 2nd, 2005, 04:34 AM   #4
RED Code Chef
 
Join Date: Oct 2001
Location: Holland
Posts: 12,514
Christopher has excellent advice! I have a wireless network here and employ
all of his advice. If you can, definitely use WPA encryption. It is far better.

The idea set forth by the article is pretty logically actually. Why would you
transmit (unsecure) personal data over a network you do not know? I'm not
going to let someone enter my PIN code at the ATM for me, now am I?

If you HAVE to transmit data over a public link (the same goes for internet
cafe's etc.), then make sure the data goes over a secure connection like
SSL (HTTPS) for websites or a VPN tunnel to your/a company. The same
can be done for ftp (sftp) and management functions like terminal services
(yes, you can route that over an encrypted link).

As with any (new) technology. Don't just use it, but take a bit of time to
learn how it works and what it does. There are a lot of people who have
bluetooth enabled on phones but don't use it (and thus are able to get one
of those phone virusses that was going around if not being careful etc.)
__________________

Rob Lohman, visuar@iname.com
DV Info Wrangler & RED Code Chef

Join the DV Challenge | Lady X

Search DVinfo.net for quick answers | Buy from the best: DVinfo.net sponsors
Rob Lohman is offline   Reply
Reply

DV Info Net refers all where-to-buy and where-to-rent questions exclusively to these trusted full line dealers and rental houses...

B&H Photo Video
(866) 521-7381
New York, NY USA

Scan Computers Int. Ltd.
+44 0871-472-4747
Bolton, Lancashire UK


DV Info Net also encourages you to support local businesses and buy from an authorized dealer in your neighborhood.
  You are here: DV Info Net > And Now, For Something Completely Different... > The TOTEM Poll: Totally Off Topic, Everything Media


 



All times are GMT -6. The time now is 04:36 AM.


DV Info Net -- Real Names, Real People, Real Info!
1998-2024 The Digital Video Information Network