Securing your WLAN
In this post I’m sharing my thoughts on how to use simple yet effective ways of securing your WLAN. The techniques I’m describing does not really require you to have a Masters degree in computer science to understand, it does however require you to have some familiarity with Networking and using a Browser.
Step 1: Change the default password.
Each router comes with a default Login ID and Password. Normally the routers default Login ID is ‘Admin’ and the Password is ‘Password’. Pretty original don’t you think? Anyways, the first step in securing your WLAN, is in changing the Admin password to any other strong password. A strong password is one that is at least 10 characters long and contains a mix of upper case and lower case alphabets, numbers and special characters. Eg. Ivn!12;rOss
Step 2: Change the router’s default ip
Each router is assigned a default ip address which normally is 192.168.0.1. When setting up the router change this ip to any other ip. You can stay within the series, such as 192.168.0.XXX i.e. the last value should be changed to anything you like form a single digit to three digits.
Step 3: Disable the router’s DHCP service.
DHCP enables remote computers to connect to the router and obtain an ip address assigned by the router. As far as is possible assign static ip’s to all the computers on your network. If you need to have DHCP to make life easier for you then restrict the number of computers on your network by limiting the number of DHCP ip addresses that the router can create to 5 from its default of 50 assuming of course that you only have 5 computers connecting to your network.
Step 4: Restrict the network mode.
If you computer can use WiFI ‘N‘ or ‘B/G‘ restrict the router to use any one network mode only. This can help prevent some computers from automatically joining your network. While this is not 100% effective it can help deter the casual snooper, especially if you use the newer ‘N‘ standard.
Step 5: Change the router’s default SSID.
The SSID is the name of the network. This often reveals the name of the house or office from where the WiFi signal is coming which can allow hackers to zero on your physical location. Change the SSID to a random name.
Even better is disabling the SSID broadcast altogether. This makes your WiFi router invisible to laptops and cell phones which automatically scan for WiFi hotspots. Hopefully, if hackers do not even know that your network exists they will not bother to break in. This is just common sense, prevention is much better than cure so to speak.
Your computers and cell phones that need to access your WLAN can be passed the SSID of the router manually when they are being setup so they can communicate with the router and connect to the WLAN.
Step 6: Opt for WPA2 or PSK security instead of WEP.
WEP (Wired Equivalent Privacy) keys can be cracked relatively easily hence opt for WPA (WiFi Protected Access) which uses 64 bit or 128 bit encryption. PSK’s are Pre-Shared keys which provide stronger security than WEP or WPA. The encrypted key is shared by the router and your WiFi devices.
Step 7: Enable the router’s MAC filter.
Enable MAC (Media Access Control) address filtering to restrict or authenticate a particular computer on the network. A MAC address is a unique physical address assigned to a network card to uniquely identify the network card. No two network cards have the same MAC address anywhere in the world. (Pretty amazing isn’t it ?). The can use the network card’s MAC address to authenticate it.
If any unregistered computer tries to join the network, i.e. a computer who’s MAC address has not been manually registered with the router, it will simply be prevented from doing so.
Step 8: Use the router’s firewall.
Enable the router’s firewall if it has this feature. Usually router’s use SPI (Stateful Packet Inspection) which reviews the packets of data entering your network.
If the router has an Internet filter enable this too. Enabling the Internet filter rejects anonymous Internet requests and keeps your network from being pinged.
Step 9: Disable remote administration
This maybe a great convenience if you are constantly administering the router / network from afar but this is an excellent window of opportunity for hackers. If you have to use remote administration keep this facility ‘On’ only for the period of time that its essential to have.
Step 10: Switch of the router when not in use.
This may sound a bit silly, but is quite sensible. If the router is not used at night switch it off. If you are going out on holiday switch it off.
Step 11: Disconnect the Internet when not needed.
If you do not need to be connected to the Internet constantly, simply unplug the ISP’s connection to the router. The network will still work but it will isolated from all potential hacking.
Step 12: Position the wireless router carefully. Place it in the center of your room or office. The WiFi router broadcasts like a sphere with the strongest signal at the router location.
Hence, the signal strength of the router will be the weakest at the circumference of the sphere. This could help prevent the router from being accessed by the neighbours or from the street outside.
Creating Virtual Domains Under Apache
When Apache is installed on a M.S. Windows XP / Vista computer the Apache installer places Apache’s file structure in:
C:\Program Files\Apache Group\Apache2
Apache’s index file, which is displayed when http://localhost is typed into a Browser window and the Go button or the Enter key is pressed, resides in:
C:\Program Files\Apache Group\Apache2\htdocs
If you do not want Apaches default index page to be displayed when http://localhost is typed in a Browser’s address bar and the Go button or the Enter key is pressed, simply create your own HTML file, name it index.html and place this in:
C:\Program Files\Apache Group\Apache2\htdocs
Now if you enter http://localhost in a Browser’s address bar and press Go or the Enter key your HTML page will be rendered in the Browser’s window.
This is an indication that Apache is working perfectly.
Having said that, it’s definitely not good practice to place all your website’s resources within the folder that Apache uses for its own resources i.e.:
C:\Program Files\Apache Group\Apache2\htdocs
It’s good programming practice to keep your website’s resources separate from Apache’s internal resources.
All that is required is that you create a separate folder, anywhere on your hard disk and place your website resources within that folder.
For example: d:\mysite
Now all that remains is that Apache needs to be informed that the folderd:\mysite is where you’ve loaded all your website’s resources.
You do this by creating a Virtual Domain under Apache and binding this domain to the folder where your website’s resources are placed.
To create a virtual domain you have to make changes within Apache’s httpd.conf file.
Apache’s httpd.conf file is resides in:
C:\Program Files\Apache Group\Apache2\conf
Navigate to that folder and the first thing to do is to make a copy of Apache’s httd.conf file and save this within Apache’s conf folder i.e. httpd_copy.conf.
This way if you’ve made some errors when adding a virtual domain to the httpd.conf file and Apache stops working, all you have to do is to overwrite Apache’s httpd.conf file with the copy you’ve made, then ensure that the file is re-named httpd.conf and Apache should start up again.
NOTE: In case you do not keep a copy of Apache’s httpd.conf and you’ve damaged the original httpd.conf file you have to re-install Apache from scratch, to get a working copy of Apache web server.
Now open the httpd.conf file in your favorite ASCII editor, (Notepad would do just fine). Scroll right down to the end of the httpd.conf file and you will notice Apache’s virtual domain example.
The code there should look something like:
#NameVirtualHost *:80
#VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#
#
The NameVirtualHost and VirtualHost directives are what we are interested in.
Simply copy the whole lot from # NameVirtualHost to and paste this below the original code.
Then delete the # which appears before each entry as shown below.
Please notice the section where the # are not deleted.
NameVirtualHost *:80
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /www/docs/dummy-host.example.com
ServerName dummy-host.example.com
ErrorLog logs/dummy-host.example.com-error_log
CustomLog logs/dummy-host.example.com-access_log common
Next:
Change
NameVirtualHost *:80
To read as:
NameVirtualHost 127.0.0.1:80
Notice that the # has been deleted
And
The local host ip 127.0.0.1 has replaced the * in this entry
Now let’s take a look at the
ServerAdmin ivan@ivanbayross.com
DocumentRoot d:\mysite
ServerName www.mysite.com
ErrorLog d:\mysite\errors\errorlog
Notice that the:
ServerAdmin has a legitimate Email ID bound to it.
DoumentRoot has the physical path to your websites resources
ServerName can have any name bound to it, I’ve chosen www.mysite.com
ErrorLog has the path to where Apache can keep its error log file
NOTE: Do not forget to create the folder d:\mysite\errors. Then using Notepad create an empty file named errorlog within this folder. Please notice the absence of any file extension.
Save the httpd.conf you’ve been editing and re-start Apache.
To restart Apache simply right click on the 
icon in the task bar and a popup window will appear as shown in diagram 1.
 |
| Diagram 1 |
Click on Open Apache Monitor and a popup window will appear as shown in diagram 2
 |
| Diagram 2 |
Simply click the Restart button. If all is well Apache will startup perfectly.
There’s a few more steps to be carried out to check is you’ve created the Virtual domain correctly, they are:
Making an entry in the hosts file.
Using the file Browser navigate to the folder C:\Windows\System32\drivers\etc
Within this folder there will be a file called hosts.
NOTE: If you have never used the hosts file ever before then you will find a file called hosts.sam or hosts.tmp in this folder. Copy this file to a file named hosts and you are done. Then edit the contents of hosts as indicated below.
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client
NOTE: Between the ip and the site name you must use the Tab key.
# For example:
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0. www.mysite.com
Save hosts and exit.
Finally place a unique index.html file within the folder d:\mysite. Now when you enter the URL in the Browser address bar: http://www.mysite.com Apache will display the contents of the index.html file you’ve place in the folder d:\mysite.
If all this works perfectly then you can build the rest of your website within the folder d:\mysite
My Introduction To G.U.I Design
Objectives:To understand the basics of User Interface Design
Today computers are a widely used business tool, there are literally millions of computer users. Almost all businesses use computers in some form or another to make them productive and help them succeed in a competitive world.
Computer based, business applications must be designed to fit specific business models. Such applications, definitely bring a measurable return on investment to the business in which they are run. Banking, Accounting, Inventory, Management Information System, Knowledge Management Systems and so on are examples of everyday business applications being run on computers.
All applications can be distilled down to two unique sections. The first section captures information and the second section stores such captured information.
In the business world, there are two types of people those who create business applications and those who use these business applications.
Strangely, it appears that these two types of people come from two totally different worlds. Quite like the catch phrase “Women are from Venus and Men are from Mars”. Yet one cannot do with out the other.
Techies, as the application developers like to call themselves seem to have little or no understanding about people who actually use their applications. They are always of the opinion that whatever they create is just perfect and must be used without compliant. Whereas, users of commercial applications always seem to be cribbing that the application never quite takes their needs into account.
To help bridge this gap I’ve listed a few principles of Graphical User Interface design I’ve used, which seems to have always (more or less) resulted in satisfied ‘Users’. Read more
-
-
Blogroll
- Apache Installation
- Apache Virtual Domains
- Development Blog
- Documentation
- My Books - Link to Ivan Bayross website – books
- My Wiki - Access my Wiki. I’ve begun to share my knowledge base on the Internet.
- MySQL Installation
- PHP Installation
- Plugins
- Support Forum
- The KPMRS Blog - This is a really great Blog about SEO and SEM. The information is beautifully laid out. There is clearly, passion and knowledge here.
- Unni’s Musings - The writing’s of Krishnan Unni, Visionary, Live-Wire, Electronic Marketing Evangelist
- Using Wordpress as a CMS
- WordPress Planet
