Yaksas Security

Cyber Security Research

  • Yaksas Security Home
  • Home
  • Yaksas Security Classroom
  • Learn Adversary Emulation
  • Contact Yaksas

Uday Mittal June 23, 2015 1 Comment

Secure Your Wifi Connection: Why & How?

If you’ve been on the internet for a while you would have come across one of those Memes highlighting the importance Wifi in our lives. If not do a quick Google search, get a cup of coffee and have a blast!

Thanks to our 24 x 7 companions, smartphones, tablets and laptops, Wifi has almost sunk down to the bottom most level of Maslow’s Hierarchy making it a necessity to survive. Therefore, I am not even going to ask you whether or not you have a Wifi connection at your home because I know you do.

One thing we often forget, while enjoying the many virtues of Wifi, is that little thing called router. Its the small box next to your computer or telephone equipment which continuously blinks.

So what about it?

Did you know that if you don’t configure that box properly, you might be charged with spreading terrorism. Sounds a bit far fetched, I think not. Here’s a little scenario to give you a wake up call.

Let’s say you’re using a D-Link router, most likely configured by the person who installed it. While configuring he might have asked you for a 10 digit password. What were your easiest options? Either digits from 1 to 0 or your mobile phone number. You entered the password, he saved it, your Wifi connection is up and you forgot all about that box.

By the way, did you know that your router has a website like administration console which lets you control your Wifi Connection. Every router ships with one and it has a default Username and Password combination. This combination is easily available on the internet. For D-Link, it’s usually Username: admin Password: admin.

Now one day a person with some malice on his mind visits your society. He takes out his phone and searches for available Wifi signals. He notices that the strongest signal is coming from your home. He tries to connect. If at the time of initial configuration you set the password to 1234567890 it’s his lucky day else he might have to work a little bit more. Let’s say you set your phone number as the password. Our guy asks around a bit and gets hold of your phone number. He tries it and gets connected. He can now use your Wifi connection to fulfill his malicious intentions. But he needs more speed. So he tries to log in to the administration console of your router. He get’s in. Next, he configures it in such a way that every device in your home gets locked out and only he can access it.

Lo and behold! our guy turns out to be a terrorist and uses your Wifi connection to upload a video to spread his propaganda. Few days later, police shows up on your door charging you of aiding in spreading terror and you have no clue how or why.

What can you do to prevent this from happening? Multiple things actually:

  1. Always use WPA or WPA2 security and set use a complex password. For eg. sjflkd!@#5
  2. Change the default password of your router.
  3. If you know what devices will connect to the Wifi connection configure MAC Address Filters
  4. Disable the Broadcast of SSID
  5. Some routers come with Guest SSID use that for your friends and relatives.

If you’re not too much into technology these might seem like alien terms. Sweat not. Your easiest option is to call your ISP and ask them to send an engineer. He would know how to do it. Your second option is to get hold of someone you know (friend or relative) who can do this for you. Lastly, you can always look up on Google there are excellent tutorials available for each of the steps listed above.

Don’t just read it and close the tab. Take an action to commit yourself to provide a secure environment for your family.

Related Posts

  • 5 Tips for Safe Digital Payments5 Tips for Safe Digital Payments
  • Steal Windows Credentials using a PDF File (NTLM Hash)Steal Windows Credentials using a PDF File (NTLM Hash)
mm
Uday Mittal

Uday Mittal is a cybersecurity professional with rich working experience working with various industries including telecom, publishing, consulting and finance. He holds internationally recognized certifications such as CRTP, OSCE, OSCP, CISSP, CISA, CISM, CRISC among others. He speaks on cybersecurity awareness, offensive security research etc. and has authored various articles on topics related to cyber security and software development for a leading magazine on open source software.

Filed Under: Awareness

Optin Form

Search

Follow us on Twitter

My Tweets

Categories

Tags

(ISC)2 Active directory adsecurity adsi adsisearcher adversary emulation Android attack active directory awareness blue whale challenge Certification CISSP Cloud security command and control crte crtp cyber-warfare Cyber Security cybersecurity Cybersecurity books Cybersecurity Cannon domain enumeration ethical hacking forest enumeration hacker Information Security ISACA Kali Linux Mass Surveillance Narendra Modi offensive security Online Safety opsec Password Penetration Testing pentest poshc2 powersploit Powerview privacy red team red teaming Risk Management Social Engineering user enumeration

Top Posts

  • Red Team Operations Attack Lifecycle
    Red Team Operations Attack Lifecycle
  • Mona.py for exploit devs: 6 must know commands
    Mona.py for exploit devs: 6 must know commands
  • DCPP: Everything You Need to Know
    DCPP: Everything You Need to Know
  • 7 Ways to Cover Your Device's Camera
    7 Ways to Cover Your Device's Camera
  • AD Exploitation using ADSI - Part 1 (Introduction)
    AD Exploitation using ADSI - Part 1 (Introduction)
  • ADSISearcher (Part 2)
    ADSISearcher (Part 2)

© Copyright 2020 ElliteDevs · All Rights Reserved · Powered by WordPress