Secure your wireless home network

Believe it or not, there are humans out there active about LOOKING for networks from which they can abduct claimed data. What follows are some basal guidelines to advice you accumulate your arrangement safe from crooked access.

Keep software up to date!

More specifically, accumulate the firmware that is anchored (installed) in your accouterments current! Software is never absolute or bulletproof if aboriginal released! Vulnerabilities are apparent and so patches are appear by the accomplish to bung these aegis holes.

Even if you've just purchased a section of arrangement hardware, be abiding to go to the manufacturers website anon and analysis for updates! Do not accept what’s loaded assimilate your accouterments is the a lot of contempo version! Aegis holes can acquiesce anyone admission to your Internet affiliation and admired abstracts on your arrangement computers!


Change the Administrator password!

The wireless router will appear to you with a absence password. This countersign should be afflicted immediately! Most... if not all... wireless routers leave the architect with the Admin login name and password. I kid you not!

Go to the router’s agreement page and attending for the hotlink or appellation that says Admin. From there, you should be able to change the login name and password. If you accept any trouble, just analysis the manual.

Change your SSID.

SSID or Service Set Identifier is the name of a wireless bounded breadth network. SSID is like a "secret" key that should be set by the arrangement administrator. Every wireless router comes with a absence SSID. However, all wireless accessories on a arrangement accept the aforementioned SSID in adjustment to acquaint with anniversary other. By alteration it to a non-default SSID, you're authoritative it harder for crooked admission to your network.

Turn off SSID Broadcasting.

The SSID broadcasts a arresting (802.11 (Wi-Fi)) which allows anniversary wireless arrangement accessory to allege to one another. But acceptance your SSID to advertisement makes it easier for rogue accessories to be added to your network.

Once you've configured anniversary of your wireless accessories to the exact SSID you specify, about-face broadcasting off!

Enable WEP

WEP or Active Equivalent Privacy, encrypts the abstracts affective to and from your wireless clients. If possible, you should use the arch key possible, 128-bit.

Limit admission by MAC addresses

Every arrangement agenda (both active and wireless) has a different MAC (Media Admission Control) abode assigned by the manufacturer. Set your wireless router to acquiesce admission from alone specific MAC addresses and you'll abundantly advance the aegis of your network. Here's how to acquisition your MAC address... *

Windows NT/2000/XP

* Click the Start button --> click Run --> type winipcfg and click OK.
* Choose your network card from the drop down list.
* Your MAC address can be found in the Adapter Address field.

Once you've determined the MAC address for each of the network cards you're using, go to the manufacturer's site for your wireless router. There you'll want to find information on using MAC address security.

Backtracking EMAIL Messages

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I've changed my email address and the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.


Return-Path:

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for ; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID:

From: "Maricela Paulson"

Reply-To: "Maricela Paulson"

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"


According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.


Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)
12.218.168.0 - 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost
Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com
Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom's web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host's IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.

Increase Your Bandwidth

How to Use Increase Your Bandwidth

Microsoft is holding out on 20% of your bandwidth…Now you can get it back
NOTE: This may only be able to be used with XP Pro

Yes it’s true. Did you knw that a non edited Microsoft system holds on to 20% of your available bandwidth for updates and other things? Well they do, and you should get it back without hesitation. I’ll do a quick guide to help you have your system the way it’s supposed to be.

STEP 1: Go to Start > Run > Then type: gpedit.msc
Now CLick o.k. And you should see the Group Policy Editor Window open.

STEP 2: Go To - Local Computer Policy > Computer Configuration > Administrative Templates > Network > QOS Packet Scheduler > Limit Reservable Bandwidth.



Step 3: Double click on Limit Reservable Bandwidth.
Click Properties > Enable Reservable Bandwidth > Input “0″ > Click OK



STEP 4: Stare at that big 20% that Microsoft holds on to. Curse it, laugh at it, then reclaim it. Make the 20 a 0. Then select Apply > O.K.