Setting up a home or small network is hassle enough. Tweaking and updating firewalls and antivirus programs on every PC can drive you nuts. One potential solution is Check Point’s ZoneAlarm Secure Wireless Router Z100G, a speedy, automated, all-in-one product that provides blanket protection for everyone on your network.

There is a built-in firewall (based on Check Point Firewall-1 technology), antivirus and intrusion protection, dynamic DNS, a VPN, remote desktop access, parental Web filtering, and the ability to run four shared printers. Register the router, and your updates for the firewall, AV, and other services are automatic and free the first year. Setup if you stick with the defaults is fairly straightforward, thanks to wizards, a lucid manual, and simple sliders that set security levels.

But buyers beware. The router’s default settings don’t catch everything. Although the router aced Gibson Research’s Shields Up!! security tests, it flunked Gibson’s wily LeakTest, which tests a firewall’s ability to catch unauthorized outbound messages. And it was easy to download test viruses from Eicar.org. The solution, alas, is digging into the router’s configuration screens, writing rules, and fiddling with arcane controls. For comprehensive protection, you must also install ZoneAlarm’s Internet Security Suite or a similar package on every PC. Furthermore, I had to wait three days to receive a passcode to download updates for the AV software/firewall. And the only tech support available is through email and online chat. That’s right, no phone support.

The Z100G isn’t quite ready for prime time. If you’re network savvy or have a mixed network with Macs and older non-Windows XP PCs it’s a steal. If not, stick with the ZoneAlarm software suite for now.

Sponsored: Your firewall is your first line of defense! Block hackers and protect yourself from viruses or worse! Simply download, install and run!

Some time ago, a friend of mine was frustrated because he couldn’t get to the network in his office with his laptop plugged into his docking station. He had used the laptop at home the night before and gotten on his wireless network without a problem. But this day, his wired connection would not work. He checked his cables and saw that there green LED were lighted up.

He had tried to access both the Internet and intranet sites but to no avail. We opened a command prompt and ran ipconfig. He didn’t have an IP address, but I noticed that his built-in wireless card was listed and active.

What he needed to do was to disable his built-in wireless card. He had enabled the wireless to work at home, and it was still enabled. Because it was enabled, the wireless card was trying to obtain an IP address, and it refused to let the wired “portion” of the card pick up an address from the company DHCP server as there was no wireless signal in the office. After disabling his wireless card, his wired connection picked up an IP address, and all was well.

Most laptop network cards have a wired connection in addition to their wireless capabilities. For many of them, the wired connection will not work if the wireless is enabled. It’s an attempt to prevent conflicts if both connection types are active.

A popular standard for wireless communication is Bluetooth. The standard is managed by the Bluetooth Special Interest Group, which includes Microsoft, Intel, Apple, IBM, and Toshiba, along with several cellular phone manufacturers. The technical specification IEEE 802.15.1 describes Wireless Personal Area Networks (WPANs) and is based on Bluetooth.

Bluetooth doesn’t have the range of cellular communications, nor does it have the bandwidth of current wireless networking standards (WiFi). Bluetooth signals are good only for about 30 feet, and it really helps to have line of sight to make them work. Bluetooth is not designed for wireless networking; it’s designed for wireless communication.

The good news is, it’s fast and reliable transferring small amounts of data short distances. It also uses little power compared to cellular or WiFi options, making it ideal for laptops as well as handheld computers.

Bluetooth is more popular in cell phones and handheld computers, but it still gets a lot of attention in laptop computers. Common devices are keyboards and mice, printers, cameras, and headsets and microphones.

All of the things I have mentioned so far are basic security measures that apply whether you are at home, at work, or connecting to a public wireless network while browsing books at Starbuck Coffee. Now let’s take a look at some extra things you need to do or consider when connecting to a hotspot.

Verify Your Hotspot Connection
To begin with, you need to make sure you are connecting to a hotspot and not a malicious rogue access point. When you are connecting to a public wireless network, it will broadcast the SSID, or network name, along with other information your wireless adapter needs to know in order to connect. It is very easy though for an attacker to set up a rogue access point and use the same or similar SSID as the hotspot.They can then create a replica of the hotspot login Web site to lure users into giving up their usernames and passwords or possibly even get credit card numbers and other such information from users who think they are registering for access on the real site.

You should make sure that the location you are at even has a hotspot to begin with. Don’t think that just because you happen to be at a coffee shop and a wireless network is available that it must be a free wireless hotspot.

If you are at a confirmed hotspot location and more than one SSID appears for your wireless adapter to connect to, you need to make sure you connect to the right one. Some attackers will set up rogue access points with similar SSIDs to lure unsuspecting users into connecting and entering their login or credit card information.

Read more »

Public wireless networks, often referred to as hotspots, are springing up all over. Many chains such as Starbucks Coffee, Borders Books, and McDonalds’ have started adding wireless network access to their establishments through services providers. Major hotel chains have gone from no access to dial-up access to broadband access, and now many are offering wireless network access. Many airports and college campuses have wireless networks as well. It seems like every week someplace new pops up where you can surf the Web while you’re out and about.

It is perilous enough jumping onto the Internet using your own network in the comfort of your home, but sharing an unknown network and not knowing if the network or the other computers are secure adds some new concerns. Some of the things you must do to use a public wireless network securely are just simple rules of computer security no matter what network you’re connecting to, while others are unique to accessing a public wireless network.

Install Up-to-Date Antivirus Software
For starters, you should make sure you have antivirus software installed and that it is up-to-date.You don’t know what, if any, protection the network perimeter offers against malware or exploits, or whether or not the other computers on the network with you are trying to propagate some malware. You also need to make sure that your operating system and applications are patched against known vulnerabilities to help protect you from attack.

Install a Personal Firewall
Your computer should have personal firewall software installed. Again, you have no way of knowing offhand if the network you are joining is protected by any sort of firewall or perimeter security at all. Even if it is, you need the personal firewall to protect you not only from external attacks, but also from attacks that may come from the other computers sharing the network with you.

Read more »

Most wireless routers keep logs of the devices that attach to them. Even if you have taken all of the preceding steps to secure your wireless network, it is a good idea to periodically review the logs from your wireless router and check for any rogue devices that may have gained access.

The other major points to consider regarding a secure home wireless network are the same as they are for a wired network or computer security in general. You should make sure you are using strong passwords that can’t be easily guessed or cracked on all of your devices, and protect your computers with personal firewall software.

One final word of advice when it comes to securing your wireless network: a device that is not connected to the Internet can’t be attacked or compromised from the Internet.You may want to consider turning off your wireless router or access point overnight or when you know that it won’t be used for extended periods. If there are too many users trying to access the Internet and use their computers at varying hours, it may be impractical to turn off the wireless router, but you can still turn off any computers when not in use so that they are not exposed to any threats whatsoever.

To further protect your wireless communications, you should enable some form of encryption. Wireless manufacturers, in their haste to start selling equipment, rushed to create WEP (Wired Equivalent Privacy) encryption to provide some level of security while waiting for the official 802.1x security protocol to be standardized. It was quickly discovered that the underlying technology of WEP has a number of flaws which make it relatively easy to crack.

Wi-Fi Protected Access

The wireless industry has since migrated to the newer WPA (Wi-Fi Protected Access) encryption, which offers a number of significant improvements over WEP yet remains backwards-compatible with WEP devices. In order to use WPA though, all devices on the network must be WPA-capable. If one device uses WEP, the network will not be able to use some of the improved security features of WPA and your network may still be vulnerable to being exploited by the weaknesses found in WEP.

WPA2

WPA2 has recently emerged to replace even WPA. Devices that are WPA2-compliant meet stricter security requirements.Windows XP with Service Pack 2 (SP2) fully supports the features and functions of WPA2, allowing a higher level of wireless network security as long as all of your wireless network clients are capable of the same security level.

While a knowledgeable and dedicated attacker with the right tools can still crack the encryption and access your wireless data, this should not discourage you from enabling it. It would be unusual for someone to dedicate that much time and effort to get into your wireless network when they can probably find five more unprotected wireless networks on the next block. It isn’t practical to think you will be 100-percent secure, but turning on some form of encryption combined with the other precautions listed previously will deter the casual hacker and curious passerby.

Read more »