Broadband Internet Security
Broadband refers to high-speed network connection. Traditional Internet services are accessed in “dial-on-demand” mode, whereas broadband Internet is an “always-on”
Connection, therefore security risk is very high. Without our knowledge, computer can be compromised and it can also be used as a launching pad for carrying out disrupting activities on other computers since broadband Internet is widely used, it is very important for every citizen to securely configure it for safe usage.
Broadband Security Threats:
1. As broadband Internet connection is “Always ON” , it leads to intentional misuse through
- Trojans and backdoors
- Denial of Service
- Intermediary for another attack
- Hidden file extensions
- Chat clients
- Packet sniffing
2. Default configurations are extremely vulnerable
Guidelines for Securing Broadband Internet Access:
- Always download broadband drivers from the legitimate websites recommended by the manufacturer.
- Regularly update/upgrade the firmware (driver code)
- Always use the power adapter supplied by the manufacturer along with the modem.
- In case of terminal adapter modem make sure that filter is enabled for broadband lines. To filter unnecessary noise generated during the transmission.
- Change Default Administrator (Passwords and User names) : In order to allow only authorized access to the equipment, change the default administrator or admin password of broadband router modem, as these details are given by the manufacturer which are common to all modems and can be misused by anyone.
- Assign Static IP Addresses to Devices: Most of the home users are allotted dynamic IP addresses, as DHCP technology is easy to setup. This may even helps the attackers who can easily obtain valid address from DHCP pool. Therefore turn off DHCP option in router or access point and use fixed IP address range.
- Enable MAC Address Filtering: Every device is provided with a unique MAC address. Broadband access points and router and provide an option for the user to combine the MAC address of the home equipment for access. This facilitates to allow connections only from those devices.
- Enable Wireless Security: Modem routers support wireless security. User can select any one protocol and a protection key. The same wireless security protocol and protection key has to be enabled in computer.
- Turn on (Compatible) WPA / WEP Encryption: All Wi-Fi enabled modems/router support some form of encryption technology, which has to be enabled.
- Change the Default SSID (Service Set Identifier): All the access points and routers use a network name called SSID. Manufacturer normally ships their products with the same SSID set. As it can be misused by the attacker to break into the net work / computer, it is necessary to change the default SSID while configuring wireless security.
- Use effective end point security solution (with anti virus, anti spyware, desktop firewall etc) to protect computer/ laptop from broadband Internet security threats.
- Enable Firewall on Modem Router as well as Computer: Broadband modem routers contain built-in firewall feature, but this option has to be enabled. Computer connected to the broadband modem also needs to be protected with desktop firewall.
- Turn off Modems during extended periods of Non-Use: Shutting down a network will certainly prevent outside unauthorized people breaking into the network. Since it is very difficult to frequently turn on and off the devices, it can be considered during travel or extended offline period.
- In case of USB broadband modem, disconnect and remove the device after usage.
- Install broadband Internet bandwidth usage monitoring tool.
- Enable SSH (secure channel) for remote administration.