I kust realized that some other PC is also getting assigned a IP address (DHCP Lease) from my modem. I am sure this is not one of the PCs in my home.
My modem was using WEP security. I know WEP is far less secure and WPA is better, but this actually is a borrowed modem, and I did not know that WEP was used.
I immediately did the following : On My Modem
- Changed the encryption mode from WEP to WPA
- Changed the password
After this I do not see the intruder PC on the DHCP list.
On my Mac:
- Changed the permissions on the public folder to "everyone - no access"
- Turned off "File Sharing" in System Preferences (But I would want to turn it back on sometime)
My mac is the one that is always on, Both the admin user and the user I normally use are password protected.
Is the above sufficient? Should I do something more?
Also, is WPA security sufficient? Should I take other steps?
Answer
WPA (if possible, with CCMP/AES, this may be presented to the end-user as WPA2) is sufficient, provided you have an unguessable password. I recommend using a password generator, or a short unguessable sentence. If all devices support it, disable TKIP.
As to the host systems on your network, check that neither is compromised. In theory, this works by either comparing their state with a known good state, or resetting them to a known good state. Since this is probably not feasible for a home user, monitor their connections (from a different system), and consider setting up privilege restrictions as you already did by changing you Mac's file sharing options.
You should also change the password of your router and all (email, facebook, ...) passwords that were transmitted without encryption.
No comments:
Post a Comment