How to Secure Your Computer: Maxim #3
In How to Secure Your Computer: Maxim #2, I stressed the importance of having a NAT router between your PC and the Internet. While that is without question the first, most important security step, it alone is not enough. The router itself is a weak point unless you have it properly configured.
All routers come with a default username and password configured. These defaults are well known and published on the Web. Three of the more widely-used consumer routers, Linksys, D-Link, and Netgear, have recently been shown to be vulnerable to a JavaScript web page attack. Go to the wrong site and if your router has the default password, the attacker can change its settings to send you wherever they want you to go. You’ll think you’re looking at your bank’s login page, but it will be a fake look-alike that steals your account information as soon as you log in.
Always change the default username and password of any configurable device you put on your home network.
Cheers!
The Geek
Note: If any of what I say in these Maxims is over your head, please find a friendly Geek to help you, or post a comment here asking for clarification.
Have a computer problem? A question about your latest gadget? Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a Microsoft Certified Systems Engineer with Connective Computing, Inc. providing network, desktop and info security support services to a wide range of clients.
One Comment
Jeff Dickey
March 4th, 2007
at 9:41pm
And use strong passwords (within the limits such as length and character set that your device allows), and change them regularly! If you’re a Windows usee, make sure you update everything, all the time (Microsoft Update, software firewall, spyware, antivirus, etc.). I’ve helped out friends who were getting all kinds of problems; turned out they had spyware installed that watched for their router-configuration screen (as TFA noted, Linksys, Netgear and D-Link are the top 3, and they’re pretty standardised). While it makes for good “maybe we should move you away from Windows” opportunities, it can and has done real harm. Caveat browser!