SQLAuthority News – Wireless Router Security and Attached Devices – Complex Password

In the last week, I have received calls from friends who told me that they have got strange emails from me. To my surprise, I did not send them any emails. I was not worried until my wife complained that she was not able to find one of the very important folders containing our daughter’s photo that is located in our shared drive. This was alarming in my par, so I started a search around my computer’s folders. Again, please note that I am by no means a security expert. I checked my entire computer with virus and spyware, and strangely, there I found nothing. I tried to think what can cause this happening. I suddenly realized that there was a power outage in my area for about two hours during the days I have mentioned. Back then, my wireless router needed to be reset, and so I did. I had set up my WPA-PSK [TKIP] + WPA2-PSK [AES] very well. My key was very simple ( ‘SQLAuthority1′), and I never thought of changing it. (It is now replaced with a very complex one).

While checking the Attached Devices, I found out that there was another very strange computer name and IP attached to my network. And so as soon as I found out that there is strange device attached to my computer, I shutdown my local network. Afterwards, I reconfigured my wireless router with a more complex security key. Since I created the complex password, I noticed that the user is no more connecting to my machine.

Subsequently, I figured out that I can also set up Access Control List. I added my networked computer to that list as well. When I tried to connect from an external laptop which was not in the list but with a valid security key, I was not able to access the network, neither able to connect to it. I wasn’t also able to connect using a remote desktop, so I think it was good.

If you have received any nasty emails from me (from my gmail account) during the afore-mentioned days, I want to apologize. I am already paying for my negligence of not putting a complex password; by way of losing the important photos of my daughter. I have already checked with my client, whose password I saved in SSMS, so there was no issue at all. In fact, I have decided to never leave any saved password of production server in my SSMS. Here is the tip SQL SERVER – Clear Drop Down List of Recent Connection From SQL Server Management Studio to clean them.

I think after doing all this, I am feeling safe right now. However, I believe that safety is an illusion of many times. I need your help and advice if there is anymore I can do to stop unauthorized access.

I am seeking advice and help through your comments.

Update: Edited first line to remove dates.

Reference : Pinal Dave (http://www.SQLAuthority.com)

About these ads

11 thoughts on “SQLAuthority News – Wireless Router Security and Attached Devices – Complex Password

  1. Hi Pinal,

    Its best that you change the default port(80) of your router administration. I don’t have a Netgear router but I am sure it is not that difficult to change.

    Also, I had something similar happening to my PC when my firewall started warning of incoming connection. I figured out that there was remote desktop port open and forwarded to my desktop, which I opened long time back. So, I disabled the port forwarding. I think having a internet security is very helpful because it helps monitor incoming and outgoing connections.

    Good Luck..

    • Harsu,

      Oh my god, I should have thought about it. I indeed had opened my port few months earlier when I was traveling to Sri Lanka. I am checking that right now.

      Very good point, glad I have posted this blog.

      Many thanks,

      Kind Regards,
      Pinal

  2. I’m no security expert either but I googled a bit and found out that WPA-PSK has vulnerabilities. There seems to be exploits and hacking devices in the wild now. So if you don’t really need WPA-PSK I suggest you switch to WPA2-PSK [AES] only.

    You said that you changed your password to something complex. This is good. It blocks dictionary attacks at least.

    Then the SSID of the system. Change it from the default. After that disable SSID broadcast from the WLAN router. You need to type the SSID by hand to your computers after it is not broadcasted anymore.

    I don’t know if Access Control List is same as MAC address filtering but if not then you could try enable it. Put your computers MAC addresses in the list of allowed addresses.

    Firewall. If your WLAN router has firewall or you have firewall between WLAN and internet, block all unwanted access from the internet. If your WLAN router has NAT enable it and it effectively blocks all unsolicited packets coming outside your LAN.

    This is what I use at home and it works fine at least with Windows XP and Vista (and some Nokia phone which I can’t remember).

    None of the above protects your network 100% (SSID can still be guessed as well as network key, MAC address can be changed or spoofed etc.) but together they form a solid defense. And if you are being paranoid enough you could try to install VPN above all this :)

  3. Wifi connections can be risky folks could bounce off your wifi if not adequately protected. Thanks for the article and feedback from others like harsu and marko.

    • Hi Ramdas,

      That is very true. In fact, I have decided to even hide my SSIS based on Marko’s suggestion and will change my default port from 80 as Harshu suggested.

      I thought, I am all fine, but now looking at the suggestions of Marko, I am for sure bit paranoid.

      I will act on it right away.

      I change my key to very complex as current key was very easy. You never know when bad things happens.

      Many thanks for comment!

      Kind Regards,
      Pinal

  4. Hello Pinal.

    You might be aware of this, I just want to bring this to your notice as a reminder, there is a way to get recover deleted folder /files from your hard drive, if you have not formatted it after you lost /deleted files or folders.

    There are plenty of softwares available online, some of them are free too.

    ~ IM.

    • Hi Imran,

      This is good suggestion, however, I did not think of this when this happened. I will give it a try now. I really wish, I would have thought about it at that time.

      Good point, I will still give it a shot.

      Kind Regards,
      Pinal

  5. Hi Pinal,
    Just saw you post, felt sorry for your little daughters pictures which you can still retrive using some software. I had the same router as yours(Netgear), I had it set up as @Marko had suggested here, disable SID broatcast, allowed only my machines MAC’s and set up WPA security, also reset the default router password(did u set reset the default router password ? i hope you did). Even after this there is no garentee that it is safe. Because still someone(hackers) can use app’s like airsnort or NetStumbler or similar apps to find the SID and spoof the Mac. So the best way is try to change your WPA key quite often.

    Thanks
    Harsha

  6. Hi Harsha,

    I think disabling the SID is something I never thought off. I will work on it. I am feeling uncomfortable that one has to do so much to secure themselves.

    The good old days, when we had no worries due to wired technology.

    Kind Regards,
    Pinal

  7. Pingback: SQLAuthority News – Monthly Roundup of Best SQL Posts Journey to SQL Authority with Pinal Dave

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s