Implementing network security? Yep.. This is very important! You need to know the ways to safeguard your network in order to minimize the risk from being compromised by hackers, worms, viruses and other intrusions. The router which is not configured properly, such as with default settings can be compromised within minutes once it's connected to Internet.
Changing Router Default Password
Don’t use default password on router as it's well known and available on Internet (check this). You should change the password after initial router configuration and before connecting it to Internet.
Don’t use easily guessed password, such as your name, pet’s name, birth date, etc. A good password is composed of number, alphabet (upper case/lower case) and symbol.
Enabling Firewall on Router
If the router provides firewall feature, use it!! This feature is useful to drop unknown traffic from Internet and also can restrict the traffic going out to Internet. Tune and don't forget to make some testings on firewall to avoid from blocking legitimate traffic.
Disable Remote Router Administration
Don’t enable remote router administration from Internet unless you really need it. Other Internet users would be able to find and hack your router through brute force password cracking or security exploits.
Usually router vendor will release new router firmware from time to time for fixing some software bugs and patching security holes. You should upgrade the router firmware when it’s available. The firmware can be found on vendor website. The router which is not patched timely usually poses very high risk from being compromised once it's connected to Internet. Check out this news about mass router hacking incident if you still have doubts.
Note: You may lose router configuration settings when you upgrade firmware, so make sure you write down the router settings before you upgrade its firmware.
You need to update computer OS system and software as often as you can. Again, the updates will patch security holes and fix software bugs. For Windows OS users, you can use Windows Automatic Updates to update the system.
If you have set up virtual servers or DMZ hosts, make sure you have latest system and software update installed. This is very important due to virtual server and DMZ hosts are exposed directly to Internet and easily to be compromised if not updated.
Also, installing antivirus and anti-spyware software with up-to-date signature is a must to secure your computer. Don't forget to enable real-time protection feature in your antivirus or anti-spyware software.
Note: Do not use USB drive or external drive from unknown or untrusted source. If you want to use it, make sure you scan the drive with updated antivirus and anti-spyware software.
Non-Administrator Access to Windows OS
Don't log on to Windows or other OS by using administrator ID with full access privilege for daily operation tasks! You should always use normal user ID with limited access privilege for checking email email, web surfing, online gaming, online chatting, etc.
Administrator ID should only be used for the tasks which could not be done by using normal user ID. This is the reason why I said that: Since you will get full access privilege with administrator ID, the computer is much easier to be compromised if you click on malicious email link, access to compromised website or perform other online activities.
Avoiding Phishing Attack
Beware of phishing attack! Don’t simply click on the link in email, facebook, twitter or other websites, the link might bring you to malicious website to install malware on your computer or lure you into providing online banking or other personal information.
Common phishing attack usually appears to be sent from bank, paypal, financial organization or online portal, so you should always check with respective organization contact first before doing anything. Delete emails from unknown sender, don’t even try to check the content! If you need more information, check out this anti-phishing website to learn more.
Physical Network Security
Many people might neglect physical network security, however you should keep an eye on it. Do some checking on physical network sometimes to see any unrecognized devices connecting to router or identify unusual setup on network.
Turn Off Network Router and Modem
You should turn off router and broadband modem at the end of the day or when you are away on vacation, this will reduce the risk of your network from hacking.