Wednesday, September 5, 2012

HOW TO BE COMPLETELY SECURE ON THE INTERNET

Because of how much work I do on the Internet and how much I promote businesses to use it, I thought it would be good to post something here giving a summary of how to remain almost 100% secure and safe using the Internet.

I’ll start off by underlining that there really is no way to be 100% secure on the Internet, but, having said that, I can easily affirm that Internet security, if taken seriously, is A LOT more secure than your house, your car, your business, or any other physical place where you might have your hard drive or something similar.

If you follow a few simple rules, it is almost impossible to lose any information on the Internet, ever. Let’s go through the most important.


I. START WITH MAKING YOUR WIFI SECURE

Before you can even make sure your Internet is secure, you need to make sure that your connection to the Internet is secure. This is divided into two parts:

1. Personal Routers (the opposite of large businesses). You need to go to your router settings which will normally be found under an IP address like 192.168.1.0 or something similar. Then here, there are two things you need to change. First, you need to change the Administrator username and password** (and this we will see below) to make sure others can’t change your settings. Normally, this will be under System Tools, and then Password. Having finished this, you then need to go to Wireless, then Wireless Security, and Choose WPA2-PSK, (version is the same–WPA2-PSK) then under encryption you need to choose AES. Then you need to create a password**. In summary, for any personal or small business router you need to do the following:

a. Change the username and password** of the Administrator of the router.

b. Change the wireless settings to WPA2-PSK, AES security.

What if you don’t find these settings in your router? Throw it out and get a new one, because anything less than these settings will eventually open up many possibilities for your router to get hacked. Don’t risk it and get a new router–preferably with Wireless N technology while you’re at it.

Disclaimer: many think that Hiding or not broadcasting your SSID (or your router’s name) in such a way that you can’t “see” it anywhere when you are looking for a WIFI network, or even having a MAC filter (a MAC address is just the “personal particular name” of your computer–no other computer has it–normally in the form of letters and numbers like this: 001B638445E6) helps internet security, but really, this helps very little to none, because anyone who really wants to hack your WIFI will get past this in minutes. The most important thing after setting up the right security mentioned above is the password**, which we’ll see below.

2. Public Routers (like the ones in Starbucks). Here, you can’t do much with the settings and for that reason you need to have what is called VPN. VPN security is something you add on top of the connection that places like Starbucks give you. The first thing you will need is to pay for a VPN service. You can find companies that offer this at the following link: http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/ I personally use StrongVPN, but its probably not the best, I just use it because I bought it a year ago without having investigated much. A very popular one is HotSpot Shield, which you can find sometimes for free (but with publicity).

After getting your VPN service, you need to make sure that they offer a LP2P configuration which is a stronger security than PPTP. After setting this up, you just turn it on and now you have a highly secure line to your info on the Internet. In summary, to keep secure on a public WIFI you need the following:

a. A VPN service (like StrongVPN).

b. LP2P configuration.

Note: You can obviously use VPN with your Personal Router for even more security, but it is not as important. Either way, in adding this you will really be giving a massive headache to those who are trying to get at your information.

Note 2: Having firewalls also helps but the VPN service many times will take the place of such a service, especially on Tablets and Smartphones. Another added advantage to using a VPN service is that it hides your IP address (which is basically your computer’s “name” and “address”–physical location–in relation to the Internet. It tell the Internet that I am “Jason” and “Jason” is in “Mexico” etc.), and by hiding your IP address you can trick the Internet into thinking you are in the US so that you can use web pages that only open up there.


Conclusion: To have máximum security even before getting on the Internet you should have: A Router with Administrator username and password changed, WPA2-PSK, AES security with a VPN service using LP2P configuration. Now that we have our Castle built, let’s check the locks.


II. SECURITY ON THE INTERNET

1. Use Web Pages with HTTPS. This is the most important in relation to the Internet itself. The “S” at the end means that there is SSL security, which just means that the page is encrypted, but that encryption is what makes all the difference, because it’s basically impossible to hack. You should NEVER put personal information into a page that does not have the “S” after “HTTP”, hands down. Google always uses HTTPS, and Facebook and Twitter have joined in too, but sometimes you have to manually activate it.

 

Note: You need to make sure that even the page in which you put your username and password at the beginning of a site is also with HTTPS or a hacker can find out what you are writing sometimes.

2. NEVER CLICK ON A LINK IN YOUR EMAILS OR PUBLICITY UNLESS YOU KNOW EXACTLY WHAT IT IS. Most of the time people end up losing all their info not because they didn’t have internet security, but because they “gave their info away” by clicking on a link or publicity which basically robbed them of their info (this can be done in many ways, but the important thing here is that you lost your info, not so much as to how they robbed it). It is always better to go directly to the website being publicized instead of using the link or the publicity itself to get there. In general, even if your friends and family send you something, you should never open it unless you are completely sure what it is, and if you ever even remotely doubt what it might be and you click on it, the best thing to do is to change your email password immediately afterwards just in case.

Attachments fall into this category as well. It makes no difference if the powerpoint presentation someone sent you is just about how “God works in your life”, because hackers know that many will open that type of thing up, knowing that people will think it’s harmless, but even these can have something malignant in them, and it won’t be your Mom’s fault either (because she won’t even know). In summary:

a. Always use, whenever possible, web pages with HTTPS, and if you can’t, make sure you are using a VPN server.

b. Never click on anything you are not absolutely sure what it is. It is always better to go directly to the site itself.


III. THE MOST IMPORTANT PART OF SECURITY: THE PASSWORD

Presupposing you won’t give away your password by clicking on anything you find, and you are using HTTPS websites, your password is ultimately your most important defense in making sure you never lose your info. Thus, the key point here is how to create password so that someone cannot guess it by Brute Force, which is the way most hackers will try and get your password. This means that a hacker uses a very powerful computer to guess millions or billions of combinations to finally find your password. To make sure that no hacker, no matter how good, can find or guess your password you should do the following:

1. Always use four types of characters: upper case letters, lower case letters, numbers, and symbols. Example: A4j@. This makes sure that there is no easy guessing your password, ever.

2. Never use a password shorter than 8 characters, ever, or you would literally give away your info, but even 8 characters is weak and will take less than a day to hack if a good hacker wants it. A good password should have at least 12 characters. An excellent and virtually impossible password to hack will have 20 characters or more. This is the same for your WIFI router or for your Bank Account online. The rules are the same.

3. NEVER use words that you can find in a dictionary or personal info (like your name). You should at least combine symbols in the word if you dare to do this, like c@t.

4. You can use sentences as long as there complicated, like Il0vemyb@bygir! (don’t use this), but even this could be dangerous because it is something that a hacker might guess you would use, so it is better to use sentences that are not so common, like M@nyage6h@veg0ne. Stuff like that are, in practice, impossible to hack (but don’t use that one either, given that it is now public–sorry if that was yours :P).


Conclusion: To have an almost impenetrable wall of security on the Internet just keep all these elements in place and you should be able to sleep at night: STRONG ADMIN PASS > WPA2-PSK > AES > VPN > LP2P > HTTPS > STRONG PERSONAL PASSWORD.


Now that you know how to be secure on the Internet, have fun frustrating the heck out of those hackers!!!!!!


Pages of reference:

1. http://www.lockdown.co.uk/?pg=combi&s=articles#classF

2. http://codebangers.com/?p=249


Post a Comment