Thursday, November 2, 2017

Protect yourselv from Public wi-Fi

In Public Wi-Fi environment we always connected for any reason. But you know that eavesdroppers can capture information traveling over those networks
Here is some simple steps to protect our system from this

Firewall on:
To turn Windows Firewall on , select the Start  button > open Windows Defender Security Center > Firewall & network protection > choose a network profile > and then under Windows Firewall turn it on or off.
In Linux system Firewall run as a ‘Firewalld’ daemon. To check the firewall status we can use following command:
root@rhel7 ~# systemctl status firewalld

We can start firewall service :
root@rhel7 ~# service firewalld start

If it is not automatically start at the booting time so we can use following command :
root@rhel7 ~# systemctl enable firewalld
 System update:
To update Windows 7, 8, 8.1, and 10 Operating System:
  1. Open Windows Update by clicking the Start button in the lower left corner. In the search box, type Update, and then, in the list of results, click Windows Update.
  2. Click Check for updates, and then wait while Windows looks for the latest updates for our computer.
  3. If We see a message telling We that important updates are available, or telling We to review important updates, click the message to view and select the important updates to install.
  4. In the list, click the important updates for more information. Select the check boxes for any updates that We want to install, and then click OK.
  5. Click Install updates.

 In Linux environment
For Red Hat Enterprise Linux 7, register the system using RHSM as described in Registering the system with the Subscription Manager. Then update the system according to instructions in Applying package updates on Red Hat Enterprise Linux 

Browser update:

Internet Explorer
Select Internet Explorer.
Click on the gear icon in the upper right corner.
Select About Internet Explorer.
Check the box next to Install new versions automatically.
Click Close.

Open the Mozilla browser.
 Click the Open menu button in the upper right-hand corner of the screen.
 In the menu that appears, click the Open Help Menu button at the bottom.
Select About Firefox.
The window that appears will automatically check for updates and show We the current version of Firefox. If an update is available, there will be an option to install the update.

Open the Google chrome browser.
Click the Customize and control Google Chrome button in the upper right-hand corner of the screen.
From the drop-down-menu that appears, select Help, then select About Google Chrome.
The window that appears will automatically check for updates and show the current version of Chrome. If an update is available, there will be an option to install the update.

Anti virus update:
The majority of new anti virus programs (programs or computers purchased after the year 2000) enable users to update their anti virus program through the software. Open the anti virus program and look for "Update", "Check for updates", "Live Update", or something similar.

  Use VPN :

A VPN secures the private network, using encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted. This type of network is designed to provide a secure, encrypted tunnel in which to transmit the data between the remote user and the company network.
We can use a small and easy VPN system in this scenario. Create a unused default Gateway
Now we can setup a VPN connection easy way:
Right-click on the network icon in the system tray .Select Open Network and Sharing Center.
Click on Manage network connections (Windows Vista) or Change adapter settings (Windows 7).
Press the Alt key to show the File Menu and click File New Incoming connection… .
Select who We'd like to give VPN access to and/or create custom accounts by clicking on Add someone..  Click on Next.
Select Through the Internet, and click Next.
Select the protocols We want to enable for this connection. We'll likely want to select Internet Protocol Version 4 (TCP/IPv4), so remote users receive an IP address and can access the Internet and/or network. Plus if We want the remote user(s) to access file and/or printer shares, select File and Printer Sharing for Microsoft Networks. When we’re done, click Allow access.
On the next window, click Close.
Now We need to access the properties of the newly created incoming network connection and define the IP address range for VPN clients:
On the Network Connections window, double-click Incoming Connections.
Select the Networking tab and double-click Internet Protocol Version 4 (TCP/IPv4).
Select Specify IP addresses and then enter a starting and ending address that's within range of  local subnet but not conflicting with the DHCP range. For example, if our router's IP is, We might enter to which would support 10 clients. If We want clients to be able to assign themselves an IP, select that option.
Click OK on both dialog boxes to save the changes.
We can use NordVPN, PureVPN for advance use.

In Linux environment we can use these steps:
Open Network Connections window, clicking the Add button and selecting a type of VPN from the VPN section of the new connection list.
Right-click on the NetworkManager  applet icon in the Notification Area and click Edit Connections. The Network Connections window appears.
Click the Add button.
The Choose a Connection Type list appears
Select the VPN protocol from the Choose a Connection Type list. 
After selecting the correct one, press the Create button.
The Editing VPN Connection 1 window then appears.
Right-click on the NetworkManager  applet icon in the Notification Area and click Edit Connections. The Network Connections window appears.
Select the connection you want to edit and click the Edit button.
Connection name — Enter a descriptive name for your network connection..
Connect automatically — Check this box if you want NetworkManager to auto-connect to this connection when it is available
Available to all users — Disable it
Configure the VPN Tab :
Gateway- The name or IP address of the remote VPN gateway.

Group name- The name of a VPN group configured on the remote gateway.

User password-Enter the password used to authenticate with the VPN.

Group password- Enters the password used to authenticate with the VPN.

User name- Enter the user name used to authenticate with the VPN.

Verify Public wi-fi :
Some time Intruders attack easily with public, insecure and open wi-fi environment. They use the fake SSID. We should check it carefully .I just give We a example. Like the original SSID is Rel40 and fake is Rel4o . So be careful.
Avoided the website where we share our personal database like social Networking site or Bank site .

Use SSL encryption and Certificates Authority (CA) and avoid Money transfer

Browser has the built-in encryption capabilities that can ensure We that the data is protected using the most secured encryption technology. We will get sure by seeing into the address bar of our browser as it will get changed from “http:// to https://”, the inclusion of “s” is due to the use of SSL certificate. In addition to this We will also notice a small lock icon in the status bar at the bottom of the window.
Use HTTPS everywhere. Yes it’s good but all sites will not accept but we shpuld try this:

HTTPS Everywhere | Chrome Web Store
HTTPS Everywhere | Firefox Add-Ons

There are many trusted services over the Internet like, VeriSign, Geo Trust, Comodo, Thwate, Rapid SSL, etc. engaged in offering We reliable and trusted security services. The web sites that use their services will display the logo of the services which they have employed on their web site to make its information safe and secure from the phishing attacks. By double click in the address bar of our browser, it will display We the information regarding the certificate like, from which certificate authority (CA) the certificate is issued, certificate issued to the party, validity period of the certificate.

   Protect or remove sensible data

Yes, it is very simple and good practice. If you have just some important and confidential data you can cut-paste all this to your external hard drive or other third party media and then remove it from your main accessing system ( your LAPY which you are using in you public Wi-Fi environment )

Secure Email browsing
When you check your email, try to login via the Web browser and ensure that your connection is encrypted (again, look for https at the beginning of the URL). If you use an email client such as Outlook, make sure your POP3 or IMAP and SMTP accounts are configured with encryption turned on

Turn off Wi-fi when not used

It is a basic rule that if you don’t need something connected to a network, don’t connect it. When you’re finished working online, turn Wi-Fi off on your laptop, tablet, or Smartphone.