Securing your office and home network 101 - for dummies

[Cheap Scotch Ron]

My daughter came home from school a few years ago and told me that someone had flipped all the screens in the entire school upside down and that nobody knew how to fix them. So they physically flipped the monitors upside down and used them that way for a week. Note: Mouse works in opposite direction when u do this. lmao.

g: I knew you were a mama's boy.

[Nokia]

All the usual basic stuff has been mentioned by others but don't forget about disabling LM if there is no pre-2000 stuff around and think about enabling SMB signing.

If it is small enough have a different local admin password for all the workstations.(Probably already been mentioned)

Loads of other stuff but probably overkill in a SOHO setup - managers and users in small companies usually don't like security procedures and tend to complain about them a lot...

[gore]

My daughter came home from school a few years ago and told me that someone had flipped all the screens in the entire school upside down and that nobody knew how to fix them. So they physically flipped the monitors upside down and used them that way for a week. Note: Mouse works in opposite direction when u do this. lmao.

g: I knew you were a mama's boy.

This seems normal for most schools. Admins and "IT people" at most schools I've seen are not only bottom of the food chain, they generally have VERY bad training.

I know, my college system admin, was in 3 of my classes, and I did better than he did in all 3. The Final Exam for Security + was him with a "C" and me with an "A".

Guess it's a good thing the password policy they use there was written by me instead huh? In all seriousness, I think I should mention something about passwords in this thread, and I'm actually pretty good at making good ones:

Secret to a good password you won't write down -

Most people tell you to use a random sequence of letters and numbers and if possible @$@@ type stuff.

How can you remember that though? You end up writing it down, which in turn makes it insecure as crap.

Passwords in general aren't a good security practice. This is because passwords are security by obscurity in it's most accepted form.

Your password is basically secure until someone finds a way to crack it, OR until someone guesses it.

The security by obscurity part is actually due to the fact that once someone KNOWS it, it's no longer secure. And you've given someone a good chance of getting into your stuff.

It's similar to someone who writes software being told about an exploit and just letting it go because "Well who would guess it was there and why would they think it was there? If no one knows it's there, it's secure not to plug it"...

This is bull of course, because it's bitten a few vendors in the ass on more than one occasion.

So how can you make a GOOD password that you can not only remember and not have to right down, but that you won't have to think much about, and at the same time keep it random looking?

Easy!

Passwords by listening:

I came up with this, or maybe I just read it and I'm now stealing credit, I don't remember, but I do know it works pretty well.

Say you need a new password because someone guessed your old one "fredazsxdc" which LOOKED random, until someone noticed that "fred" is actually right in sequence on the keyboard, and "azsxdc" is actually the same.

Well, how do you make this a good one no one is going to guess? How do you make it look like almost pronounceable line noise?

Easy, instead of using a password generator, which won't work if you have problems remembering things, use a CD.

Say for example you're changing your password. You're sitting at home, logged in, trying to think up a good new password. You've got your play list going, and you're trying to think of a new one.

Everything you think of are words you can find in a dictionary and it's driving you nuts.

Try this:

Say you're a huge Misfits fan like myself. Well, now you have a start.

Let's look at the lyrics for a song, and try using the song lyrics in the password. Of course they most likely are to long to use, and they're words, which would make them easy to crack, so, instead, we'll try this:

The Misfits - 20 Eyes -

20 eyes in my head
20 eyes in my head
20 eyes in my head
they're all the same,
they're all the same
20 eyes in my head
20 eyes in my head
they're all the same,
they're all the same
when you're seeing 20 things at a time
you just can't slow things down,
baby when you're seeing 20 things in your mind
just can't slow things down
then all those eyes they're just crowding up your human face
then all those eyes take an overload
20 eyes in my head
20 eyes in my head
20 eyes in my head
they're all the same,
they're all the same
when you're seeing 20 things at a time
you just can't slow things down, baby
when you're seeing 20 things in your mind
just can't slow things down
then all those eyes
they're just crowding up your human face
then all those eyes take an overload
20 eyes in my head
20 eyes in my head
20 eyes in my head
they're all the same
20 eyes in my head they're all the same
20 eyes in my head they're all the same
20 eyes in my head they're all, all, all the same they're the same
------------------------------------------------------------------------

I picked a random classic GREAT song for this:

Well, obviously as I said, choosing the words is stupid because then a dictionary crack would work great at finding this password....But what if we took it a step in a different direction?

What if we used the first and second letters of each word in the song?

What if I made a password like this:

20eimh3tats2

That looks like a great password doesn't it? No words, both letters and numbers, looks random. It's not.

20 EyesInMyHead
Said "3" times before saying
"They're AllTheSame" "2"times.

They're all the same is said twice, so put "2"...

And now you get "20eimh3tats2"

And that is by using the intro of the song, and the first letter from each word, and how many times it's said.

But what if you like crap music? And can't do this? What if you're an Ashley Simpson fan with no imagination or sense of style?

Well, again, use the first letters of each lyric, and add in track number and year of album release for the "random" numbers, and no one knows that your password isn't really random but appears that way, and can't be cracked by a basic dictionary crack.

Poof, instant great password. And if you forget, drop yourself hints only you will understand, like listening to that song each time you log in until you have it down, or maybe even making that song's title a background image or something.

There you go. Good passwords you can remember.