How Biometrics Works (a complete tutorial of Biometrics)

Introduction to How Biometrics Works

by-  Tracy V. Wilson

Imagine you're James Bond, and you have to get into a secret laboratory to disarm a deadly biological weapon and save the world. But first, you have to get past the security system. It requires more than just a key or a password -- you need to have the villain's irises, his voice and the shape of his hand to get inside.

Vein scanning is one form of 

   biometric identification.

Image courtesy Hitachi Engineering Co.

You might also encounter this scenario, minus the deadly biological weapon, during an average day on the job. Airports, hospitals, hotels, grocery stores and even Disney theme parks increasingly use biometrics -- technology that identifies you based on your physical or behavioral traits -- for added security.

In this article, you'll learn about biometric systems that use handwriting, hand geometry, voiceprints, iris structure and vein structure. You'll also learn why more businesses and governments use the technology and whether Q's fake contact lenses, recorded voice and silicone hand could really get James Bond into the lab (and let him save the world).

You take basic security precautions every day -- you use a key to get into your house and log on to your computer with a username and password. You've probably also experienced the panic that comes with misplaced keys and forgotten passwords. It isn't just that you can't get what you need -- if you lose your keys or jot your password on a piece of paper, someone else can find them and use them as though they were you.

Instead of using something you have (like a key) or something you know (like a password), biometrics uses who you are to identify you. Biometrics can use physical characteristics, like your face, fingerprints, irises or veins, or behavioral characteristics like your voice, handwriting or typing rhythm. Unlike keys and passwords, your personal traits are extremely difficult to lose or forget. They can also be very difficult to copy. For this reason, many people consider them to be safer and more secure than keys or passwords.

Biometric systems can seem complicated, but they all use the same three steps:

Biometrics uses unique features, like the iris of your eye, to identify you.

Photo courtesy Iridian Technologies

• Enrollment: The first time you use a biometric system, it records basic information about 
• you, like your name or an identification number. It then captures an image or recording of your specific trait.
• Storage: Contrary to what you may see in movies, most systems don't store the complete image or recording. They instead analyze your trait and translate it into a code or graph. Some systems also record this data onto a  smart card that you carry with you.
• Comparison: The next time you use the system, it compares the trait you present to the information on file. Then, it either accepts or rejects that you are who you claim to be.

This laptop features a fingerprint scanner, bringing biometric security to the home.

Image courtesy Consumer Guide Products

Systems also use the same three components:

• A sensor that detects the characteristic being used for identification
• A computer that reads and stores the information
• A Software that analyzes the characteristic, translates it into a graph or code and performs the actual comparisons

Biometric security systems, like the fingerprint scanner available on the IBM ThinkPad T43 (right), is becoming more common for home use. You can read other HowStuffWorks articles to learn about face recognition and fingerprint scanning.

Next, we'll examine how biometrics provides security using other traits, starting with handwriting.

Handwriting (digital signature)

This Tablet PC has a signature verification system.

Photo courtesy Softpro

At first glance, using handwriting to identify people might not seem like a good idea. After all, many people can learn to copy other people's handwriting with a little time and practice. It seems like it would be easy to get a copy of someone's signature or the required password and learn to forge it.

But biometric systems don't just look at how you shape each letter; they analyze the act of writing. They examine the pressure you use and the speed and rhythm with which you write. They also record the sequence in which you form letters, like whether you add dots and crosses as you go or after you finish the word.

Unlike the simple shapes of the letters, these traits are very difficult to forge. Even if someone else got a copy of your signature and traced it, the system probably wouldn't accept their forgery.

A handwriting recognition system's sensors can include a touch-sensitive writing surface or a pen that contains sensors that detect angle, pressure and direction. The software translates the handwriting into a graph and recognizes the small changes in a person's handwriting from day to day and over time.

A hand geometry scanner

Photo courtesy Ingersoll-Rand

Hand and Finger Geometry

People's hands and fingers are unique -- but not as unique as other traits, like fingerprints or irises. That's why businesses and schools, rather than high-security facilities, typically use hand and finger geometry readers to authenticate users, not to identify them. Disney theme parks, for example, use finger geometry readers to grant ticket holders admittance to different parts of the park. Some businesses use hand geometry readers in place of timecards.

Systems that measure hand and finger geometry use a digital camera and light. To use one, you simply place your hand on a flat surface, aligning your fingers against several pegs to ensure an accurate reading. Then, a camera takes one or more pictures of your hand and the shadow it casts. It uses this information to determine the length, width, thickness and curvature of your hand or fingers. It translates that information into a numerical template.

Hand and finger geometry systems have a few strengths and weaknesses. Since hands and fingers are less distinctive than fingerprints or irises, some people are less likely to feel that the system invades their privacy. However, many people's hands change over time due to injury, changes in weight or arthritis. Some systems update the data to reflect minor changes from day to day.

For higher-security applications, biometric systems use more unique characteristics, like voices. We'll look at those next.

Speaker recognition systems use spectrograms to represent human voices.

Photo courtesy Richard Horne

Voiceprints

Your voice is unique because of the shape of your vocal cavities and the way you move your mouth when you speak. To enroll in a voiceprint system, you either say the exact words or phrases that it requires, or you give an extended sample of your speech so that the computer can identify you no matter which words you say.

When people think of voiceprints, they often think of the wave pattern they would see on anoscilloscope. But the data used in a voiceprint is a sound spectrogram, not a wave form. A spectrogram is basically a graph that shows a sound's frequency on the vertical axis and time on the horizontal axis. Different speech sounds create different shapes within the graph. Spectrograms also use colors or shades of grey to represent the acoustical qualities of sound. This tutorial has a lot more information on spectrograms and how to read them.

Some companies use voiceprint recognition so that people can gain access to information or give authorization without being physically present. Instead of stepping up to an iris scanner or hand geometry reader, someone can give authorization by making a phone call. Unfortunately, people can bypass some systems, particularly those that work by phone, with a simple recording of an authorized person's password. That's why some systems use several randomly-chosen voice passwords or use general voiceprints instead of prints for specific words. Others use technology that detects the artifacts created in recording and playback.

Other systems are more difficult to bypass. We'll look at some of those next.

LAYERED VS. MULTIMODAL

For some security systems, one method of identification is not enough. Layered systems combine a biometric method with a keycard or PIN. Multimodal systems combine multiple biometric methods, like an iris scanner and a voiceprint system.

Eye anatomy

Photo courtesy Iridian Technologies

Iris Scanning

Iris scanning can seem very futuristic, but at the heart of the system is a simple CCD digital camera. It uses both visible and near-infrared light to take a clear, high-contrast picture of a person's iris. With near-infrared light, a person's pupil is very black, making it easy for the computer to isolate the pupil and iris.

When you look into an iris scanner, either the camera focuses automatically or you use a mirror or audible feedback from the system to make sure that you are positioned correctly. Usually, your eye is 3 to 10 inches from the camera. When the camera takes a picture, the computer locates:

• The center of the pupil
• The edge of the pupil
• The edge of the iris
• The eyelids and eyelashes

It then analyzes the patterns in the iris and translates them into a code.

An iris scanner

Photo courtesy Iridian Technologies

Iris scanners are becoming more common in high-security applications because people's eyes are so unique (the chance of mistaking one iris code for another is 1 in 10 to the 78th power. They also allow more than 200 points of reference for comparison, as opposed to 60 or 70 points in fingerprints.

The iris is a visible but protected structure, and it does not usually change over time, making it ideal for biometric identification. Most of the time, people's eyes also remain unchanged after eye surgery, and blind people can use iris scanners as long as their eyes have irises. Eyeglasses and contact lenses typically do not interfere or cause inaccurate readings.

Vein scanners use near-infrared light to reveal the patterns in a person's veins.

Vein Geometry

As with irises and fingerprints, a person's veins are completely unique. Twins don't have identical veins, and a person's veins differ between their left and right sides. Many veins are not visible through the skin, making them extremely difficult to counterfeit or tamper with. Their shape also changes very little as a person ages.

To use a vein recognition system, you simply place your finger, wrist, palm or the back of your hand on or near the scanner. A camera takes a digital picture using near-infrared light. The hemoglobin in your blood absorbs the light, so veins appear black in the picture. As with all the other biometric types, the software creates a reference template based on the shape and location of the vein structure.

Scanners that analyze vein geometry are completely different from vein scanning tests that happen in hospitals. Vein scans for medical purposes usually use radioactive particles. Biometric security scans, however, just use light that is similar to the light that comes from aremote control. NASA has lots more information on taking pictures with infrared light.

Next, we'll look at some of the concerns about biometric methods.

Privacy and Other Concerns

Some people object to biometrics for cultural or religious reasons. Others imagine a world in which cameras identify and track them as they walk down the street, following their activities and buying patterns without their consent. They wonder whether companies will sell biometric data the way they sell e-mail addresses and phone numbers. People may also wonder whether a huge database will exist somewhere that contains vital information about everyone in the world, and whether that information would be safe there.

At this point, however, biometric systems don't have the capability to store and catalog information about everyone in the world. Most store a minimal amount of information about a relatively small number of users. They don't generally store a recording or real-life representation of a person's traits -- they convert the data into a code. Most systems also work in only in the one specific place where they're located, like an office building or hospital. The information in one system isn't necessarily compatible with others, although several organizations are trying to standardize biometric data.

In addition to the potential for invasions of privacy, critics raise several concerns about biometrics, such as:

• Over reliance: The perception that biometric systems are foolproof might lead people to forget about daily, common-sense security practices and to protect the system's data.
• Accessibility: Some systems can't be adapted for certain populations, like elderly people or people with disabilities.
• Interoperability: In emergency situations, agencies using different systems may need to share data, and delays can result if the systems can't communicate with each other.

More Great Links

• Biometric Consortium
• Biometrics Catalog
• MSU: Biometrics Research
• Department of Defense: Biometrics
• National Institute of Standards and Technology: Biometrics Resource Center

Sources

• Bromba, Dr. Manfred. "Biometrics FAQ." http://www.bromba.com/faq/biofaqe.htm#Biometrie
• Brown, Greg. "Connecting the Dots." Latin Trade, April 2005. http://www.findarticles.com/p/articles/mi_m0BEK/is_4_13/ai_n13798070
• FindBiometrics http://www.findbiometrics.com/
• Homeland Security: Biometrics. GlobalSecurity.org http://www.globalsecurity.org/security/systems/biometrics.htm
• Mainguet, Jean-François. "Biometrics." 2004. http://perso.wanadoo.fr/fingerchip/biometrics/biometrics.htm
• Ross, A., S. Prabhakar and A. Jain. "An Overview of Biometrics." http://biometrics.cse.msu.edu/info.html
• Resources Related to Biometrics and People with Disabilities http://www.icdri.org/biometrics/biometrics.htm
• Thalheim, L., J. Krissler and P. Ziegler. "Body Check." WIBU Systems, November 2002. http://www.heise.de/ct/english/02/11/114

Read More

10 Useful Google Tools

Some days it seems like Google is working hard at achieving its goal of organizing the world's information, making it easier for us to find what we need. Other days it seems like the company plans to take over the entire world. And with a code of conduct that includes the direction of "don't be evil," maybe that's not necessarily a bad thing [source:Google Investor Relations].

There's no denying it -- Google is an Internet powerhouse. It's such an influential presence on the Web that when Yahoo! partnered with Google to put Google Ads on Yahoo! search results pages, people began to worry that Google would monopolize the search engine advertising business. Even the U.S. Congress began to question the allegiance [source: Hart]. Google has certainly come a long way -- the company grew from a haphazard collection of computers networked together in a garage to a global corporation worth billions of dollars.

1.Google E-mail 

In 2004, a Google press release revealed that the company wasn't satisfied with dominating Internet searches -- the second-most popular online activity. Google wanted to tackle the biggest online service on the Internet: e-mail. To that end, Google announced it would allow a select number of people to test a Web-hosted e-mail service called Gmail [source: Google].

Gmail started out as Google's internal e-mail service. When Google decided to make Gmail available to people outside of the company, it chose to take a gradual approach. At first, the only way to get a Gmail account was to receive an invitation from someone else. Nearly three years after announcing Gmail, Google opened up access to the public at large. Now anyone can create a Gmail account.

Gmail organizes messages into "conversations." If someone sends you a message and you respond, Gmail will present the two messages together in a stack. The original e-mail will be on top and your reply will appear beneath it. Future messages will appear under the originals, which Gmail collapses so that they don't take up too much space on your screen. By grouping messages and responses together, Gmail makes it easier for users to keep track of several discussions at once.

2.G Talk

Just when you thought the Internet had its fill of instant messagingclients, along came Google Talk. Introduced in 2005, Google Talk is an application that lets users send messages to each other. Unlike Gmail, the Google Talk client isn't entirely Web-based. Users must first download an application to their own computers in order to access its full set of features.

Those features go beyond simple messages. You can send unlimited files -- of unlimited size -- to other users. Just remember that if you choose to send someone a big file, it's going to take a while to transfer to the other user, especially over slower connections. Also, if you have a cap on how much data you can transfer over your network, you might face some hefty fees from your Internet Service Provider (ISP).

Google Talk is also a voice over Internet protocol (VOIP) client. That means you can make PC-to-PC calls to other Google Talk users. You and your contact will both need microphones and speakers, but Google Talk handles the rest. Real-time voice transmission can take up a lot of bandwidth. Just like file transfers, you might risk going over your data cap with your ISP if you use this feature a lot.

3.Google Checkout

Many people use the Internet to shop. One of the drawbacks of online shopping involves transmitting your personal information over the Internet. If you want to purchase items at different Web sites, you have to enter all your information multiple times. Google saw the opportunity to create a tool that would allow merchants and users to take advantage of a universal checkout system.

Here's how it works: first you create a Google account. If you already have a Google account, you'll need to enhance it by providing a credit card number, billing address, shipping address and a phone number. Once you complete this step, you can go shopping.

All you have to do is log in to your Google account and look for Web sites that subscribe to Google Checkout. When you see the checkout symbol listed next to an entry on a search results page, you know that you can purchase items from that site using your Google account. You'll be prompted to provide your Google Checkout password, but you won't have to enter your credit card number or personal information again. You make your selections and Google handles the rest of the transaction. The merchant never even sees your credit card number.

4.Google Calendar

In April 2006, Google released a free online calendar application called Google Calendar. If you have a Google account, you can create a Google Calendar. If you don't have one, you can register for a free account.

You can use Google Calendar to schedule events and invite people to participate. By sharing folders, you can compare your schedule with other users. If everyone keeps his or her calendar up to date, it's easy to avoid conflicts. A single user can open multiple calendars and view all the scheduled events in a single window. Since this can get confusing,Google displays each calendar's events in a different color.

Google includes its search feature within the Google Calendar system. You can search for specific calendars. Calendar owners can choose to keep a calendar private or share it openly with everyone. It's also possible to create multiple calendars with one account. That can come in handy for organizations that have multiple customer bases. For example, a theatre might have one calendar for the general public that shows the times of performances and a second calendar for actors to let them know about auditions and rehearsal schedules.

5.Google Docs

The Google Docs suite marks Google's attempt at getting into the online productivity software game. The free suite includes a word processor, a spreadsheet editor and a presentation application. In short, it has the basic software applications many businesses need. Instead of saving all your data to your computer's hard drive, you save your Google Docs files to a remote Google file system. Because the files are hosted on the Web, you can access them from any computer connected to the Internet. Your documents aren't tied to a specific device.

Another feature of Google Docs is the ability to share documents and editing capabilities with other Google users. Multiple people can make edits to the same document at the same time. With traditional desktop applications, a project manager might have to handle multiple copies of the same file as various collaborators make edits and additions to the document. With Google Docs, everyone can make his or her changes directly to the file saved on Google's servers. Google Docs also keeps track of earlier versions of the document -- project managers don't have to worry about someone accidentally deleting an entire section.

6.Google Map

Google launched its online map feature in 2005, nearly 10 years after MapQuest's online debut. Like its competitor, Google Maps lets users view maps of specific regions and get directions from one location to another. Google Maps allows users to view street maps, topographical terrain maps or even satellite views. For some areas, Google also has a traffic map feature that can alert you to any snarls or bottlenecks.

The Google Maps feature relies on digital map images from NAVTEQ. NAVTEQ provides map data to many different clients, including in-vehicle navigation systems. A company called deCarta -- formerly Telcontar -- provides the applications that power the mapping features. Google employees create the applications that combine the images from NAVTEQ and the mapping capabilities provided by deCarta to create the features you see in Google Maps.

7.Google Earth Maps

Google is always looking at new ways to organize and present information. One of those ways is togeotag data. Geotagging is a way of linking information to a real-world location. You view geotagged information on a map. While Google Maps could serve as a way to provide geotagged information to users, Google decided to go with an alternative. Google chose a digital globe and called it Google Earth.

Google acquired a company called Keyhole in 2005. Keyhole built the foundation for Google Earth, a digital globe that gave users the ability to zoom in and out of views ranging from a few dozen feet from the surface of the Earth to the equivalent of orbiting the planet. Google Earth gives the user dozens of choices, from viewing satellite images of the planet to overlaying maps, three dimensional terrain features and even fully-rendered cityscapes.Google Earth also allows developers to create applications to link information to specific locations on the globe. Users can elect to view geotagged information ranging from general news reports to customized data. Google Earth makes it possible to illustrate news stories in a new way. For example, a news agency could illustrate a story about wildfires by plotting out the damage on Google Earth.

8.Google Desktop

Have you ever had to search for a particular file on your computer? How about an e-mail that's somewhere in the middle of a folder that has thousands of messages in it? The experience can be frustrating, and those of us who are organizationally challenged can endure a lot of stress while trying to dig up a particular piece of information.

That's where Google Desktop can come in handy. It's a downloadable application Google offers free of charge. Once a user downloads and installs the application on a computer, Google Desktop goes to work. It searches and indexes the files on the user's computer. It does all this during the idle time when the computer isn't working on other things.

It doesn't just index the name of a file -- it searches the contents as well. Maybe you don't remember the subject of a particular e-mail, but you remember it mentioned something about a new sushi restaurant in town. You can search for the term "sushi" using Google Desktop and it will return results relevant to that term. The results look a lot like the search engine results pages Google generates for Web searches. One of those results should be the e-mail you need to retrieve.

9.iGoogle

You probably have a small number of Web sites or applications that you use more than others. What if you had a way to collect those Web sites so that you could go to a single location on the Web to access all of them at once? That's the concept behind iGoogle, a freeaggregator or portal Web service.

The iGoogle service allows users to select multiple applications and news feeds from across the Internet. Each user can customize his or her own iGoogle page. For example, sports fans can add applications that grab the latest scores and statistics of their favorite teams from the Internet and display them in a dedicated window on the iGoogle page.

10.Google Health

Changing doctors isn't always a smooth experience. On top of all the normal stress of dealing with unfamiliar people, you also have to find a way to get your medical information from your previous doctor to your new one. That usually means you have to rely on other people and hope that they respond. Transferring your medical data is important because the more information your doctor has about your medical history, the more effectively he or she will be able to diagnose and treat you when you need it.

Google's solution to this issue is to create an electronic, centralized location for your medical files called Google Health. Your doctors would transfer your files to Google's databases. Instead of having to track down the physical location of a paper file, your doctor would be able to log in to a computer and pull up your entire medical history. You don't have to worry about remembering which doctor has your file.

Read More

Hack Wi-Fi Password Using Android Cell Phone

Hey, hey, hey you wanna crack neighbor’s super fast wifi ? How to Hack wifi Password using Android devices They must have password protected internet connection otherwise you won’t be reading this post isn’t it !! ha ha ha...

          Cracking wi-fi password is really not good considering your using the services paid for by others. But in this article, is an eye-opener that its really easy to crack wi-fi nowadays, using these gadgets. Hope internet providers will find a way to correct this. This is actually the reality happening. It is really on the discretion of the user.


Step 1 :

          The term Monitor mode provides you a facility to monitor every traffic going through your connection and how many devices are connected to it. But this mode can also be used for other purposes.

          By Capturing Data Packets on a network in monitor mode lets you to crack WEP Key.


Step 2 :

          Adding Monitor mode to Android Device you need to know the right chip-set and download that particular one from here Google Code  Modified Firmware on particular chip-set used in majority of android devices
 i.e Nexus one & Galaxy S III .


Step 3 :

          Once you downloaded that particular code it would be easier and simpler to Extract the ZIP file then configure files after running the setup. There are many instructions and step by step guide for your specific android device on there official blog.


Step 4 :

          After it is done check out video tutorial to learn how to hack WEP Key.

☻ "Hope You Like It" ☻

Read More

How To Secure WireLess (Wi-Fi) Network

                    In this article I'll describes you the techniques that how user can secure wireless (Wi-Fi) home network. Securing a wireless network is very important because if you don't, your neighbors can not only borrow your Internet connection, but also access your files and check up on what you're doing.

1> Change Default Administrator Passwords (and User names)

Wireless routers (and access points) allow administrators to manage their Wi-Fi network through a special account. Anyone who knows this account's username and password can log into the router, giving them complete access to the device's features and information about any devices connected.

Manufacturers set up all of their new routers with the same default username and password. The username is often simply the word "admin" or "administrator." The password is typically empty (blank), the words "admin," "public," or "password," or some other simple word.

To improve the security of your Wi-Fi network, you should change the administrative password on your wireless access point or router immediately when first installing the unit. The default passwords for popular models of wireless network gear are well-known to hackers and often posted on the Internet. Most devices do not allow the administrative username to be changed, but if yours does, seriously consider changing this name as well.

Finally, to maintain home network security for the long term, continue changing this administrative password periodically. Use words that would be very difficult for others to guess. Many experts recommend changing Wi-Fi passwords every 30 to 90 days.

2> Change the Default SSID

Wi-Fi access points and routers establish a wireless network using a name called an SSID. Routers are configured with a default SSID pre-defined and set by the manufacturer at the factory.

Typical default SSIDs are simple names like

☻   "wireless"

☻   "netgear"

☻   "linksys"

☻   "default"

The SSID can be accessed from within the router's Web-based or Windows-based configuration utilities. It can be changed at any time, but wireless clients must then recognize the new SSID in order to reconnect to that router and wireless network.

To improve the security of your home wireless network, consider changing the router's SSID to a different name than the default. Here are some recommended do's and dont's, based on recommended network security practices:

☻     Don't embed your name, address, birth date, or other personal information as part of the SSID

☻     Likewise, don't use any of your Windows or Internet Web site passwords

☻     Don't tempt would-be intruders by using tantalizing network names like "SEXY-BOX" or "TOP-SECRET"

☻     Do pick an SSID that contains both letters and numbers

☻     Do choose a name as long or nearly as long as the maximum length allowed

☻     Do consider changing your SSID periodically (at least once every few months)

3> Disable SSID Broadcast

Most wireless access points and routers automatically transmit their network name (SSID) into open air at regular intervals (every few seconds). This feature of Wi-Fi network protocols is intended to allow clients to dynamically discover and roam between WLANs.

However, this feature also makes it easier for hackers to break into your home network. Because SSIDs are not encrypted or otherwise scrambled, it becomes easy to grab one by snooping the WLAN looking for SSID broadcast messages coming from the router or AP. Knowing your SSID brings hackers one step closer to a successful intrusion.

In a home Wi-Fi network, roaming is largely unnecessary and the SSID broadcast feature serves no useful purpose. You should disable this feature to improve the security of your WLAN. Once your wireless clients are manually configured with the right SSID, they no longer require these broadcast messages.

Note that disabling SSID broadcast is just one of many techniques for tightening security on a Wi-Fi network. This technique is not 100% effective, as hackers can still detect the SSID by sniffing different messages in the Wi-Fi protocol. Still, using techniques like SSID broadcast disable makes it more likely that would-be intruders will bypass your home network seeking easier targets elsewhere.

4> Do Not Auto-Connect to Open Wi-Fi Networks

Connecting to an open Wi-Fi network such as a free wireless hotspot exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations with your (the user's) awareness.

To verify whether automatic connections to open Wi-Fi networks are allowed, check the computer's wireless configuration settings. For example, on Windows XP computers having Wi-Fi connections managed by the operating system, the setting is called "Automatically connect to non-preferred networks." To check this setting, follow these steps:

i)     From the Start Menu, open Windows Control Panel.

ii)    Inside Control Panel, click the "Network Connections" option if it exists, otherwise first click "Network and Internet Connections" and then click "Network Connections."

iii)   Right-click "Wireless Network Connection" and choose "Properties."

iv)   Click the "Wireless Networks" tab on the Properties page.

v)    Click the "Advanced" button in this tab.

vi)    Find the "Automatically connect to non-preferred networks" setting. If checked, this setting is enabled, otherwise it is disabled.

While Windows XP does not enable automatic non-preferred connections by default, some users enable it in an attempt to simplify connecting to their own home network. Users should instead configure these as Windows XP Preferred networks which allows automatic connection to the home equipment yet still prevents auto-connection to other networks.

5> Assign Static IP Addresses to Devices

Static IP address assignment (sometimes also called fixed addressing) is an alternative to dynamic addressing (normally, DHCP) on Internet Protocol networks. Dynamic addressing is convenient. It also allows mobile computers to more easily move between different networks.

However, static IP addressing also offers some advantages:

☻   A static IP address best supports name resolution, so that a computer can be most reliably reached over the network by its host / domain name. Web and FTP servers in particular benefit from fixed addressing for this reason.

☻   Using static IP addresses on home networks gives somewhat better protection against network security problems than does DHCP address assignment.

☻   Some network devices do not support DHCP. Using static IP address assignment for all devices on the home network guarantees to avoid potential address conflicts where DHCP may supply an address already assigned statically elsewhere.

When using static IP addresses on home and other private networks, they should be chosen from within the standard private IP address ranges listed:

☻   10.0.0.0 through 10.255.255.255

☻   172.16.0.0 through 172.31.255.255

☻   192.168.0.0 through 192.168.255.255

These ranges support many thousands of different IP addresses. It's common for people to assume that any address in these ranges can be chosen and the specific choice doesn't matter much. This is untrue. To choose and set specific static IP addresses suitable for your network, follow these guidelines.

i>     Do not choose any addresses that end with ".0" or ".255" - these addresses are generally reserved for use by network protocols.

ii>    Do not choose the addresses at the beginning of a private range. IP addresses like 10.0.0.1 and 192.168.0.1 are very commonly used by network routers and other consumer devices. These are the first addresses someone will attack when trying to break into a private computer network.

iii>   Do not choose an address that falls outside the range of your local network. For example, to support all addresses in the 10.x.x.x private range, the subnet mask on all devices must be set to 255.0.0.0, otherwise some static IP addresses in this range will not work.

6> Enable Firewalls On Each Computer and the Router

One of the easiest, least expensive ways to guard a home network from attack is to set up a personal firewall. The top firewall software products listed below afford good network protection and help maintain personal privacy. Even those who have home routers probably need the additional protection that a personal firewall offers. While these products all target the Windows environment, Symantec also sells the Norton Personal Firewall for Macintosh.

Some personal firewalls formerly available as stand alone downloads, such as the CA Personal Firewall based on the old free TINY Personal Firewall, are now bundled together with other security software and no longer on this list.

i> Sygate Personal Firewall PRO

Before being discontinued by Symantec as a product, Sygate Personal Firewall software offered solid network protection, activity logging, and automatic email notifications. Free for personal use, it supported advanced configuration options without being overly difficult to use. The PRO edition (no longer available) includeed guaranteed VPN support, an unlimited number of security rules, ability to import/export settings to multiple computers, and one year of free upgrades.

ii> ZoneAlarm Pro

Zone Labs provides a free ZoneAlarm download, too. The Pro edition adds email attachment protection similar to that offered by antivirus software, password protection, and ICS/NAT support. ZoneAlarm runs in Stealth Mode, making your PC literally "invisible" on the Internet. Though missing some of the more advanced personal firewall controls, its user interface includes handy features like the "Stop" button.

iii> Symantec Norton Personal Firewall 2012

Some claim that Norton's graphic interface isn't as easy to use as some other products in this category. Symantec doesn't offer a free trial version of this personal firewall software product either. Still, it continues to improve, and a new Home Network Assistant feature simplifies administering security across the home LAN. The Norton Personal Firewall software is solid and from a reputable company.

iv> McAfee Personal Firewall Plus

McAfee's software is sold on a one-year subscription basis rather than on one-time purchase, a feature that may appeal to some, but no free trial exists. McAfee also possesses a comparatively small footprint and a central "Control Panel" style of user interface. Product updates occur "live" over the Internet. McAfee does not support Windows ICS networks or the IIS Web server.

v> BlackICE™ PC Protection

BlackICE was the first mainstream personal firewall software product and remains an all-around top choice. Its high-quality user interface, logging capability, and support for auto-blocking of traffic from specific network addresses are great features for beginners and more advanced networkers alike. BlackICE PC Protection is an end of life product no longer receiving support from its vendor (IBM).

7> Turn Off the Network During Extended Periods of Non-Use

Question: Should Your Computer Network Be Powered Off When Not in Use?

Most broadband Internet connections stay "always-on," keeping you online at all times. For convenience, residential network owners often leave their router, broadband modem and other network equipment powered up and operating, even when not utilizing it for long periods of time.

          But should home network gear really stay always connected? What are the pros and cons of switching it off?

Answer: Home network gear need not be powered on and connected to the Internet at all times. Several clear advantages apply if you turn off your equipment when not using it, although some disadvantages exist also. Consider these pros and cons:

☻ Security  - Powering off your gear when not using it improves your network security. When network devices are offline, hackers and Wi-Fi wardrivers cannot target them. Other security measures like firewalls help and are necessary but not bulletproof.

☻ Electricity cost savings  - Powering down computers, routers and broadband modems saves money. In some countries, the savings is low, but in other parts of the world, costs are significant.

☻ Surge protection  - Unplugging network devices prevents potential damage from power surges. As with other types of consumer electronics, surge protectors may also prevent this damage. However, surge units, particularly the inexpensive ones, generally cannot protect against severe power spikes like those from lightning strikes.

☻ Noise reduction  - Networking gear has grown quieter in recent years, as noisy built-in fans get replaced with solid state cooling systems. Your senses might be adjusted to the relatively low levels of home network noise, but you might also be pleasantly surprised at the added tranquility of a residence without it.

☻ Hardware reliability  - Frequently power cycling a computer network device can shorten its working life due to the extra stress involved. Disk drives are particularly susceptible to damage. On the other hand, high temperature also greatly reduces the lifetime of network equipment. Leaving equipment always-on very possibly causes more damage from heat than will powering it down occasionally.

☻ Communication reliability  - After power cycling, network communiations may fail to re establish. You must take care to follow proper start-up procedure. For example, broadband modems generally should be powered on first, then other devices only later, after the modem is ready. You may also experience start-up failures due to "flaky" or unstable installations. Troubleshoot these problems when they arise, or you'll be faced with bigger networking problems down the road.

☻ Convenience  - Network devices like routers and modems may be installed on ceilings, in basemenets or other hard-to-reach places. You should shut down these devices gracefully, using the manufacturer-recommend procedure, rather than merely "pulling the plug." Powering down a network takes time to do properly and may seem an inconvenience at first.

In summary, most of these considerations suggest turning off your network during extended periods of non-use is a good idea. The security benefit alone makes this a worthwhile endeavor. Because computer networks can be difficult to set up initially, some people naturally fear disrupting it once working. In the long run, though, this practice will increase your confidence and peace of mind as a home network administrator.

Read More