Basic IT Security #1|淺談資訊保安 #1

The price of BTC has been raise to around 3,500 recently. First of all, a big congratulation to all those have invested on it (sad that I have no any single BTC yet...). You cannot deny that the blockchain technology is developed very fast nowadays. It almost has one new ICO every single week.

比特幣的價格在最近上升到3500美元了，首先，恭喜有買進的各位(可惜我一個也沒有買..)。你不能不承認塊鏈的技術發展得越來越快，差不多每個星期都有一個ICO了。

I bet most of the people in Steemit have invested some altcoin. And I bet most of you will put in into your wallet. And I bet most of you will save your key into your personal computer. So, here comes a question, is your computer well prepared enough? I am not sure about it.

我相信Steemit的各位都一定有投資不同的虛擬貨幣，而我相信大家都會把貨幣放進你們的錢包，而且我也都相信大家會把你的私匙存放在你的個人電腦裏面。所以，這裏有一個問題，你覺得你的電腦準備好了嗎? 這個我不確定。

So, I would like to start a series of topic which talk about some basic computer security which may apply to your personal computer in your home or in a small office. And please pay attention, information mentioned in the post is just base on my personal experience, which is not something a must or absolutely right. It would be a basic introduction only, and it is welcome for discussion.

所以，我想要開一個系列去跟大家分享一些基本的電腦保安知識，基本得可以套用在你的家中，或是一些小型的私人公司。但請謹記，這些分享都只不過是我的個人經驗，不一定是必須或是保證正確的。它只是一些基本知識，而且歡迎大家討論。

The first topic I would like to share is about your local network. For small company, or even in home, there should be more that 1 device which is connected in the local network with lan line. And as mobile device is getting more and more popular, I believed that you may also have quite a numbers of mobile devices which also connected to your local network.

第一個題目我想分享一下你的本地網絡，對於小型公司，或是家中的網絡，我相信肯定不止一部座台電腦在用著網線去連接。而且除著移動裝置的發展，我相信你的網絡還會有好幾部移動裝置連接著。

I believe that most of the people would use a router for the purpose of network sharing and wireless distribution. For a good alerted person, I bet you will properly change the default password of the router, set the router as WPA2-PSK, use a long enough WiFi password, etc. And nowadays, most of the router support the logging function and can show the device connected to the network and I bet you will regularly check it. I found below example from the web:

我相信大部份的人都會用路由器去作為網絡分享，還有無線網絡設置的工具。做為一個精明的你，我也相信你已經改好了預設密碼、用了WPA2-PSK加密、使用足夠長的WiFi密碼這種種不同的措施。而且今天的路由器，即使是家用的路由器也都支援網絡記錄、查找連接裝置這些偉大功能。而我也相信你有定期的去查看這些紀錄。我在線上找了一些分享圖片作為參考：

Is it securing enough? In terms of IT security, the above were considered as preventive control. And it has a critical point which will make you never notice any abnormal from your local network, which is your router being hacked. So, we need a detective control as an additional layer for our IT security.

那，這是足夠安全了嗎? 以資訊保安而言，以上種種的措施我們稱為預防性控制。而它有一個觸發點，那就是你的路由器。如果你的路由器被攻擊了，我相信你用以上的措施都不一定找得到任何疑點。所以，我們需要一個偵測性控制去作為你資訊保安的一個額外防線。

I personally suggest you should perform a network scan regularly to see if there are any unidentified devices connected to your local network. I suggested that you could use NetScan, which is a freeware at the beginning, but comes to the commercial license recently. You can download it’s free trial, which can show up to 10 device for your network scan, and the current version is 7.0.9.

我個人推介你可以定期的作一個網絡掃描，去偵測一下有沒有什麼可疑的裝置連上了你的網絡。我推介大家可以使用NetScan，它最開始的時候是一個免費程式，但最近開始收費了。大家可以試一下他的體驗版本，它可以在你的網絡掃描中顯示10個裝置，最新的版本是7.0.9。

However, there is some tricky thing is that, you can still find the old version of the software, which has almost the same feature and also so powerful to use, and what’s more important is it is free and no any limitation on it (other than some advertisement). And For example, I have a version of 6.2.1, you can still use it by ignore its update request.

但是，這裏有個有趣的地方，就是你可以在網上找得到它的舊版本。舊版本的功能基本上跟現在的版本差不多，而且同樣強大，最重要的是免費 (雖然有廣告啦)。以我用的版本作例子，我現在仍然在用6.2.1的版本，只要忽略它的更新提醒就可以了。

You can see the old version software screen capture as below; the different for the new version is mainly there is advertisement (actually you can close it).

你可以看到下面的舊版本截圖，基本上跟新的完全一樣，只是多了廣告(而且你可以關了它)。

So, here comes the tutorial on how to use it. You can type your range of IP address you would like to scan. You could divide your scan by different subnet, vlan or whatever.

好了，讓我們開始教學吧。你可以輸入你想要掃描的IP範圍，你可以跟據你的子網絡、虛擬網絡去分段掃描。

Or if you have no idea on what is your ip and what is your range, you may kick on the below button “Auto detect IP range” which would auto detect the range of IP according to your machine currently using.

如果你完全沒有概念，你可以按下圖的“Auto detect IP range” (沒中文啊..)，它會自動根據你的電腦搜尋你的IP範圍。

Just click on IPV4 if you have no idea on IPV6 as below:

如果你對IPV6沒有概念，按IPV4：

Then you will find a range of IP have been setup for you as below. And now, you can just press start screen and wait the result.

然後你會看到一個IP範圍自動的生成了出來。現在，你可以按開始掃描(start screen)然後等待結果。

I have my result as a sample on below. As I am doing it on my lab, so, you can see there are quite a number of IP shown. If you are doing it at home, you should have much less result.

我貼了我的結果作為參考，由於我是在我的虛擬平台中掃描的，所以裝置比較多一點。要是你在家中掃描的話，結果應該會比我少許多。

As you can see it above, the new version only show 10 of the device, and I have also do the same thing with my old version, you may have a look below, it just simply show the same result with no limitation. So, I do suggest you find the old version and enjoy you network scan.

在上圖你可以看得到，這新的版本只顯示了10個裝置，我用的的舊版本也做了一次，你可以看一下下圖，它們的結果基本上是一樣的，而且沒有數目的限制。所以，我建議你可以用舊的版本去做你的網絡掃描。

And that it the first tutorial I think. You can have a try in your home or even in your office to see if there are any device connected to you network which you have no idea what is it. If you really find one, you have to be aware of it. Will your WiFi password leaked? Will that machine a hacker device installed in your network? Or just simply your mum finally finds out how to get into internet?

而這大概就是我今天的帖子啦。你可以在家中或是辦公室試一下，看看有沒有什麼裝置是你完全不知道那是啥的。如果你真的找到一個，你就要留神了。會不會是你的WiFi密碼被破解了? 會不會這是一個駭客在你網絡中安裝的裝置?會不會只不過是你的媽媽終於學會了上網而已?

I don’t know, and I think you can find it out! Let’s talk more about it in my next post.

我不知道，但我相信你會找到答案的! 讓我們在下一個帖子中再多談一點吧!

---

Thanks for reading, I hope you enjoy it!
And please follow me and see my other post if you like it: @victorier

感謝你的閱讀，希望你會喜歡!
如果你覺得不錯的話請你追蹤我，也可以看我其他的文章: @victorier