Mac Security 101
applemacpunk@cox.net
Connecting to the Internet: Put a Router Between Your Mac and the World
by Kale Feelhaver aka: Applemacpunk
The days of dial up are gone. These days everyone connects to the Internet via high-speed Cable or DSL connections. Though these connections are much faster (and much less painful to use), the pose a new problem. When you plug your Mac directly into your Cable/DSL modem, you are putting your Mac directly on the Internet. This article will give a brief synopsis of a safer way to connect.
Before talking about ways to connect, letÕs talk a little bit about what actually happens when you connect to the Internet. Every connection to the Internet is given a number. Think of them like addresses, or phone numbers. These numbers are called IP Addresses and each one is a unique string of 4 numbers (between 0 and 255), separated by dots (ie: 68.159.36.122). Every Internet provider (AOL, Earthlink, etc.) is given a range of IP Addresses that they can distribute to their members.
IP Addresses on the Internet are called Public IP Addresses. Local networks also use IP Addresses, but to keep things from getting confusing, local network have 3 reserved IP ranges, called Private IP Addresses. The ranges are 10.0.0.0 – 10.255.255.255, 172.16.0.0 – 172.31.255.255, and 192.168.0.0 – 192.168.255.255. These IP ranges designate internal networks and are never used on the Internet. At any time, you can check your MacÕs IP Address through the Network pane in System Preferences and see if you are connected to a Public IP Address, or a Private IP Address. If you see an address like 10.222.8.189 (or any of the reserved addresses), you are connected to a local area network. If you an address like 157.62.44.101, you are connected directly to the Internet.
One of the easiest and cheapest ways to put a barrier between your Mac and the Internet is to connect through a router. A router is a hardware device that sits between your Mac and the Cable/DSL modem. The function of the router is to translate Private IP Addresses into Public IP Addresses. Routers use a technology called NAT (Network Address Translation) to achieve this. A router has (at least) 2 interfaces. One is the external interface, which plugs into the Internet (Cable/DSL modem). The other is the internal interface, which plugs into your Mac (or into your network if you have several Macs). Basically, the router takes the Public IP Address from the Internet, and gives your Mac a Private IP Address to keep it separated from the Internet. The true function of a router is far more complicated, but that is a simplified overview.
Think of the router like a front desk in an office building. If you are sitting at a desk in the building, and you call someone, the call goes out through the front desk. If the person calls you back at that number, they are connected to the front desk and not directly to your phone. The router uses a similar method to secure your Mac from the outside world. The router takes the Public IP Address, so every time you browse the Internet, you are using the address of the router, not the address of your Mac. If a hacker attempts to Òcall you backÓ he gets the router, and not your Mac.
There are several routers on the market made by companies like Linksys, D-Link, and Netgear. A decent router will cost you less than $100, and probably last for many years. The basic setup is pretty simple. First, shut off your Mac and shut off your Cable/DSL Modem. Hook up the router, according to the directions. A cord should come out of the modem, and go into the router. Then a second cord should come out of the router and go into the Mac. Once everything is hooked up, power on the modem, power on the router, and power on the Mac, in that order.
Now for the part that everyone forgetsÉ go to the router configuration screen and change the password. Look in your routerÕs manual to see how to get to the configuration screen. On most routers, this will be accessed via a web browser. Since the router is now your connection to the Internet, you want to make sure you are protecting it with a password. Anyone who has ever setup a Linksys router knows the default password is ÒadminÓ. The same is true of every manufacturer. Each one uses the same default password on all of their routers. A hacker is always going to try the default passwords when attempting to break in. Make sure to choose a password that is complex, but still easy to remember. You may need to perform maintenance on the router at some point, and then you will need the password.
Connecting to the Internet through a router is not going to guarantee security, but it should help to increase the security of your Mac while you are on the Internet. Fortunately, there are a lot less Mac-specific hacks out there, because most people target Windows. However, this doesnÕt mean Mac users should get lazy and think, Òit wonÕt happen to me.Ó The Internet is a nasty place and there are a lot of evils out there lurking in the virtual shadows. Put some hardware between your Mac and the InternetÉ youÕll sleep better at night.
