You have heard of large corporations being hacked and passwords,credit card numbers etc being compromised but what about individuals.
Are you in danger of being hacked? and if so why? and what can you do about it?
The fact that large corporations with professional security staff have been successfully hacked should give you a good indication that network security isn’t a trivial task.
However like all things there are various levels of security, and what level of security you requires depends on the perceived risks involved and on your ability to implement them.
Very often you see that the recommendation is to get this super home router that has incredible built in security and you will be ok.
This is far from the truth, and when starting with home security by far the best investment is to improve your knowledge.
Personally I am not a network security expert and probably never will be, but I do understand networking and networking devices and how to configure them.
This tutorial is an attempt to collate network security practices that are recommended by security experts, evaluate them and assess their suitability for implementation by inexperienced users.
Home Security Overview
Network Security Levels and Ease of Use
You need to appreciate that the more security you build into the network then more difficult it will be to use and maintain.
As an example using Wi-fi without security (not recommended) is easier that using Wi-Fi with security.
To take a broad brush approach then we will divide security into two levels.
Basic security can be implemented by a non networking professional whereas advance security requires detailed networking and security knowledge.
As I am not a network security expert I will only be covering basic security in this tutorial and will offer links for more advanced security measures and practises at the end.
Home Security Overview
If you assume that you are at risk of being hacked then what are the consequences of that risk?
This is a very important part of evaluating your security as it may be that the consequences aren’t that bad, and so there is little need to fret about security.
However given the rise in online banking, crypto currency etc it is likely that most people will need to take basic security precautions.
Currently most scammers use social engineering using the phone or email.to gain access to peoples bank accounts etc.
This type attack will most likely be the most common risk faced by home networks.
The intruder will hack a home network to gain access to sensitive data like bank account login details.
There are two main locations for an attack and they are:
- External from the Internet
- Internal from a compromised device
Video: Home Network Vulnerability
Securing Your network from External Attacks
Your Home Router is your gateway to the Internet and is often on most small home networks the only networking device present.
Many security tutorial advise not using an ISP provided router as they lack many security features.
For most people this isn’t practical and although they do lack features they are simple and not complicated to set up.
A sophisticated router may be more insecure when set up by someone with very little experience.
So if you are new to networking which is probably true as you are reading this tutorial then I would stay with the ISP router for the time being.
However there are a number of measures that you should take to secure the home router. They are
- Change default username and password and make password secure.
- Turn off remote management if enabled.
- Use WPA2 encryption on Wireless routers
- Disable WPS on Wireless routers.
- Disable UPnP if possible
- Keep firmware up to date if not automatically updated.
- Don’t open ports that don’t need to be opened and close ones that are no longer needed.
- Don’t make your external IP address public
You can find more detail in these tutorials
Internal From a Compromised Device
A device on your Internal network can become compromised in any number of ways and this device can be used to gain access to your data and to send it to a remote device controlled by an Hacker.
Some simple things you can do is to:
- Don’t allow anyone from outside to use your network.
- Create a guest network for visitors
- Segment your network into sub networks especially for smart home devices.
Restricting Access to you home Network
You should be very careful of allowing visitors to access your home network.
They could either deliberately or accidentally compromise your network by introducing a spybot on your network.
If you do want visitors to access the Internet through your network then you should create a guest network.
Related Tutorials andReferences