Secure your Home Network in Ten Easy Steps
Following the suggestions below will greatly increase the security of your home network. Attackers know home networks are usually not well protected and they target them to create botnets and other underground activities; don’t be a victim.
- Update your software – This may sound trivial but it’s the number one thing that causes issues for home users. Pay special attention to Windows Updates and Adobe Acrobat, Flash, and Java updates, as they are common targets for bad guys.
- Run Antivirus – Even in this day and age Antivirus still matters! For home networks it’s especially important because there are less layers of defense than corporations.
- OpenDNS – OpenDNS provides DNS servers free for home users where you can customize and see reports about where devices on your network are going online. This is a great way to provide content filtering for all devices on a home network. The easiest way to use this service
is to set your routers DHCP DNS servers to OpenDNS’ servers. Setting this in your router will ensure that all your Internet connected devices are protected.
- Check your router to make sure “Remote Administration” is turned off. You can do this by going to http://192.168.1.1 or http://192.168.1.0 on most models. The username and password on most models will be admin/admin or admin/password. On a Linksys it will typically look something like this:
- Check your router’s wireless settings and make sure you have WPA or WPA2 enabled. WEP has been broken for many years and its trivial for any attacker to break into. At NBG Networks we still encounter clients that have wired equivalency protection (WEP) networks; they have usually already been hacked into.
- Port Scan Yourself – Scan for common open ports and close any that shouldn’t be open in your router. You may have to disable UPNP if you can’t find another way to close open ports that you don’t need open.
- Don’t connect unnecessary devices to the Internet! I’ve seen my fair share of webcams that were accessible to the whole world. If you need to access devices remotely, create a VPN with dd-wrt or a firewall that supports VPN.
- Install DD-WRT – This is a great upgrade if your router supports it. List of supported routers. With DD-WRT you can turn your old Linksys into a fairly powerful home firewall with VPN support.
- Encrypt important documents with TrueCrypt. The easiest way to do this is to create a “virtual encrypted disk.” TrueCrypt will create a flat file that you can mount as a drive letter only with your password. Don’t lose your password there is NO way to recover it.
- Create your own firewall from scratch with pfsense. Don’t throw away that old PC; turn it into a powerful, fully functional firewall! You’ll need at least two network cards and some free time to install pfsense and configure it. Pfsense offers great caching, arp spoofing protection, network antivirus and, best of all, its free!
Latest posts by Nick Gibson (see all)
- How Security Professionals Dig up Dirt about You Online - January 20, 2014
- 10 Easy Tips to Secure Home Networks - December 28, 2013
- Network Security Toolkit - December 26, 2013