ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Hackers Are Everywhere - Here's How to Upgrade Your Home Network Security

Updated on December 6, 2019
Source

Today, network and data security is top of mind for businesses everywhere, and with good reason – there has been a slew of high-profile data breaches that demonstrate what happens when security's not tight enough. Businesses, though, aren't the only target hackers try to prey on every day.

In fact, hackers target computers and other devices with internet access with alarming frequency. A recent study found that there's an attempted attack every 39 seconds on average. That means home users have just as much exposure to the threat as businesses do, but what they don't have is an IT department working to maintain their security.

That means users have to take it upon themselves to secure their home networks if they want to make sure nobody gains access to their devices. The good news is that even for a relative novice, that's not a very hard thing to do.

Source

Begin With Your Internet Connection

In most cases, a home's internet connection is supplied by an ISP-provided modem, which often also includes a built-in Wi-Fi capability. The problem with that is the fact that ISP-provided hardware is notoriously insecure. That means the first step to improving your home's network security is to either purchase your own modem or to at least add your own router and firewall behind the ISP equipment to keep your network-attached devices safe.

In the US and elsewhere, ISPs are required by law to allow customers to use their own equipment and that's the preferable option whenever it's practical for the user. Unfortunately, there's no shortage of reports of ISPs making it difficult for customers to do this, so your mileage may vary. The first step to finding out your options is to contact your specific ISP and ask them to provide you with a list of modem models that are compatible with your service. Here's the information for the major US ISPs:

  • Modems for Optimum by Altice
  • Modems for Comcast Xfinity
  • Modems for Time Warner Cable
  • Modems for Spectrum

If you choose to purchase your own modem, you will have to call your ISP to get it registered and turned on to work with their network. That can be a challenge, depending on your provider, but it's worth it. With your own modem, you will enhance your security and do away with costly monthly equipment rental charges, too.

Source

Adding a Network Firewall

Whether you're using the ISP's modem or your own, it's not a good idea to rely on either as your only form of network security. Instead, you should add a hardware firewall device behind it for better protection and more specific network access controls. If you're not terribly technically inclined, there are now a variety of home network firewalls on the market that offer excellent network-wide threat defense at reasonable prices. The main benefit of these is that they're designed to be plug-and-play solutions. The downside is that the most user-friendly devices tend to require yearly subscriptions to keep them up to date.

As an alternative, it's possible to repurpose an old or disused computer to make a much more versatile and perpetually-free home network firewall. All you will need is a somewhat recent PC that meets the following minimum specifications:

  • At least a 1 GHz CPU
  • At least 1 GB of RAM
  • An internal HDD with at least 40 GB of space
  • 2 available network adapters

That last requirement is typically the most difficult to satisfy, but an add-on network card can be had for under $20 and they're a snap to install in most machines.

With your hardware ready, all you have to do is choose an open-source firewall solution to install on it. The three most appropriate for home users are:

  • Untangle NG Firewall – Untangle is one of the oldest open-source firewall products available today. It's extremely user-friendly, easy to install, and is simple to manage (even for a novice). The free version comes with everything a home user needs to stay safe, including plugins for network-wide antivirus protection, ad blocking, and phishing protection. Best of all, Untangle's support staff are very helpful and will even support free installations if you're willing to be patient and wait for them to respond (paid customers always come first).
  • IPFire – Like Untangle, IPFire is an open-source firewall solution that just does everything. It has plugins that handle every kind of security function you can think of, and even a few you've probably never considered. It's also possible to add networking features like a mail server, file server, network print services and anything else you can think of to it. The only downside is that it's a bit harder to configure, so novice users will have to read up a bit to get started with it.
  • pfSense – As far as free firewall solutions go, you won't find a more powerful option than pfSense. It is an enterprise-grade solution in every way, and is used by a variety of large companies around the world. Its power, though, makes it a favorite of the home enthusiast market segment. The problem is that it's not all that easy to configure and maintain. So while it is an option for home use, it's one most users should avoid unless they're looking to learn some serious networking skills to do it.

Source

Secure Your Network Devices

With perimeter security taken care of, the next step is to see to the security of the individual devices connected to your network. I've covered a number of networking devices in a previous guide, and all of them should be assessed for security if they're a part of your setup.

The first step to doing this is to check with each device's manufacturer to see if there are any available software or firmware updates you should apply. Many times these updates will address security flaws discovered after release and they should be applied according to the manufacturers' recommendations. Make sure to do this with every device attached to your network including:

  • Smart Speakers
  • Smart TVs
  • Connected Blu-Ray Players
  • Streaming Set-Top Boxes
  • Smart Home Equipment (thermostats, sensors, etc)

The second step is to use your firewall to restrict inbound external internet access to your network devices unless their operation requires it. That will make it harder for an attacker to exploit weaknesses in the devices should any persist after updating.

Last but not least, make sure that none of your network-connected devices are broadcasting an open Wi-Fi signal. The primary culprits for that type of thing are network printers, so give them a good long look and turn off their networking features if you're not using them.

Source

Encrypt Everything

The last step in securing a home network is to make use of encryption technology wherever it is possible. To begin with, it's critical to make sure that the home's Wi-Fi connection makes use of WPA2-PSK with AES encryption in its security settings (at least until WPA3 is available). That security should be complemented with a strong and complex Wi-Fi passphrase for clients to use to connect. Together, those features prevent any unauthorized access to the wireless network and keep anyone within the range from sniffing any of your network traffic to look for a way in.

You should also make an effort to use webpages secured with SSL encryption which is signified by the "HTTPS" prefix of the web address or a padlock symbol in your web browser's address bar. If you want to add some extra security, you can even use a VPN to add an extra layer of encryption to all of your internet traffic. If you've opted to install one of the open-source firewall options mentioned earlier, you can even set up your own VPN server that can protect you at home as well as when you're on the road.

Stay Safe from Determined Attackers

Earlier, I mentioned that data indicates the fact that internet-connected devices face attacks roughly every 29 seconds. The good news is that most of those attacks are simple port scans and dictionary attacks probing for vulnerabilities and weak passwords. If you implement the network security measures above, you should be safe from the vast majority of those attempts. You should even be safe from more determined attackers, who will have a difficult time finding any hole in your network's defenses. Of course, no defense is perfect, but most hackers will pass a defended network to prey on easier targets – of which there's never any shortage.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2019 Andrej Kovacevic

Comments

    0 of 8192 characters used
    Post Comment

    No comments yet.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://maven.io/company/pages/privacy

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
    ClickscoThis is a data management platform studying reader behavior (Privacy Policy)