10 Ways to Protect Your Home Network
The average home computer setup is significantly more complex than it was even five years ago. With the advent of broadband Internet access and inexpensive wireless network setups, we are finding more and more that the home computing environment today is starting to look more and more like small office networks.
Along with this increasing complexity, there are also comes a need for increased knowledge and understanding of the computer systems. Unfortunately, the average home user is ill equipped to handle all of these complexities. This lack of understanding leaves many home systems open to attack from the wilds of the Internet.
The purpose of this article is to provide the typical home user an overview of some basic steps that can be taken to help secure their home systems. It is not intended to be an all encompassing “do this and you will never have computer problems again” article. Rather, it will attempt to point users in the right direction when it comes to safe computing.
Home Network Overview
The diagram above shows what a safe home network could look like. In incorporates a number of different hardware and software solutions that work together to help keep the computer systems safe.
The numbers one to ten in the diagram refer to ten key components that each provide a measure of security. Each of these components deserves further description and comment.
Install a Hardware Firewall/Router
The hardware firewall/router is at the core of your system security. It is on the “front lines” when it comes to protecting your systems. It’s main security purpose is to let you get out to the Internet while keeping the Internet out of your computers.
While initially expensive, their price has dropped significantly in the past number of years. In fact, I have seen them as inexpensive as five dollars. There is no real reason to not have a hardware firewall.
Some of the common manufacturers of hardware firewalls include:
- D-Link
- Linksys
- Netgear
- SMC
Setup Tips
- Change your default password. This is very easy to find on the Internet
- Disable remote access. This is usually very easy to break into
- As convenient as it is, disable DHCP or at least limit it to the number of computers that are on your network. Do not use DHCP if you have WiFi
Secure Your WiFi
Computer criminals love WiFi (or wireless network link) because it is so easy to set up wrong. Anyone with a laptop, wireless network card, and software available for free from the Internet can find unsecured Internet. Unsecure WiFi data is then often uploaded to the Internet for everyone to see.
Security Tips
- Use preferred encryption methods in this order: WPA2, WPA (been cracked), WEP (been cracked). Only use WPA and WEP if you have no other choice
- Change your SSID to something obscure
- Don’t broadcast your SSID
- Use MAC address authentication
- Turn off your WiFi when not in use
- Disable DHCP on entire network
Install a Web Filter/Proxy
A web filter controls access to certain websites or content. While no web filter is foolproof and many experienced computer users can get around them with some effort, they do help prevent people (expecially children) from accidentally stumbling on things they shouldn’t.
The filter can be a stand alone system that protects your entire network or software that runs on your computer to protect just that computer.
Freeware/Open Source Web Filters
• B Gone
• Naomi
• Parental Filter
• Privoxy
• We-Blocker
Install a Spam Filter
A spam filter looks at your e-mail and determines whether or not it is a real e-mail or junk mail. It can then deal with the junk mail according to your settings.
Just like a web filter, a spam filter can be set up to secure a single computer or an entire network. There are both software and hardware based spam filters.
Freeware/Open Source Spam Filters
• BounceBully
• Frontgate MX
• SpamAware
• SpamBayes
• SpamExperts
• Spamihilator
Install and Maintain Antivirus Software
After a firewall, antivirus software is probably the most important security feature you can have on your network. If you don’t have antivirus software, stop reading and get it NOW! If you have antivirus software, make sure that you keep it up to date. Antivirus software is only as good as its last update. Do this daily if you can.
Free/Open Source Antivirus Software
- AntiVir Personal Edition Classic
- Avast
- AVG Free Edition
- BitDefender
- ClamWin
Install Desktop Firewall Software
The hardware firewall does not prevent spyware and viruses from getting outof your network. A desktop firewall can monitor traffic leaving your computer or programs attempting to use your internet connection. This way, if you see an odd program suddenly wanting to connect to the Internet, you will be able to make an educated decision.
Freeware/Open Source Desktop Firewalls
- R-Firewall
- SoftPerfect Personal Firewall
- ZoneAlarm
Install Antispyware Software
Antispyware spftware helps to protect your privacy by removing cookies and software that track you on the Internet. Spyware can also collect and transmit different types of personal information that it finds on your computer to other parties.
Freeware/Open Source Antispyware
• Bugnosis
• ScriptDefender
• Spybot S&D
• SpyDefense
• SpywareBlaster
• WinPatrol
Install Encryption/Secure Deletion Software
The purpose of this software class is to prevent prying eyes from getting into your personal information. Encryption software can make files, e-mail, etc. look like jibberish unless you have the proper password or key. Secure deletion software makes sure that remnants of your files do not lurk inside your computer, even afte they have been deleted.
Freeware/Open Source Encryption/Secure Deletion Software
• bmpPacker
• CompuSec
• CrossCrypt
• CryptainerLE
• FreeOTFE
• GnuPG
• Eraser
• PowerCrypt
• SuperShredder
• TrueCrypt
Install Password Management Software
Last time I looked, I have over 70 username/password combinations for various different websites and systems. There is no way that I can remember them all. The temptation is to use one password for everything but this creates a major problem is someone discovers that password. They now have access to everything!
Password management software allows me to still use one password (to open the software) but everything else can have a different, extremely complex password. While there is still an issue about one password being the key to all other passwords, the user needs to actually have your password file and password (plus, for some software, your keyfile(s)).
Freeware/Open Source Password Managers
- Access Manager
- KeePass Password Safe
- PINs
Install and Use a Backup System
Remember the old commercial that asked, “What are the three most important things about real estate? Location, location, location.” Well, the three most important things about computer systems are backup, backup, backup.
There are any number of problems that can occur which would cause you to lose data: hard rive crash, virus attack, accidental file deletion, file corruption. I cannot emphasize enough that you need to backup your files.
Freeware/Open Source Backup Software
- Abakt
- Back It Up
- Back4Win
- Cobian Backup
- Easy Backup
- SyncBack
The Internet is an ever changing landscape. What is secure and safe today may not be tomorrow. This article is not the end all and be all for securing your home network. I hope that is does make you pause to think about how you have set up your network and maybe make some changes.