ProCircular Information Security Experts Corner

Securing Your Home Network

Posted by Bryan Prather-Huff on Jan 10, 2017 7:58:17 AM
Find me on:

As strong as the weakest link

You probably know that having network security in the workplace is important, but what about your home? Most people use their home internet connection for everything from finance to important personal correspondence, all of which should be secured to the individual. In this blog post we will explore some simple tricks that will help you make your home network more difficult for intruders to access.

Choosing the right hardware

Residential internet customers generally get their internet through DSL over phone lines or DOCSIS over coaxial cable. Regardless of what system you have, you or your Internet Service Provider (ISP) probably installed a modem that acts as a gateway between your house and the rest of the internet. Most modern modems have features that also allow them to function as routers, such as a collection of Ethernet ports and Wi-Fi connectivity. What you probably haven't heard is that even if you buy a modem and don't rent one from your ISP, that device will still be configured by your ISP, meaning that they have full remote access and control over the device. Since you can't guarantee the security of a device you don't have exclusive control over, we suggest placing a separate router and disabling all the router features on the modem (Wi-Fi, NAT, etc.). Buy routers from well-known brands to ensure quality and durability of the device (NETGEAR, TP-LINK, Linksys, Cisco, Asus). You can also buy Wi-Fi extenders which will help give good wireless coverage over your whole home.

Configuring wireless access

Wi-Fi is the most common way for your devices to be connected to your home network, but wireless communications are freely broadcast through the air and can be targeted by a sufficiently motivated attacker. Any device that that can conveniently be connected directly to your router with a cable will lessen the chances that an attacker can target that device. The following steps can be taken to secure your wireless network.

Choose a unique network name

Your network is identified by a Service Set Identifier (SSID) which allows you to identify and connect to your network. By choosing an SSID that is unique to you, you make the process of intercepting and cracking the Wi-Fi password more difficult. Common SSIDs like 'Linksys' or 'NETGEAR00' are susceptible to precomputed password attacks leveraging a cracking technology known as Rainbow Tables.

Don't hide your SSID

It may seem counter intuitive, but hiding your SSID can actually make your devices less secure. A hidden SSID requires client devices to probe for the router with the name only known by the connecting client. In your home this isn't an issue, since your device will probe and quickly find the access point. When you leave your home however, your device will still be looking for that access point with the hidden name when it's not connected to another Wi-Fi network. This means someone might be able to identify you and your device by listening for the devices’ beacons as it searches for the hidden network.

Set Network Password Correctly

To maximize security, it's important to have the current setting for password exchange. WEP and WPS are two common password settings on routers. Both of these technologies are obsolete and have been proved to be insecure. If these settings are available on your router, disable them and instead use the modern WPA2-personal key exchange method. These settings alone are not enough to guarantee a hacker can't capture the Wi-Fi authentication key and crack your password, so be sure to create a reasonably complex passphrase with length greater than 8 characters. Longer passwords with only letters are generally more secure than short passwords with lots of symbols and numbers.

Topics: Cybersecurity, Data Security, consumer security