What's new

Need help getting started securing my network

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

RcN02

New Around Here
An aquintance in IT pointed me in this direction when I asked him some questions.

I've done a lot of research so far, but have hit a bit of a wall as far as my knowledge goes. I'm hoping someone can help point me in the right direction of where/what to look for. I guess, you don't know what you don't know....

My current situation is - I found myself falling backwards into securing my home network. I'm not an IT guy, and have just basic skills. I'm "drinking from the firehose" trying to learn as much as possible on nights and weekends. I just ordered some network+ books to look over and have been scouring some sites.

In short- I want to secure my home network. Currently have very simple setup with about 10 devices (laptops, printer, NAS, phones, ipads, baby monitor, camera). I'm currently using a Linksys 1900acs router (which I've changed the admin pw).

Most of my research leads me to belive the best step is to set up a VPN (with a different router) and lock down additional access and guest accounts.

Please let me know:
1) Does that seem like the best idea? Best options for what I'd like to do (VPN? New Router?)
2). Best places to do more research and learn the skills I'll need to set up and maintain a secure network
3). Any free or cheap tools for monitoring
 
With your WRT1900acs - a few things...

1) Change the Admin PW - which in your post you've already done
1a) Don't forget to change/update the WPA2 passwords there, and ensure that you're only using "WPA2 Personal"

2) Disable WPS - go to "Wireless", and then in that Window, look for the "Wi-Fi Protected Setup" tab - there's a switch to disable

3) Disable Guest Access - with Linksys, this is not very useful, and is a security risk - go to "Guest Access", and ensure that the switch there is turned off - as a bonus measure - click the "edit" link, and uncheck the "enabled" boxes

4) Do not use the "external storage" function - there's some security issues related to the FTP server and WAN's - just don't use it

5) OpenVPN Server - consider that it's there - but there's no means or methods to change certificates or revoke certs - it's there as a checkbox feature only, and I don't recommend using it

Couple of tips on the WRT - in the 2.4GHz Wireless settings, consider using "Network Mode = 802.11b/g/n only" mode, and channel width of "20MHz Only"

If your needs are simple - it's a fairly fast and reliable router/AP/Gateway - better than many... and pretty decent range.

On the initial setup wizard interface - you have the option, it's a bit minimized, but it's there, to configure it without using Linksys Smart Wifi's cloud thing - might consider that...
 
SFX' suggestions are a good start. The key question is what's your threat profile?

A home with two computer savvy adults and good anti-virus running on computing devices out in the country with no neighboring wireless networks is likely ok. Knowing not to open attachments unless it's something you are expecting and having anti-virus that monitors your browser will save you from most hassles.

VPN just provides a secure connection. It doesn't ensure that whatever is going across the pipe won't harm you.

Are the baby monitor and camera connected to your network or do they have dedicated wireless connections (like cordless phones)? They could be the biggest source of problems.
 
With LinksysSmartWifi - one can disable remote access - but this also breaks their Cloud Access via http://www.linksyssmartwifi.com access - to that end, accessing the router will have to do through the local GW address - but this is a big way to secure Linksys SmartWiFi devices like the WRT and EA lines that used the SmartWiFi application/software stack...

Screen Shot 2017-03-03 at 5.47.51 PM.png
 
Securing your networks best way is to use VPN, and it also can help you in many other ways as well. I have been using VPN for more than 1 year and its really great in terms of price and their services. PureVPN customer support is also really helpful.
 
Securing your networks best way is to use VPN, and it also can help you in many other ways as well. I have been using VPN for more than 1 year and its really great in terms of price and their services. PureVPN customer support is also really helpful.

Just adding a commercial VPN client to your router doesn't necessarily make you more secure. It does encrypt your data flowing between you and your VPN provider but the data is in the clear on the Internet after leaving the VPN provider's router and being dumped on the Internet. For more complete security you need an end to end VPN. (Branch Office A - Head Office) and this is not what a commercial VPN is. If you connect to a site using SSL (the majority of sites use it now) your data is encrypted anyway. A VPN will encrypt your wifi tansmissions if you run the VPN on a device but it doesn't encrypt them if the VPN client is on your router. You still need a strong WiFi password even with a VPN. Finally running a VPN can actually weaken security since the firewall can not inspect the packets of incoming data as they are encrypted so malicious packets may not be blocked. Some VPN providers for an additional fee will provide a NAT firewall at their end.
 
Similar threads
Thread starter Title Forum Replies Date
Z Please help, getting hacked to pieces General Network Security 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top