Physical Security on a Budget – Securing Your Home Internet

For updated comments et al visit our other blog at http://www.the22man.com/2016/03/start-your-physical-security-on-a-budget/

This is a no cost solution to increasing your personal security, and we all like that four letter word “FREE”.

I was working on this as a subject not only for TWG, but also for a book that was written by Matt Canovi. The problem is I was on page 3 and just showing you how to log onto your router. That may be alright for a book however it is unacceptable for a blog. I will let you know when I either joint publish in the 2nd edition of Canovi’s book or have this published in depth elsewhere.

With that said, you need to protect your computers, tablets and phones from the bad people of the world. You can read about software protection in the articles on this blog by going to the right side of this blog and under “Categories” selecting the topic you wish to see.

In this article I want to have you secure your “router”. It is what allows you to share multiple devices to one internet connection.

Make sure your “firmware” is the most recent. This allows more configuration and better stopping of hack attempts.

If you are a gamer, setup the router so the games you use / host are in the “DMZ” of the router. This is normally under the ‘Firewall’ section.

Under the LAN settings, narrow down your “DHCP addresses. There is no need for the all too common default 100 devices, this is your home or small business. Figure the number of devices you currently have and double that. You will have phones, tablets, laptops, a printer or 2 and maybe a PC or 3 or 4 or 5.

If you use wireless, make sure the router and your devices are using “WPA-PSK” Home or Personal with AES encryption. Use a complex password of at least 8 characters consisting of letters, numbers and characters. NEVER use the “default” wireless key.

Change your SSID (that is the wireless name that is broadcast) from the factory default. They default SSID and leaving the log on password as the default is easy as heck to crack.

Turn off ‘Wi-Fi Protected Setup’, again, anyone with access to Google can crack it.

Disable the “Broadcast” of your SSID (Wireless network). If others cannot ‘see’ it, it is that much harder to hack. When you add new devices, they won’t ‘see’ the network however you just need to type in your network / SSID name and password, they will then find it.

If your router gives you a choice of “wireless mode” you should select “G/N” if avaliable. Some only let you choose “B/G/N”. Most Apple products and new PC products (3 years and newer) use either the “N” or “A” standard. “B” is the slowest and if a “B” device gets on your wireless network every thing slows to its speed, think of it like the slowest driver on a road, the speed limit might be 300MPH but if granny is going 11MPH then everyone else is too. “B” = 11Mbps, “G” = 54 Mbps, “N” = 150 Mbps, many devices double the “G” to 104 and some triple the “N” to 450, so you can see why, if your router lets you, you want to not allow “B” devices on your network.

That is about all for a basic securing of your home network from a hardware router perspective. To configure your specific router, get the name and model, go to “www.duckduckgo.com” (a Google alternative) and type the information in with the words ‘how to configure’. I would suggest starting with the manufacturers web site before going to a ‘tech’ site.

Until we meet again, have a virus free week!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.