Hello everyone! I wanted to put some quick actionable tips for a better protect home network. These days tablets, smart TVs, smart home accessories such as the Nest thermostat and our usual desktops, laptops, gaming devices etc all are connected. Sometimes they are constantly connected! To protect our home network and the users, we need to take a few steps to keep our family members safe and secure.
Routers
Change default username and password to login into the router: This will protect you from scripts that try and use commonly used usernames and passwords to login into the router. Use a complex password!
Configure Open DNS: Open DNS allows all the traffic to go thru the OpenDNS servers. This setting will block most inappropriate domains for kids as well as anything serving up malware. Here are the OpenDns servers that should be used: 208.67.222.222, 208.67.220.220 If you have any problems setting up OpenDNS, luckily their Web site has pretty indepth instructions depending on which router you have. https://www.opendns.com/setupguide/
Change the default wireless ID (SSID): This is the Wireless network that your computers connect to, change it from the default, netgear, dlink, etc to something meaningful.
Force WPA2 Encryption on wireless: There are multiple levels of encryption available for wireless, The basic being WEP. Don’t Use this at all! A safe level to use is WPA2 Personal or WPA2 Enterprise.
Desktop / Laptop
Operating system Patching – Keep those patches up to date. rely on the inbuilt windows / mac update feature to do the operating system patching.
Runtime / App Patching: I Love using Ninite (windows) to do the patching for the apps and runtimes. Here is another article on using Ninite . You can download a small EXE that can update your installed apps. Sample below:
Anti-Malware: Currently all my windows machines use Malwarebytes Endpoint Security. It has been the most effective in fighting zero day viruses and specifically against ransomware.
Enable the firewall: I use the default windows firewall to limit connections to my computer. If you are comfortable with using the command prompt, run this command:
- NetSh Advfirewall set allrprofiles state on
You can also do this via the control panel:
Use an account with minimum priveldges: Don’t use an administrator account for your daily activites. Ie: Conduct your daily activities with minimal rights and when you need to install something, switch into elevated priveldge.
Browser:
Use a “smart browser” – Google Chrome or Firefox. Hands down I use both Chrome and Firefox, there are way too many benefits of using these two browsers over IE. Here is an indepth article on them and the plugins that are available. Plugins
Backup your data
I’m a strong believer in having backups! You can never have too many. These days viruses such as ransomware can wreck havoc on your files, photos, documents…everything. This virus will encrypt everything that is on your computer. Only way to recover once you have it… you guessed it… is to restore using backups. I’m a big user of Carbonite for my backups.
I hope to have covered some actionable tips to implement for locking down our home networks, Please leave a comment if anything needs to be elaborated on.
And Thanks again for visiting the blog! Please be sure to check out the resources page.-Vik
Leave a Reply