Home Network Security Question

[daskel]

I'm trying to figure out the best way to secure my home network. Can anyone point me in the right direction or provide some tips on what to buy or how to approach this. A work buddy advised me to buy a hardware firewall. Is this the way to go, or is there a cheaper alternative.

Thanks... by the way I'm a noob.

[Sparda]

How are you connected to the internet? Wireless? Computer(s) run which OS?

Proverbially if you are connected to the Internet your network isn't secure. You can only put metaphorical 'road blocks' in place to catch the majority of the stuff.

[decepticon_eazy_e]

I'm trying to figure out the best way to secure my home network. Can anyone point me in the right direction or provide some tips on what to buy or how to approach this. A work buddy advised me to buy a hardware firewall. Is this the way to go, or is there a cheaper alternative.

Thanks... by the way I'm a noob.

Yes, please give us details and we'll nitpick and argue over the best solutions. That's what we do here!

OS?

Multiple computers?

Gaming system?

Wireless?

Network Devices?

Modem?

Broadband type?

etc..

[WhollyMindless]

We'll even disagree and make it even more difficult.

Another question that hasn't been asked is what kind of concerns do you have?

Security is really about risk management and usually when someone asks about "securing" they want to address the fears they have. One fear is not knowing what to be afraid of. That's OK too.

[daskel]

Yes, please give us details and we'll nitpick and argue over the best solutions. That's what we do here!

OS?

Multiple computers?

Gaming system?

Wireless?

Network Devices?

Modem?

Broadband type?

etc..

XP, Leopard... xbox360. I have 3 Computers hooked up through a wireless router. My ISP is through quest and I have the modem going to my router. I use the 360 as a media center, and the laptops for various stuffs. I have my main desktop jacked into the router... everything else is wireless.

My main desktop has all my stuff on it (movies, music, ect.) I use that as a kind of server I guess...

The thing is I download a lot of stuff... probably too much. At any rate I want to make my home network as secure as possible. I have a cheap Dlink wireless router (WBR-2310).

My ISP is through Quest, Fiber Optic DSL, (only thing going in my neighborhood) I got a Quest M1000 Modem.

I guess I'm worried about what I download, who can see it, and whats stored on my hard drives...

Thats about it... any ideas?

[Sparda]

Your concern has the inflection that you do not wish to have what you download been monitored. If this is the case the only way to stop your ISP monitoring what you are doing is by using a VPN tunnelling service or TOR. It won't stop them from seeing you hog bandwidth.

As for the FBI raiding your house and examining your hard drive, use full disk encryption. It will at least provide plausible deny-ability.

Did I read between the lines enough to understand your question correctly?

[daskel]

Your concern has the inflection that you do not wish to have what you download been monitored. If this is the case the only way to stop your ISP monitoring what you are doing is by using a VPN tunnelling service or TOR. It won't stop them from seeing you hog bandwidth.

As for the FBI raiding your house and examining your hard drive, use full disk encryption. It will at least provide plausible deny-ability.

Did I read between the lines enough to understand your question correctly?

yea you are on the ball... pretty much exactly what I'm saying. So where do I start?

[Sparda]

This means your question is relatively little to do with security and more about privacy and keeping data hidden (hiding data and security over lap a bit).

Full disk encryption: TrueCrypt

The closest thing to anonymous web browsing: TOR

[mshenoy]

I have a related question to this.... like for securing my home wifi network using windows and/or linux as my OS to access the wifi what are the best ways to secure the network except what you mentioned earlier to hide data.... like TOR and Truecrypt ...those are by all means gr8 tools...

What i wish to achieve is anonymity more like BITBLINDER if you guys have heard about it.... Like Can i make a vpn network as my home network ? Any tips are welcome... I just want to learn what various ways there are to achieve these.

[Sparda]

Security for wireless? WPA encryption!

[mshenoy]

no not like WPA... I do have WPA setup I mean something more like a home vpn or sort of like that ... is an home vpn possible ?

[barry99705]

no not like WPA... I do have WPA setup I mean something more like a home vpn or sort of like that ... is an home vpn possible ?

Yes, it's the only way my wireless clients can see my wired clients. I don't thing even TOR is going to help you hide what you do from your isp, I could be wrong though. You're also not going to be hiding what you're doing from whoever is running the tor exit node. Honestly, I'd trust my isp over tor. Hopefully you're running wpa2 with a good password.

[Jonny190]

If you are going to go for a hardware firewall try to pick up a cheap pc and get astaro security gateway for home user

[The Sorrow]

Essentially it breaks down to your wireless which is the front gate to your network. How well is your wireless protected WEP (hopefully not) or WPA. Then the router itself, got firewall software on it? Then its securing your individual PCs, if your really paranoid use a firewall on each individual one.

[doyouhas]

How are you connected to the internet? Wireless? Computer(s) run which OS?

Proverbially if you are connected to the Internet your network isn't secure. You can only put metaphorical 'road blocks' in place to catch the majority of the stuff.

Since when does the definition of security entail complete and utter isolation from all other connected systems? It's about setting up the best practices to keep what you don't want out and allowing access for what you do want. You're trying to sound all philosophical and it didn't work. Although I know what you're talking about, in fact I don't know where I heard it (mentioned somewhere in 2600 I believe), but the article said the most secure system is the one a thousand feet underground, not connected to anything, encased in a foot of concrete. The system doesn't do you much good since you have no ability to access it.

Apply best practices to keep your network safe and remember there is no way to protect yourself against every single type of attack, it's not worth the effort especially when you're just talking about network security because it's not worth losing (exorbitant) amounts of sleep over. If someone is so totally dedicated about breaking into my home network and spends days, maybe even weeks planning an attack...I would be quite flattered that they think my data is that damn important.

[decepticon_eazy_e]

Since when does the definition of security entail complete and utter isolation from all other connected systems? It's about setting up the best practices to keep what you don't want out and allowing access for what you do want. You're trying to sound all philosophical and it didn't work. Although I know what you're talking about, in fact I don't know where I heard it (mentioned somewhere in 2600 I believe), but the article said the most secure system is the one a thousand feet underground, not connected to anything, encased in a foot of concrete. The system doesn't do you much good since you have no ability to access it.

Apply best practices to keep your network safe and remember there is no way to protect yourself against every single type of attack, it's not worth the effort especially when you're just talking about network security because it's not worth losing (exorbitant) amounts of sleep over. If someone is so totally dedicated about breaking into my home network and spends days, maybe even weeks planning an attack...I would be quite flattered that they think my data is that damn important.

Isolation is the definition of absolute security. In every aspect of the word. Your money/jewels are safest in a bank that nobody can get in.. A prisoner that is highly risky is safest in solitary confinement.. A computer that has no internet connection is the best way to "protect yourself against every single type of attack".

This is not always practical (obviously), so you limit as much exposure as possible, those are the best practices. Keeping a computer offline and isolated is absolutely the best way to keep it secure.

I didn't say it was realistic or practical, just secure. I like to use this analogy... Teaching abstinence as a method of birth control and "safe sex". Sure it works every time, but to think everyone is going to practice that method is just narrow minded and naive.

[barry99705]

Isolation is the definition of absolute security. In every aspect of the word. Your money/jewels are safest in a bank that nobody can get in.. A prisoner that is highly risky is safest in solitary confinement.. A computer that has no internet connection is the best way to "protect yourself against every single type of attack".

This is not always practical (obviously), so you limit as much exposure as possible, those are the best practices. Keeping a computer offline and isolated is absolutely the best way to keep it secure.

I didn't say it was realistic or practical, just secure. I like to use this analogy... Teaching abstinence as a method of birth control and "safe sex". Sure it works every time, but to think everyone is going to practice that method is just narrow minded and naive.