1. Home Network Design
The Internet Service Provider (ISP) may provide a cable modem with routing and wireless capabilities as part of the consumer contract. To maximize the home user’s administration control over the routing and wireless device, deploy a separate personally-owned routing device (a) that connects to the ISP provided router/cable modem. Figure 1 depicts a typical home network configuration that provides the home user with the network infrastructure to support multiple systems as well as wireless networking and IP telephony services (b).
2. Implement WPA2 on Wireless Network
The wireless network should be protected using Wi-Fi Protected Access 2 (WPA2) instead of WEP (Wired Equivalent Privacy). Using current technology, WEP encryption can be broken in minutes (if not seconds) by an attacker, which afterwards allows the attacker to view all traffic passed on the wireless network. It is important to note that older client systems and access points may not support WPA2 and will require a software or hardware upgrade. When researching for suitable replacement devices, ensure that the device is WPA2-Personal certified.
3. Limit Administration to Internal Network
Administration of home networking devices should be from the internal-facing network. When given the option, external remote administration should be disabled for network devices. Disabling remote administration prevents an attacker from changing and possibly compromising the home network.
4. Implement an Alternate DNS Provider
The Domain Name Servers (DNS) provided by the ISP typically don’t provide enhanced security services such as the blocking and blacklisting of dangerous and infected web sites. Consider using either open source or commercial DNS providers to enhance web browsing security.
5. Implement Strong Passwords on all Network Devices
In addition to a strong and complex password on the wireless access point, a strong password needs to be implemented on any network device that can be managed via a web interface. For instance, many network printers on the market today can be managed via a web interface to configure services, determine job status, and enable features such as email alerts and logging.
No comments:
Post a Comment