Home networks are lesser-known but legitimate hacking targets. Even if you are not a business owner, you still have to worry about the security of your home network, as this is where many people store valuable information. If your home network is not adequately secured, it is only a matter of time until it is breached by a hacker, who could be looking to pilfer confidential information, steal a target's identity, or sell valuable data for a quick profit. Here,
Ravi Bahethi, president of Terranet, Inc., shares three digital security tips that will safeguard your home network.
1. Alter the Router's Administrator Credentials
You can use any device connected to your home network to access the console. The administrator account on routers is typically set up with the same password and username for every single unit sold by the manufacturer. The administrator account provides control over the entirety of the network configuration. Tech-savvy individuals will be able to connect to your home network's router and look up or guess the login credentials, making your network quite vulnerable. If a hacker accesses the administrator console, they can alter the administrator password and lock you and your loved ones out. Make sure to change the router administrator credentials before an intruder does so on your behalf.
If someone else accesses the administrator account on the router, you will not be able to complete the tasks necessary to maintain and improve wireless security. Take a look at the menu system to identify the account details. Alter the administrator account's password to a random set of numbers and letters. These letters/numbers should be at least 12 characters in length. Jot down your new password and store it in a safe space before logging out of the console.
2. Have Two Home Networks
Many modern wireless routers provide the ability to have two wireless networks in your home. One can be used as a “guest” network, where you allow persons and equipment you don’t trust to have access to the Internet. The second can be used as your “home” network, where you allow persons and equipment you trust to exist and access the Internet. The home network should only be used with items that you can control and have access to, such as personal computers, printers, and a Network Attached Storage (NAS) device. The two networks--guest and home--exist in the same location but do not overlap because each one uses a different Service Set Identifier (SSID).
3. Hide Your Home Network
There is no need for your router to broadcast the SSID. Block the router from transmitting this identifier and your wireless internet will be hidden from view. Devices with stored connection data will still connect, but onlookers will not see it. In most cases, the list of networks visible to outsiders will display the words "hidden network" or something similar. Those who do not know the network name will not be able to connect to it.
The only potential downside to hiding your home network is the challenge of hooking up a new electronic device to your wireless internet. Temporarily activate the SSID broadcast so the new gadget can access the network, then establish a connection by entering the password. Once the new device is connected, hide the network so eavesdroppers cannot access it.
4. Employ DNS Filtering
Protect your network by preventing people and equipment from within from going to websites known for hacking, spamming and malware. Domain Name Server (DNS) controls or filtering can help prevent you from accidentally accessing these sites. Consider using a service such as OpenDNS or CleanBrowsing, or try a gateway or in-house DNS filtering server such as NxFilter and Untangle NG. Both methods block access to certain sites through the DNS lookup by redirecting the lookup to its server and checking the URL against a database. The database contains a list of harmful sites and is updated continuously. DNS filtering is very necessary because although you cannot control the people in your network, you can control the sites they visit. For maximum security, DNS filtering should be implemented on both your guest and home networks.
5. Mind the WPS
WPS is short for “wi-fi protected setup”. WPS makes it easy for new gadgets to identify the network and connect to your home network's router. If the router has a WPS button along the back, pressing it transmits a signal that adds the device to the network, passing on the login credentials so there is no need to type in a text password. It is also possible to enter the eight-character code in the device's network settings. However, the default code can be cracked by an experienced hacker with ease. If the router you use for your home network has a WPS button, turn off the capability for WPS code and strictly use the button. If no such button is on your router, altogether disable WPS to ensure a malicious party does not compromise your network.
About Ravi Bahethi
Ravi Bahethi is a programmer and systems engineer who has devoted his career to designing and managing complex systems throughout their life cycles. He loves all things related to technology, and outside of work, he enjoys exploring the great outdoors, reading books, and irony. Ravi is also a strong team leader and has experience working with both
government and industry clients.