Some questions that are always on people’s minds are, “Where is all my information getting routed to?” And, “Who has access to this data?” These questions are especially important when it comes to the new electronic devices making our home a “Smart Home”, such as our thermostats, Door Locks, Fridges, Television Sets, Light Fixtures, Garage Doors, etc. These devices are either connected wirelessly using your WiFi Router or a LAN connection. This means that if you do not take care of how this data is managed, it can land in the hands of an unauthorized user.
Firmware is permanent software programmed into a read-only memory. Firmware Updates takes care of bugs and any improvements on how the device takes care of a task. This means that if there is a flaw on the code on the initial or any past firmwares the Devices Manufacturer will go ahead an push Firmware to the device fixing the issue. This is a key issue when it comes to these devices as many of us simply forget to verify if they have updated the firmware it is only when the device has stopped working that we go ahead and upgrade the firmware.
Use a Network Security Key
If you have these devices connected via a wireless connection, you should configure it with a network security key. With encryption, unauthorized users cannot connect to your network. They are required to input a security key to gain access to the network. Also, any information that’s sent across your network is encrypted so that only computers that have the key to decrypt the information can read it. This will help with any unauthorized attempts to access your network and files without your permission. Wi‑Fi Protected Access (WPA or WPA2) is what I recommend as a wireless network encryption method.
If possible always use WPA2. Do not use WEP as it is easily cracked. WEP can be cracked with ease using penetrating tools such as Aircrack-ng and Aircrack-ptw. Both of these tools are similar to one another. Like everything out there, there is no such thing as a full secure system. Only a system that is not connected to a Network with no external devices connected to it is where you would get a fully protected system. I say this because even with WPA encryption, you can attack it using other methods that I will not mention, but these tools are out there and a good Network Admin would take care of blocking the way the network sends and receive data either by creating Virtual LAN or other means.
As you see I am focusing on your wireless router, as a LAN connection will require physical access to any port. In this case get yourself a good Guard Dog 😉 lol.
Lets move on to other points of WI-FI tips.
If you have a router or Access Point, you must have Credentials to access the Graphical Interface where you can make changes to the router or access point. Ensure that these are not the default username and password, as this can also be a security issue. You also do not want to use the default SSID [Service Set Identifier] and make sure that the SSID is not the same as others in your area, this can lead to issues with connectivity.
One simple but major issue is positioning your router to maximize coverage. This can create issues with any wireless device as packets are lost as well as performance from the device connecting can become slow as its trying to gain access. This is simply fixed by positioning the router or access point in a location where it can serve the whole location best. You can, in some instances, reduce the power of the radio. This will enable you to restrain anyone outside of the building from gaining access.
Many “Smart Devices” utilize servers to interact with services. One example is Ivee, a smart Clock that interfaces with devices such as the nest and smart switches and locks. This device connects to the services of the Nest and other devices through their account. This means that if someone gains access to this one device they have access to all of your devices. This device does not require any Port Forwarding to communicate back home nor any authorization to make any changes. This is why when thinking about a smart device that is based on “The Cloud” you have to get some time to read about how it communicates, and if you are ready to allow this communication to happen. One easy way to monitor your traffic is by getting an old computer and installing a firewall Operating System on it and adding some gigabit NIC cards [Network Card Interface] that will serve as a mediator if you will.
PF Sense Firewall
Pf Sense is an Open Source Operating System that will serve as a Firewall for your home or business network. I should say Small business. I personally use it in my home along with some Switches and a 24 port Cisco Switch that I love. This enables me to add Virtual LAN’s, Set NAT configurations for Gaming and Surveillance Equipment, along with the ability to monitor in and out of my home how traffic of data is being transmitted or distributed. I have some devices that are on one switch that are for when I have guest with its own router. This will allow them to have an internet connection and keeping them where I want them. I can also do traffic shaping and select which items have more priority over others.
In the end its about learning how all of your devices work and not having to cover up that web cam on your “Smart Television” or Laptop. In this day in age we give up a lot of information with all of these Social Networks and then ask ourselves how come this company has all of my information. The “Company” knows you better than you do. With smart devices we choose to give up confidential information, as these know when we are home, what lights are on when and where we were etc..
Lets learn how to handle information more efficiently and to expose what you do not want on the internet. Once its on the NET it will stay on the NET.