Personal Internet Security: Secure Your Home Network
When it comes to home network security, many people are completely unaware of what they can do to protect their own networks. Though safe browsing habits help keep your information safe, taking personal Internet security measures boost your protection even more. In this article, we'll cover several ways for you to protect your home network and surf online safely, including hardware firewalls, virtual private networks, and computer hosts files.
The importance of personal Internet security
When most users on a computer network go to protect their home network, they'll invest in antivirus software and maybe a personal security firewall. While these are good first steps, they are unfortunately not nearly enough to protect you when browsing the web.
Most malware that gets through to computers comes from email or website visits. The malware is designed to inject something on your computer when you interact with the site. Properly-configured antivirus protection helps with both of these.
However, there are levels of protection that supersede even these. With the proper personal Internet security, you can keep your browsing private and hide your IP address, which is normally collected by sites that you visit.
Use a hardware firewall instead of modem/router combinations
One of the best ways to improve your home network security is with a good hardware firewall. A hardware firewall is different from the personal software firewall that you install on your computer. In most cases, your router, which allows multiple devices to be connected to your Internet, is a hardware firewall. However, there are many other inexpensive hardware firewall units in existence that do a sufficient job for the average home user.
We suggest saying with name brands, such as Linksys, Netgear, D-Link, Trendnet, or Belkin. Many inexpensive routers have flaws that either minimize the life of the device or do little to actually filter network traffic. These types of firewalls may run hotter than they should, or they may lack IPv6 compatibility. These traits make for a poor hardware firewall and do not offer the best protection.
Furthermore, avoid using wireless router/modem combination units. These units can represent a potential open door to your private internal network. Your Internet service provider (ISP) has direct access to the router part of the unit from the Internet. That is in and of itself contrary to the point of the router; if the ISP has access, so do others who know the ISP's methods of router access. They can connect to your networks and cause harm.
If you use a combination unit provided by your ISP, we recommend changing the router settings to put the device into bridge mode and connecting a standalone router. At that point, all the ISP or anyone else can see is that there is a hardware firewall connected. It effectively prevents all inbound access to your network. This is done by closing all ports except the ones that you specifically allow to be open.
Use a computer hosts file
Another great protection measure is putting a hosts file on each computer. Malicious websites are linked from legitimate websites, including places like Facebook. The hosts file is a simple text file.
The computer looks at this host file every time you access anything through the internal network connection, whether it be for wired or wireless connections. Then, the file redirects traffic trying to go to predefined malicious websites to the local host which is your own computer.
In essence, the hosts file prevents the request from leaving your computer to protect you. This hosts file also blocks many ads from appearing on your computer.
It's important to note, however, that you should disable your DNS client on your Windows machines. Consequently, this improves performance when running the hosts file. Also note that the hosts file is not a perfect solution. It is just another layer of protection.
MVPS updates the hosts file multiple time per year, so you should update it on your computers periodically as well.
Use caution when releasing information for Internet security
It's important to be careful about what information you offer to websites. In general, when you go to the Internet, you are exposing yourself to varying degrees, depending on where you go and how you interact with the website. Take, for example, interactions on social media sites like Facebook. Anything you post there becomes public information by your user agreement, so be very careful what you choose to post.
Take special caution with personal information such as your full name, street address, or phone numbers. Keep in mind also that any potentially embarrassing or incriminating photos put online can be accessed by anyone. Use a secure browser when you must enter personal information on a website or forum.
Furthermore, search sites like Google store vast amounts of user data. Google stores your search criteria indefinitely. Ads that you see from Google search are based on the search information you enter. This isn't to say that you should never use a search engine; however, you should be cautious what you enter.
When using online banking services or making credit card purchases on the Internet, make sure that HTTPS appears in the URL, not just HTTP. The "s" indicates a secure connection.
Use strong passwords for Internet security
Using strong, secure passwords on your account is one of the easiest and best ways to improve your home network security. As a rule of thumb, never use the same password for multiple sites.
There are four elements to a strong password: uppercase letters, lowercase letters, numbers, and symbols. A strong password includes all four of those elements in a variety of ways. There are 94 characters on the standard computer keyboard; that allows almost endless possibilities for creative passwords.
Use numerals like "5" in place of an "S". Or perhaps "V V" in place of a "W". Though a password shouldn't be shorter than six or seven characters, the length does not matter as much as the complexity. Use a password that has meaning only you would know.
Alternatively, users have the option of a password manager, which creates and keeps secure passwords for them. Roboform is a great example; users don't have to come up with their own passwords. They just need to remember the master password for the program and it does the rest of the work. If you need strong password ideas, try a password generator.
Will a proxy or VPN work for home network security?
You can use a proxy or a VPN to protect yourself against certain threats. Both these devices will mask your IP address or make it appear to change frequently. However, the websites you visit are almost never the source of malicious attacks on users' IP addresses. The things that are probing your real, external IP address are robots or systems looking for vulnerabilities.
They will attempt to gain access to your IP address hundreds of times each day, trying many different ports. This happens no matter how often you change your IP address and regardless of how many proxies you use.
These bots and IoT devices are systematic; they won't go away. While they are good security products for your home WiFi networks if you want protection when surfing the web, they won't do as much as they should in terms of overall protection.
IP address identification
Many people think that they can be identified by their IP address. This is a false belief; unless you are partaking in criminal activity, your IP address cannot give information specific enough to identify you. Only your ISP can connect your IP address to your physical address, and they will not do so unless subpoenad by a court.
An IP search can bring up the state, county, and city that the IP address is from, but even that information is often incorrect. Hiding your IP address does not improve your privacy or security in the necessary ways.