- Jun 15, 2023
- 226
What kind of router or devices can protect the whole network, that's not too expensive.
Recommended Product or Devices to Secure Home Network?
- Thread starter Azazel
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Mar 2, 2023
- 794
I'm hoping others will post here as well, as I like your question.
I have a mid-tier Linksys router from Best Buy for my home network. I'm not sure at what point more money makes it more secure, and what those features would be, besides maybe speed and range? I think the concern is an excellent password, set at WPA2 encryption, configuring the Wi-Fi and Security settings and checking for firmware updates.
I do like Kaspersky Plus Smart Home Monitor feature, as I can take a quick look at all the devices connected to my network, without logging into my online Linksys account and checking the Device List panel. I'm sure there is an app as well that I haven't used, to monitor connections, connected devices.
edit: and I'm not sure if spending a lot of money on a router makes sense$$, as from what I understand they usually don't have a long life expectancy. But, maybe you get what you pay for in that regard? My TP-Link router lasted about 5 years before my connection started dropping off and this router resolved that issue.
I have a mid-tier Linksys router from Best Buy for my home network. I'm not sure at what point more money makes it more secure, and what those features would be, besides maybe speed and range? I think the concern is an excellent password, set at WPA2 encryption, configuring the Wi-Fi and Security settings and checking for firmware updates.
I do like Kaspersky Plus Smart Home Monitor feature, as I can take a quick look at all the devices connected to my network, without logging into my online Linksys account and checking the Device List panel. I'm sure there is an app as well that I haven't used, to monitor connections, connected devices.
edit: and I'm not sure if spending a lot of money on a router makes sense$$, as from what I understand they usually don't have a long life expectancy. But, maybe you get what you pay for in that regard? My TP-Link router lasted about 5 years before my connection started dropping off and this router resolved that issue.
Last edited:
- Oct 3, 2022
- 380
If you have an older unused PC, you can add an ethernet adapter (making a total of 2) and install pfSense firewall with IPS (intrusion pervention system) . It is open source and you can obtain threat signatures from 2 sources for free (instructions included) . So you place this PC between your modem and your router and it will protect the network. pfSense® - World's Most Trusted Open Source Firewall
WiFi has Peer to Peer mode, which means a nearby attacker ( if you live in an apartment ) can connect to your laptop directly, bypassing the firewall. To stop this, go to Control Panel > Device Manager. Expand Network Adapters. Pull down the View menu and choose Show Hidden Devices. Right click Disable the Microsoft WiFi Direct Virtual Adapter. WiFi Direct is the MS term for WiFi Peer to Peer mode. WiFi will still work with this disabled. Of course you have to do this individually on each PC.
Set up malware protection by changing router's DNS to Quad9 server: 9.9.9.9 and 149.112.112.112 ,
And you may also want to do this: Setup Idea - Stop Lateral Movement on a Home LAN
Also you may want to setup a free EDR (endpoint detection and response) that is web based and monitors threats and attacks on all PC's. Discussion Thread - Comodo Endpoint Detection and Response (EDR) is now open source! . True security cannot rely on automatic responses like antivirus, it requires monitoring and vigilance.
WiFi has Peer to Peer mode, which means a nearby attacker ( if you live in an apartment ) can connect to your laptop directly, bypassing the firewall. To stop this, go to Control Panel > Device Manager. Expand Network Adapters. Pull down the View menu and choose Show Hidden Devices. Right click Disable the Microsoft WiFi Direct Virtual Adapter. WiFi Direct is the MS term for WiFi Peer to Peer mode. WiFi will still work with this disabled. Of course you have to do this individually on each PC.
Set up malware protection by changing router's DNS to Quad9 server: 9.9.9.9 and 149.112.112.112 ,
And you may also want to do this: Setup Idea - Stop Lateral Movement on a Home LAN
Also you may want to setup a free EDR (endpoint detection and response) that is web based and monitors threats and attacks on all PC's. Discussion Thread - Comodo Endpoint Detection and Response (EDR) is now open source! . True security cannot rely on automatic responses like antivirus, it requires monitoring and vigilance.
Last edited:
- Oct 3, 2022
- 380
I should add that hackers do not rely on malware that is detectable by common AV's. They test their tools against common AV's to make sure that they are not detectable before deploying them. So if you are relying on your anti-malware to stop hackers you will be defeated every time. My 'red team' has never used a tool that my various big name AV's could detect. Examples are remote access tools and windows features disruption tools. That is where an EDR like Comodo's OpenEDR comes in. Windows events record everything. It's just that the major AV's don't identify them as suspicious. But a human can see that something sticks out and shouldn't be happening. An example is a 'create executable' event or a 'DotNet compiler execution' event happening when you did not install anything. AV's won't blink but a human will know something is wrong. And EDR's has the comprehensive Mitre Att&ck hacker tactics covered. It filters Windows events and raises Alerts for you to review and decide upon. Most importantly, it tells you that your defenses has a hole and you need to address it. If you are serious about security, you should have an EDR tool - it is an essential layer of defense.
Last edited:
Similar threads
