Home Network Defense Center

June 12, 2018 | Views: 5041

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

When I test network security, I frequently get asked “How can I protect my house network?” After I discuss the “typical solutions” (good passwords, configurations, MAC filters, permissions, firewalls, IDS, etc.), some people reach the conclusion that all those solutions are “too passive.” When they work, they simply block possible attacks, and we have to simply trust them to work, blindly. Sometimes, however, that is not enough!

Imagine you are on your home network, alone. How can you be sure you are alone? How can you be sure that you are not having your traffic redirected by a Man in the Middle (MITM) attack? Even if you find an intruder inside your network (an unknown device), how much time do you need to connect to your router and “kick him off” of your network?

A few years ago, I started playing with a Raspberry Pi computer out of curiosity. I found out that even with all those “good security rules,” I always had people trying to invade my network. So, after a few experiments, I found out that using a Raspberry Pi as a “Network Defense Center” was very effective and cost-efficient.

After connecting a Raspberry Pi to a monitor and installing Kali Linux on it, we have all the tools needed to monitor our network, and the tools that give us some “offensive” capacity to repel intruders, all combined on an energy-efficient computer (great for being plugged in 24/7). That way, we can use IDS, all those good security policies, etc. and still have an active role in protecting and monitoring the network ourselves.

  • We can monitor our network in real-time with Airmon-ng, which allows us to see exactly how many devices are connected, as well as the MAC address of each device. This is great to make sure that we really are alone on our network while, for example, using net banking.
  • We can monitor for suspicious packets and requests using wireshark, or even tshark (terminal-based wireshark).
  • We have total control of our network, we can monitor who sends information and where, who asks for information, etc. We can also use nmap to make regular port scans to make sure no suspicious ports are used or open without us knowing.
  • We can block out any intruder sending a continual de-auth flood with airplay (That way, the attacker can’t do anything on our network).
  • We can use Mdk3 as a “Panic button” to crash our own network, in the case of intrusion, for detection of anyone trying to exfiltrate information, etc.

The best part: all these actions are easily scripted to carry out fast responses to any situation that may happen, making it a fast-acting solution. (With a TFT screen, we can even have a portable device to use anywhere in the house).

There are tons of different tools, and some people even prefer other tools/techniques. These are only some options for creating a simple and cheap way to monitor and protect your home network.

 

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel