Securing Your Home Network

Standard Router Settings

  • Change the name of your default home network
    • Don’t make it a recognizable name
    • Don’t put your name it it
    • No street names
    • If you are in a congested area, you might want to hide your network and turn off SSID. Places like NYC, SFO, Tokyo etc
  • Enable network encryption SPA2 AES or soon to be out WPA3
  • Enable guest network for your guests.
  • Set a strong password for your admin user name and wireless access
  • Disable remote access for router
  • Always keep routers firmware up to date
  • Disable remote access for router
  • Disable IPv6. Its routable and not behind NAT – Cover greater detail later

Extreme Router Settings

  • You can change the default IP address on wireless router
  • Turn off DHCP and set IPs manually
  • Allow network device ONLY by Mac Addresses
  • Turn off when not home

General Network Securing

What is NAT (network address translation)

IPv4 & IPv6

Autoconfig of IPv6 can leak your MAC address to identify your individual computer
NAT only works with IPv4

Optional Additions Covered Later

Add a VPN to your individual computer & mobile device

Add a Pi-hole to your whole house network