How to keep your Home network and NAS safe


How do hackers attack you

  • Zero-day
  • Phishing

Zero-day when attackers attack from outside through outdated software, through known vulnerabilities that are not yet patched.


 


How to secure your Network?

  1. Secure your router
    1. Check open ports and close unnecessary ports
    2. Enable firewall
    3. disable ping response
    4. disable port forwarding [if there is no firewall and other measures in place]
    5. disable router remote management option
    6. Use WPA2 or newer WiFi mode and make sure the password is strong
    7. Use VPN
  2. Redesign your internal network
    1. Keep your network devices under different network segments
    2. Use switches with built-in firewalls and filters [Ubiquiti UniFi Dream Machine or unifi software]
  3. Configure internal devices and NAS
    1. Enable firewall
    2. install antivirus / security monitor
    3. use VPN
    4. enable an auto Lock feature
    5. two-step authentication
    6. close unnecessary open ports/ change them to different ones
    7. disable admin account
    8. make strong passwords
    9. enable powen on/off schedule
    10. Separate volume (for OS, snapshots)
    11. have regular backups
  4. Enable automated updates
    1. router firmware
    2. internal devices

 


How to scan your open ports ?


Use port scanning websites or run a scan from neighbors or friends network – remotely.


Get your external IP


Run a scan


From online websites


From your friends house


You can also scan only for open ports )all of them or just specific ports) instead of vulnerabilities


 


How to secure your router?


Disable upnp and port forwarding


Disable Respond to Ping


Increase firewall level or set manual rules


Also disable DMZ access


 


 


 


Redesign your internal network


Do not allow hackers connect to your NAS via cheaper iot devices. Keep them seperate.


 


Keep your NAS accessible only from particular internal IP address and enable brute force attacks


 


 


Configure internal devices and NAS


Enable automatic logout and enable HTTP attack protection


 


Enable two factor authentication


 


Enable Account protection


 


Enable Firewall


 


Enable Autoblock


 


Enable DoS protection


 


Use Security Advisor to scan for open volnurabilities on your NAS


 


 


 


 


 


 


 

Posted in UncategorizedTagged ,

DISCUSS with others your opinion about this subject.
ASK questions to NAS community
SHARE more details what you have found on this subject
CONTRIBUTE with your own article or review. Cick HERE
IMPROVE this niche ecosystem, let us know what to change/fix on this site

ASK YOUR QUESTIONS HERE!