• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 211
  • Last Modified:

Help with a Secure Home Networking Setup

Hello experts, I need some advice on the best way to set up my home network so that I can have a nice balance between convenience and security.  Here is my situation:

I have the following devices:
  -Linksys cable modem
  -Hotbrick 401 firewall
  -Dell Truemobile 2300 WiFi router
  -Two PCs (with Norton Internet Security installed)
  -Iomega 250gig "Network" hard drive
  -One Dell Pocket PC with Wireless card

Here is what I want to do:
  -Browse Internet with my PCs (duh)
  -Wirelessly Browse the internet with my PPC (it only supports WEP encryption)  :(
  -I do NOT want my 250gig HD exposed to people on the internet or a potential hacker of my WiFi point


What can I do?  I was thinking about having the devices hooked up in this order.  Internet -> Cable Modem -> Dell WiFi Access Point (so I can browse internet with PPC) -> Hotbrick firewall -> 3 devices connected behind firewall (2 PCs and 1 network HD).

If my 2 computers and 1 network HD are behind the firewall, would they be in danger if the WiFi access point got hacked?  Are there steps I can take to protect my 3 devices and still browse internet wirelessly?

Thanks in advance.
0
Shiseiryu1
Asked:
Shiseiryu1
  • 3
  • 3
1 Solution
 
Paul_Howard_D7Commented:
Hi there,

Place them in this order,

Internet > Cable Modem > HotBrick > Wireless AP

Segment the LAN from the internet with the Firewall, then place the AP behind the Firewall with a HUB if needed, if you can afford it purchase a wireless AP thats supports WPA or try to find out if there is a firware upgrade for the Dell one you have already.

By placing the Wireless AP behind the Firewall your minimising the available attack vectors on the AP, it will still be at risk from the AIR so to speak but thats down to the security and settings of the AP itself. The Firewall should protect you from attacks comming from the internet to the LAN.

Hope this helps

Paul
0
 
Shiseiryu1Author Commented:
What if I connected my computers/network hard drive directly to the hotbrick (it has 4 ports) and placed the Wireless AP in the DMZ.  I would then only use the Wireless AP to browse internet on my PDA, but nothing else.  Then even if someone did hack my AP, they wouldn't have access to my home network...they could just steal some of my bandwidth.

Also, the Dell router supports WPA, but the PDA does not. I checked for updates for the PDA but I'm not having any luck.  

What do you think?
0
 
Paul_Howard_D7Commented:
Yes this would work fine, and would segment the network further providing better granularity, just remember to deny all from the DMZ > LAN but allow web access out from the DMZ > Public and then this would be fine.

Paul
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
Shiseiryu1Author Commented:
Would there be any difference between putting the AP in the DMZ vs. putting the AP in front of the firewall?  I was thinking about putting the AP in front of the firewall that way I wouldn't use up an extra port on my firewall.  

Thanks.
0
 
Paul_Howard_D7Commented:
Yes as your shielding the AP from the Public internet,



                 Internet
                      |
                      |
                 Hotbrick--------Wireless AP
                  |       |
                  |       |
               PC's    HDD

As you look at the flow of data, it has to passthrought the Hotbrick to get the the AP from the Internet giving controll of what passes through.

Anything infront of the Hotbrick will be outside the realms of controll, but anything behind it and on the DMZ will be subject to the filtering rules of the device.

Paul
0
 
Shiseiryu1Author Commented:
Thanks for your help.  Also, nice diagram  ;)
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now