Home security

HI dear,
Apologies in case i didn't use correct terminology, and excuses for my english, after reading the latest leaks regarding zero year and so on... and after checking the leaks from hacking team company last year and discovering that my goverment was on the list with a contract for their softwear and servers etc..

The concerns are and will be for the below right now:

Knowing that nothing is totaly safe and we need to update our knowledge cyber wise,

I want to secure my house from unauthorized access to every device in it such as the:
- door video bell which is connected to  internet through wifi
- Cctv which is also connected to internet
- smart tv wich will be connected
- smart devices which i need to control it through tablets connected also to internet
-pc that will run softwear for the above smart devices such as dimmer and relays and smart sensors curtains ir and rf repeater devices.

Now i will share what i did and what i think i can do and if anyone could please let me know if its fine or not.
 
-I will use the network port instead of the wifi for door bell even if it will limit the function and i mentioned the door bell because it can unlock the main door of my flat which is assembled not purchased ready, to avoid any complications. But still i need to secure the router and to acces the service i have to use the cloud service provided by the seller which is not safe for sure.

-I had to buy 2 Dvr one will be for inside the house and wont be connected to internet while the other i will connect it and will activate only the cameras mounted outside the flat.

For the other issues i was thinking to use my old pcs and any other pc i can find to build my own server and if possible to have a firewall beside the one that is covered by the routers and modem or the OS used.

Now how effective will be to have my own server and how safe it is if definitely anything could be hacked and is their a way to route the internet connection through a server or a device and then allow or forbide any device from sending data since reciving wont affect in case of smart tv as i undertood from the latest leaks since they will open the camera and or Mic while tv is off but that mean sending and recieving so if you stoped the sending recieving the order wont affect maybe, even though as i undrstood packets needs to go both way in case of connection to internet or else it wont be established.

Finaly any advices beside getting rid of what technologies and human made and provided to use for good but others decided to abuse? I mean it does worth defending our selfs if not taking counter measure at least.
Antone HNAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
You cannot (repeat cannot) prevent anyone from looking at your Wi-Fi signals.

1. Use very strong passwords and WPA2 or AES for Wi-Fi security.
2. Make certain computers have very strong passwords.
3. Make sure all your devices are password protected.

If this is not adequate for you, turn Wi-Fi completely off and use wired connections.
0
Antone HNAuthor Commented:
Thank you John appreciate your advices.
0
Tom CieslikIT EngineerCommented:
If you can then purchase some professional firewall like Sonic Wall and limit WIFI access to your known MAC address devices.
If it's not a problem for you, try to hide your SSID name for your WIFI. You'll know it so only you going to be able connect to WIFI.
You can also limit WIFI connection only to known MAC addresses so anyone who will get access to your WIFI is not going to be able get access to your network because this restriction.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

JohnBusiness Consultant (Owner)Commented:
This is a good of course, but people can sniff Wi-Fi packets and see what it being transmitted including the SSID.
1
Antone HNAuthor Commented:
True Tom this is what i am currently doing enabling  mac address filter and hiding the SSID plus disabling the fast secure connection function but i spent some time reading on nullbyte website and they teach people how to sniff and uncover hidden networks using KALI and other penetration courses so its quite general what i wanted is to protect my house when using the internet ...WiFi is a risk that you must take i even had an idea of buying basic range WiFi router so it will serve nearby devices and attacker may need in this case to be close to my house somehow to perform any network sniffing act even when using external compatible long range WFi devices.
0
JohnBusiness Consultant (Owner)Commented:
People can sniff your Wi-Fi (as noted earlier)  but if it is properly secured, the hacker will have to sit outside your house for several days. I think you might notice.
1
masnrockCommented:
If you've looked up about how one can still sniff out hidden networks, then you will also know how one can get around MAC filtering as well. A key is that you're using a reasonably complex password for your WPA2 network with AES encryption. Your ideal situation would be preventing remote access to any devices on your network. The moment you allow access, there's a risk. Until the manufacturers release a patch, you're shot in the foot. Smart TVs cannot really be secured at this point because they give up so much data and so on. You could disconnect it from your network and use a device like an Apple TV or Roku instead. They're far more secure devices. However, that does start to defeat some of what you seek to do.
1
John TsioumprisSoftware & Systems EngineerCommented:
Well if you have so many concerns about Wifi then the solution is rather not to use it...just cable eveything and limit use of Wifi to bare minimum...The issue is not what your are going to do in order to protect you from hacking but what a hacker is going to get if they hack you...
Almost none will pay attention for your family photos or your childhood memories...but if you have possession of a secret that worths millions then they will find a way...and usually the wicked link in the security chain is the human...a beautiful woman can accomplish much more than an army of hign end hackers....
0
Antone HNAuthor Commented:
Thank you masnrock and all for your advices, maybe i wasnt clear enough, wifi is a secondary concern since the main door of the Flat is linked with the door bell, i will use your advice and try to make the pass complexed.

Now John answer, internet is a highway and the question is not what kind of secrets i may have, rather should be what they can do, and again according to hacking team and the exploits projects they were working on, it was not to check your childhood pictures or get secrets, its your freedom which they can end it by exploting any of your connected devices and placing things that shouldnt be and wasnt on your device in order to have(fake) evidence when they decide to prosecute you or black mail you, the question rather be why not you?

I am sorry i didnt want to argue over this but we are not in a safe world and i understand that security is preventive act , and when you live in places that respect you rights and privacy you dont have to worry, when it comes to mass surveillance by the authority's i would prefer to protect my self before bad things happens and when you are in small country you should be concerned if any teenager decided to scan and check open ports on your devices connected to internet or your neighbor decided to screw you and write a report about you and how bad you are and provided it to the concerned departments where they can simply decid to do the needful to keep you behind bars using latest tech, and if it dosnt hapens in EU or US its hapening somewhere else and will happens more often if people keep going easy on theirs privacy, i might be so sceptical but as i said i rather protect my self and take it seriously without having to loose the chance of using latest tech as all humans should.
0
JohnBusiness Consultant (Owner)Commented:
I am not entirely sure how your analogy fits. You cannot prevent Wi-Fi from being sniffed.

So as I and others said, if you cannot secure to your satisfaction, do not use Wi-Fi but rather wired Ethernet for your devices.

Do not use any device that does not have an Ethernet connection.
1
Antone HNAuthor Commented:
I am sorry John Hurst i was commenting on John Tsioumpris and i think am done from connection part convinced also, what about hardware that i need to increase protection  server or firewall thank you
0
masnrockCommented:
I understand your point was more about the devices than wireless itself, but it's all related. Therefore, if you're looking at security, you HAVE to pay attention to the wireless as well. But even if you were on a purely wired network, most things still apply. Remote access is inherently an issue. I would name the approach of trying to restrict remote access by IP, but you're not guaranteed that the public IPs you're going to access things from are always going to be the same. And as I mentioned, the smart TV is far more out of control than you'd like to hope. You can try to request that it doesn't submit certain data. Biggest key with it is NOT to use it for web surfing.

As for your server, the moment you allow external access, it comes down to the usual risks. You also need to make sure that you keep that server patched, as well as securely configured. What were you looking to load onto it? Depending on your thought process we could possible give a more optimal answer
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Antone HNAuthor Commented:
Thank you masnrock , now we are talking as i inderstood a server could be used to store, backup, or even host email and so on.., the thing which i couldn't find before i bumped into this web of experts, is can i use it as secure platform for accesing my CCTV and Smart Home system which has SBus and ethernet port on the main module the "logic module" or this will be just a remote conmection to my old pc with modification if needed, after download any server OS ?

Can i use it to route the connection to my other devices and monitor traffic or now we are talking about firewall thank you.
0
masnrockCommented:
You could use the idea of a jump server... that's an approach you could take...
1
JohnBusiness Consultant (Owner)Commented:
Thank you and I was pleased to help you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Home Security

From novice to tech pro — start learning today.