Link to home
Start Free TrialLog in
Avatar of Antone HN
Antone HN

asked on

Home security

HI dear,
Apologies in case i didn't use correct terminology, and excuses for my english, after reading the latest leaks regarding zero year and so on... and after checking the leaks from hacking team company last year and discovering that my goverment was on the list with a contract for their softwear and servers etc..

The concerns are and will be for the below right now:

Knowing that nothing is totaly safe and we need to update our knowledge cyber wise,

I want to secure my house from unauthorized access to every device in it such as the:
- door video bell which is connected to  internet through wifi
- Cctv which is also connected to internet
- smart tv wich will be connected
- smart devices which i need to control it through tablets connected also to internet
-pc that will run softwear for the above smart devices such as dimmer and relays and smart sensors curtains ir and rf repeater devices.

Now i will share what i did and what i think i can do and if anyone could please let me know if its fine or not.
-I will use the network port instead of the wifi for door bell even if it will limit the function and i mentioned the door bell because it can unlock the main door of my flat which is assembled not purchased ready, to avoid any complications. But still i need to secure the router and to acces the service i have to use the cloud service provided by the seller which is not safe for sure.

-I had to buy 2 Dvr one will be for inside the house and wont be connected to internet while the other i will connect it and will activate only the cameras mounted outside the flat.

For the other issues i was thinking to use my old pcs and any other pc i can find to build my own server and if possible to have a firewall beside the one that is covered by the routers and modem or the OS used.

Now how effective will be to have my own server and how safe it is if definitely anything could be hacked and is their a way to route the internet connection through a server or a device and then allow or forbide any device from sending data since reciving wont affect in case of smart tv as i undertood from the latest leaks since they will open the camera and or Mic while tv is off but that mean sending and recieving so if you stoped the sending recieving the order wont affect maybe, even though as i undrstood packets needs to go both way in case of connection to internet or else it wont be established.

Finaly any advices beside getting rid of what technologies and human made and provided to use for good but others decided to abuse? I mean it does worth defending our selfs if not taking counter measure at least.
Avatar of John
Flag of Canada image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Antone HN
Antone HN


Thank you John appreciate your advices.
Avatar of Tom Cieslik
If you can then purchase some professional firewall like Sonic Wall and limit WIFI access to your known MAC address devices.
If it's not a problem for you, try to hide your SSID name for your WIFI. You'll know it so only you going to be able connect to WIFI.
You can also limit WIFI connection only to known MAC addresses so anyone who will get access to your WIFI is not going to be able get access to your network because this restriction.
This is a good of course, but people can sniff Wi-Fi packets and see what it being transmitted including the SSID.
True Tom this is what i am currently doing enabling  mac address filter and hiding the SSID plus disabling the fast secure connection function but i spent some time reading on nullbyte website and they teach people how to sniff and uncover hidden networks using KALI and other penetration courses so its quite general what i wanted is to protect my house when using the internet ...WiFi is a risk that you must take i even had an idea of buying basic range WiFi router so it will serve nearby devices and attacker may need in this case to be close to my house somehow to perform any network sniffing act even when using external compatible long range WFi devices.
People can sniff your Wi-Fi (as noted earlier)  but if it is properly secured, the hacker will have to sit outside your house for several days. I think you might notice.
If you've looked up about how one can still sniff out hidden networks, then you will also know how one can get around MAC filtering as well. A key is that you're using a reasonably complex password for your WPA2 network with AES encryption. Your ideal situation would be preventing remote access to any devices on your network. The moment you allow access, there's a risk. Until the manufacturers release a patch, you're shot in the foot. Smart TVs cannot really be secured at this point because they give up so much data and so on. You could disconnect it from your network and use a device like an Apple TV or Roku instead. They're far more secure devices. However, that does start to defeat some of what you seek to do.
Well if you have so many concerns about Wifi then the solution is rather not to use it...just cable eveything and limit use of Wifi to bare minimum...The issue is not what your are going to do in order to protect you from hacking but what a hacker is going to get if they hack you...
Almost none will pay attention for your family photos or your childhood memories...but if you have possession of a secret that worths millions then they will find a way...and usually the wicked link in the security chain is the human...a beautiful woman can accomplish much more than an army of hign end hackers....
Thank you masnrock and all for your advices, maybe i wasnt clear enough, wifi is a secondary concern since the main door of the Flat is linked with the door bell, i will use your advice and try to make the pass complexed.

Now John answer, internet is a highway and the question is not what kind of secrets i may have, rather should be what they can do, and again according to hacking team and the exploits projects they were working on, it was not to check your childhood pictures or get secrets, its your freedom which they can end it by exploting any of your connected devices and placing things that shouldnt be and wasnt on your device in order to have(fake) evidence when they decide to prosecute you or black mail you, the question rather be why not you?

I am sorry i didnt want to argue over this but we are not in a safe world and i understand that security is preventive act , and when you live in places that respect you rights and privacy you dont have to worry, when it comes to mass surveillance by the authority's i would prefer to protect my self before bad things happens and when you are in small country you should be concerned if any teenager decided to scan and check open ports on your devices connected to internet or your neighbor decided to screw you and write a report about you and how bad you are and provided it to the concerned departments where they can simply decid to do the needful to keep you behind bars using latest tech, and if it dosnt hapens in EU or US its hapening somewhere else and will happens more often if people keep going easy on theirs privacy, i might be so sceptical but as i said i rather protect my self and take it seriously without having to loose the chance of using latest tech as all humans should.
I am not entirely sure how your analogy fits. You cannot prevent Wi-Fi from being sniffed.

So as I and others said, if you cannot secure to your satisfaction, do not use Wi-Fi but rather wired Ethernet for your devices.

Do not use any device that does not have an Ethernet connection.
I am sorry John Hurst i was commenting on John Tsioumpris and i think am done from connection part convinced also, what about hardware that i need to increase protection  server or firewall thank you
Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thank you masnrock , now we are talking as i inderstood a server could be used to store, backup, or even host email and so on.., the thing which i couldn't find before i bumped into this web of experts, is can i use it as secure platform for accesing my CCTV and Smart Home system which has SBus and ethernet port on the main module the "logic module" or this will be just a remote conmection to my old pc with modification if needed, after download any server OS ?

Can i use it to route the connection to my other devices and monitor traffic or now we are talking about firewall thank you.
You could use the idea of a jump server... that's an approach you could take...
Thank you and I was pleased to help you.