Jump to content
RESET Forums (homeservershow.com)
schoondoggy

Home Network IP Address Scheme Best Practice

Recommended Posts

itGeeks

No and No, Check out the link below for the reasons I don't. I use WPA2/AES and I disable WPS & UPnP. If the wireless router does not allow me to disable these it goes back same goes for if there is no WPA2/AES only option, I am not interested in PSK for security.

 

5 Wi-Fi security myths you must abandon now http://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.amp.html

Share this post


Link to post
Share on other sites
itGeeks

Definitely; its quite fun when with a client asking for the most secure system, explaining that its cheap to implement. They get disappointed when explain that its based on pen & paper only - no computers used  :ph34r:

Seriously, the biggest risk is the human factor - downloading random files off the net / clicking a phishing email / deleting data in error etc - are far more likely to happen than a target on their network (but obviously depends on the client!!)

 

I think this is the biggest issue right now; malware only needs to be lucky once; infosec needs to always be lucky all the time.

Agreed.

Share this post


Link to post
Share on other sites
itGeeks

Even an airgapped network is not secure, Just ask the techs at Natanz, its all about risk/reward ratios. I have for example got my clients servers on the same subnet as the hosts they serve, now I could subnet/VLAN them off and increase security, but I then have to deal with the routing of the data, therefore I do not bother (well not yet I am working towards a hybrid VLAN implementation). the Backups however are protected and do not use SMB as there is to great a risk of something happening to them with a CryptoLocker infection

O yes CryptoLocker and lets not forget SynoLocker, Boy do I feel bad for the people that got hit with this and had no good backup plan in place. Like you I also don't use SMB for backups and I have offsite backups as well following the 3-2-1 Backup best practice. My family and friends think I need medication for the way I pound the need for backups both onsite offsite and the need for them to keep current on all the updates, What I tell them is there the ones going to need medication if they ever get hit with one of these and they have no backup. Say goodbye to all those documents/photo. People that don't follow this stuff don't thinks its real, I am here to tell everyone it is.

Share this post


Link to post
Share on other sites
nrf

 

No and No, Check out the link below for the reasons I don't. I use WPA2/AES and I disable WPS & UPnP. If the wireless router does not allow me to disable these it goes back same goes for if there is no WPA2/AES only option, I am not interested in PSK for security.

 

5 Wi-Fi security myths you must abandon now http://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.amp.html

 

just checking which things you go for and which you don't. :)

wps is verboten in my devices and I never fell for those two 'tips' either.

I use a rule to only allow a single device to do UPNP on one subnet

my wifi password is 39 characters long

but I do use 192.168.y.x

Edited by nrf
  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...