home network security
TRANSCRIPT
![Page 1: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/1.jpg)
Home Network Security
![Page 2: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/2.jpg)
Objectives– Securing Home Network with 3 layer
– Use OpenDNS nameserver for web content filtering
– Using Safe Squid as Proxy Server and Firewall
– Demonstrating https Interception Detection
– Use Wire shark as packet analyzer
– Using PRTG as network monitoring tool
– Demonstrating the FTP and Web Server Using Microsoft Azure
![Page 3: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/3.jpg)
Network Diagram
![Page 4: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/4.jpg)
3 Layers of Security
• What you know?
• What you have?
• Who you are?
![Page 5: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/5.jpg)
Level 1: What you know
Disabled Broadcast
![Page 6: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/6.jpg)
Level 1: What you know
Should know a valid network SSID to connect
![Page 7: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/7.jpg)
Level 2: What you have
Should have Security key
![Page 8: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/8.jpg)
Level 3: Who you are?
• MAC address should be registered in the DHCP reservation list on the router
![Page 9: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/9.jpg)
Level 3: Who you are?
![Page 10: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/10.jpg)
OpenDNS Server for Web content Filtering
![Page 11: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/11.jpg)
OpenDNS Nameserver(s)
Change your DNS with OPEN DNS
![Page 12: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/12.jpg)
Using OpenDNS for web content filtering
![Page 13: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/13.jpg)
Unauthorized website being blocked by OpenDNS
It blocks the url: http://www.proxyserver.com which is used for P2P sharing.
![Page 14: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/14.jpg)
Bypassing OpenDNS on Client Machines
![Page 15: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/15.jpg)
Implementing OpenDNS with Hardware Firewall
Block port 53 on firewall, which is the DNS name resolver on all IP address starting 0.0.0.0 to 255.255.255.255
![Page 16: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/16.jpg)
What is Safe Squid Proxy Server?
• Acts as web caching tool.
e.g. getting updates from OS
• Acts as a Firewall
• Acts as an Antivirus, Malware tool
![Page 17: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/17.jpg)
Safe Squid Proxy Server as HTTP Firewall
Define Access Restrictions in Safe Squid
![Page 18: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/18.jpg)
Safe Squid Proxy Server as web content filtering
![Page 19: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/19.jpg)
Safe Squid Proxy Server as Anti-Virus
![Page 20: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/20.jpg)
Bypassing a Proxy Server
![Page 21: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/21.jpg)
Use Safe Squid as Transparent Proxy Server
![Page 22: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/22.jpg)
Https Interception By a Proxy Server
Website’s Fingerprint differs when a proxy server intercepts the connection. Example shown here is of Facebook’s Thumbprint (Authentic vs Intercepted)
Authentic Fingerprint of websites from GRC.com
![Page 23: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/23.jpg)
Using Wireshark as a Packet Analyzer
![Page 24: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/24.jpg)
Showing Data Packets in Wireshark
The result while hitting http://www.azure.microsoft.com/
![Page 25: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/25.jpg)
Analyzing Data Packet Length
To know the length of specific http packets
![Page 26: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/26.jpg)
PRTG Network Monitoring Tool
![Page 27: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/27.jpg)
Viewing Reports in PRTG
![Page 28: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/28.jpg)
Summary
• Securing Home Network Using 3 layers of external users.
• Using OpenDNS for web content filtering for internal users.
• Using Safe Squid Proxy Server as a Firewall, Antivirus and Web Content Filter
• Using Wireshark for analyzing data packets and PRTG network for network and usage monitoring.
![Page 29: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/29.jpg)
Web References
• https://www.grc.com/fingerprints.htm
• https://dashboard.opendns.com/settings/27767836/content_filtering
• http://www.safesquid.com/content-filtering/does-safesquid-support-transparent-proxy
![Page 30: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/30.jpg)
Glossary
• SSID: Service Set Identifier• PRTG: Paessler Router Traffic Grapher• Certificate Fingerprint: SSL Certificate
Thumbprint on web servers.
![Page 31: Home network security](https://reader036.vdocuments.mx/reader036/viewer/2022062420/55cc53aabb61ebbb2c8b45da/html5/thumbnails/31.jpg)
Question and Answer Session
The End