Skip to main content

Can you help me lock down my network a little bit better?

I have a somewhat complicated network topology at home. Here's my equipment:

  • A Comcast "modem" UBEE 3513
  • Asus RT-N66U (used for firewall, routing, and port forwarding)
  • Core-i7 Windows 10 Home PC (media server)
  • A Roku 4 Ultra (used to stream programming to television from the Plex PC)
  • An Amazon Alexa
  • Synology DS1815+ Diskstation (PDF link)
  • Television (Sony recent model)
  • Playstation 4
  • Nintendo Switch
  • Old Mac Pro workstation (used as a file server for downloading stuff)
  • 2 Ubiquiti UniFi access points
  • Nest thermostat (first gen)
  • Marantz SR6010 receiver
  • Laser printer
  • Computers
    • iMac
    • Macbook Pro
    • Other Macbook Pro
    • Macbook
    • PC laptop
    • Core i9 PC workstation
    • Various iPads, iPhones, and wireless devices
  • I also have a 10gb fiber run to my separate garage where I have some equipment and one of the wireless access points.

Current config:

My internet connection goes directly from the UBEE modem to the Asus. The Asus handles all connections and routes accordingly. I have ports forwarded for my media server's apps so that I can share them out to the general internet. (I watch Plex and listen to my music using Subsonic almost every day).

I often access several of my computers using Splashtop. I'm not that happy with it, and screen sharing actually works better when I'm going from Mac to Mac. But it works OK in a pinch. I never SSH or use command line in any way. I'm not familiar with the terminal for accessing remote machines (or in any way, really).

I occasionally log into my Synology for file access remotely. I also use the iPhone app to log in and check my security cameras very often (several times a day).

My Windows 10 Home server has NO firewall activated. I did that to make sure it could be accessed easily from the internet. (I'm sure this is making some folks cringe). I have never had an issue with that machine. It is never used for web surfing, it ONLY runs the server software.

Currently, the Asus' firewall is set to "On". I don't have any custom settings (nor would I know how to properly configure them). The "Enable DoS protection" and "Respond ICMP Echo (ping) request from LAN" are both set to "no". I realize this is probably unsafe (that's why I'm posting here). I don't really know what those mean. I want to button it down properly and make sure my systems are as safe as they can be realistically.

I have an A NAME record pointing from my hosting provider to my home using "home.mydomain.com" so that I can log in easily without having to remember my IP. I have to reset the A NAME record to my new IP every few years.

I have a Comcast business account at home (no data caps).

I do not know really what a tunnel is. I do not really understand VPNs (although we use a Cisco VPN at work). I have heard that those two things would help secure my network. Not really sure how.

How can I make this more secure using my limited knowledge and HUGE fear of the command line?



Submitted March 30, 2018 at 10:35PM by spdorsey https://ift.tt/2pP0hZA

Comments

Popular posts from this blog

certain keys on my keyboard dont work when "cold"

Hi guys, i have a Lenovo Y520-15IKBN (80WK) and certain keys on the keyboard don't work (e,g,h,8,9,Fn...) but only when the weather is cold. for example in the winter it used to work after certain amount of time when i first boot the laptop and stops working when i stop using it for a while, but now that the weather is hot it works just fine except for the first couple of minutes or when its colder. of course i do realise that it has nothing to do with the outside weather but with the temperature of the computer itself. can someone explain to me why this is happening and how it should be fixed as i cannot take it to the tech service until july even though it's still under warranty because i need it for school. ps: an external keyboard works fine. Submitted April 29, 2018 at 03:35PM by AMmej https://ift.tt/2KiQg05

Old PC with a Foxconn n15235 motherboard needs drivers! Help!!

So my Pc corrupted and I had to fresh install windows on it, but now its missing 3 drivers and one of them is for the Ethernet controller! I've tried searching everywhere for the windows 7 drivers but all I seem to find are some dodgey programs saying they will install it for me. Problem is without the ethernet driver I can't bloody connect to the internet. I've been using a USB to try get some drivers on there, but they just end up being useless programmes . I'm also a bit of a noob at these things, I don't understand where to find the names of things in my PC, I've opened it up but I don't understand whats significant and what isnt. If someone has the drivers and can teach me how to install them I'd be very appreciative! Submitted April 29, 2018 at 02:47PM by darrilsteady https://ift.tt/2r76xMZ