Problems with Home Networks

The major problem with home networking has been difficulty with implementation. Books have been geared toward the corporate environment. The home segment, which is still developing, has not been thoroughly addressed. This could be because the home user technology is still developing and changing so rapidly that it is hard to assist home users in designing their environment. The tools that are available to you today are easier to use, but they still require some assistance.

The second major problem faced by the home network is security. When you dialed up to the Internet with a simple phone connection, you were not online for days and your IP address always changed. You had some security through obscurity. This is no longer the case. All your personal information is available for attack 24×7 with broadband connections. You have to figure out how to protect your home environment on a 24×7 basis now. Management of the operating system and the software needed to secure your network is somewhat difficult to manage and understand beyond the basic settings.

With a secure setup, you can connect to many corporate environments to telecommute safely. The problem is setting up your connecting correctly and ensuring that your home network is safe and does not provide a risk to your office environment. Many people who work from home keep company-sensitive documents at home. Then they connect to work to do some function. For this type of scenario, you have to make sure your home environment is as secure as your office network. If your home network is compromised and the attacker gets your work documents, it would be the same as if the attacker broke into your company to steal the documents.

To network your home, you have a number of options from the firewalls, applications, hardware devices, and operating systems that you use. Each of these categories has numerous options available to you. Making them all work together can be a serious problem to designing and implementing your home network. We will attempt to simplify scenarios you can use to implement and secure your network.

Home Zombies and DDoS Attacks

DDoS attacks are a threat to the entire Internet infrastructure. In February 2000, sophisticated DDoS attacks affected several sites. These attacks were covertly planned and executed over a period of time. The attackers were groups of hackers, and the sites were large e-commerce sites. The attackers carefully planned an attack that used insecure home computer networks as zombie machines. The attackers used their own crafted code to control these zombie machines. When many zombies were under control, the attackers were able to launch the attacks remotely.

The concept was simple and effective. First, the hackers distributed their code to insecure computer networks with high-speed Internet connections. Many of these systems were home networks. The code infiltrated the insecure system in one of several ways, either by a virus in an e-mail attachment or an infected Web site programmed to install the code on the victim's computers. After the code was installed, the infected computers sent out a message to the hacker, letting the hacker know that he had claimed another victim. The code gave the hackers the ability to control the infected machine. With thousands of victims under control, the hackers were able to launch the attack.

In unison, thousands of unprotected zombie systems were ordered to attack a Web site that the hacker specified. Because the attacks on the Web site were coming from thousands of zombie machines, the hackers could not be easily identified. In fact, the hackers never did any attacks from their own computers. Much like using a remote control to flip through channels on a television, the hackers controlled the zombie machines to do their bidding.

If you run your home network without protection, you take a greater risk of becoming a zombie to a hacker's DDoS attack. By using firewalls with outbound filtering rules to control the traffic that can leave your network (in addition to traffic that can enter your network), you are providing a much stronger level of security. If you do become a zombie, you are essentially responsible for the attacks. Take responsibility in the Internet community and do what you can to protect this type of attack from happening. The simplest defense is to use a good firewall that controls both incoming and outgoing traffic.