I was reading an article by Keatron Evans called "Information security at home" (http://resources.infosecinstitute.com/i ... y-at-home/) and decided to create my own list by by adding a few more pointers and wanted to know what suggestions you guys may have in expanding it further?
Standard Best Practices
1. If wireless in use, ensure WPA or WPA2 with AES encryption with a passphrase of more than 20 characters in length
2. Turn off DHCP and statically assign an address to each machine
3. Enable MAC Address Filtering on Router/Access Point and only allow devices MAC Addresses
4. Keep Access Point away from Windows and Doors
5. Keep upto date with latest security patches (OS and all other applications running)
6. Ensure Anti-virus software and Anti-malware software is installed and up to date
7. If possible browse directly to websites that you wish to shop or logon to by entering the URI into the address bar. Do not click on links sent via email or from within forums etc but if you have to, verify the links!
8. Don’t use REAL credit cards, and certainly not your bank card to shop online. Use a prepaid Visa/Mastercard/American Express to do all your online shopping
9. When using Myspace, Twitter, Facebook. Don’t accept friends you don’t know. Don’t EVER click on links that people post in their status updates. These could easily be links to malicious sites or data.
10. Use an account with the least amount of privileges required. There is no need to browse the internet using an account with Admin rights!
11. Ensure that websites which use a secure communications channel (HTTPS) have a valid certificate. If the browser complains that the certificate is untrusted, DO NOT ignore it and go ahead, verfiy the certificate.
12. Ensure Firewall on Router and PCs are switched on
13. Keep Router Firmware upto date
Advanced Best Practices
For those that are more paranoid or want to be even more secure:
1. Use a browser that supports the "No-Script" add-on. Being honest it can be a bit of a pain to configure correctly but if you choose to use it do not browse the internet and "trust everything"
2. Use 2 separate Virtual Machines. Ensure all the above steps on each VM machine where applicable and use one strictly for sensitive applications such as banking etc and the other for general browsing of the internet.
Security Away from Home
Ok, strictly speaking this may not come under home security but just had to mention the following:
1. DO NOT browse to any websites that require a logon to access sensitive information whilst connected to any public networks (in coffee shops, trains, internet cafe's etc) whether the connection is wireless or not unless connected to a corporate network via a VPN.
2. Bear in mind that a lot of websites will often encrypt the login functionality, but once logged into the website will not use a secure cookie. Therefore the users cookie and session can be sniffed as it will all be in clear.
Please feel free to add