alphaspirit - Fotolia
How to monitor home network traffic for added security
When addressing home network monitoring, track all connected devices, and take advantage of open source tools, like packet capture, to sniff out malicious traffic.
Even before the pandemic sparked a major shift to remote work and distance learning for millions of people worldwide, home networks were becoming more populated and complex. No longer just home to a desktop computer and printer, home networks now connect everything to the internet, including mobile devices, smart speakers, televisions and even refrigerators. With the addition of work and virtual learning devices, many people are looking to monitor home network traffic to keep their data secure.
Since the migration to remote work started in March 2020, anecdotal reports have shown a major spike in security incidents around the world. The National Cyber Security Centre, based in London, cited more than 350 weekly cyber attacks in Switzerland in April 2020 -- a sharp increase from the typical 100 to 150 incidents per week. The security group said the surge in cases illustrates that cyber attackers are exploiting vulnerabilities amid work-from-home operations.
While many companies gave their workers guidance and tools to help in this effort, the surge in security incidents on home networks shows major gaps in protection. End users should now take a serious look at the security of their home networks. You may need to go beyond just changing the default password on your router, using a VPN to access corporate resources or simply installing a firewall.
Home vs. business network monitoring tools
As you start to fortify your home network security, you'll need to know what devices are connected to your network and track activity to identify invasive actors. The best place to start is having an accurate view of what devices are connected to your router. Catalog what devices you think are connected. Make sure to include every user's laptop and mobile device, as well as things like home security systems, gaming consoles and appliances.
Once you have an inventory, compare it against the device list that your router registers. The router will show an inventory of currently connected devices, including IP addresses and media access control addresses. The router's list will just show the currently connected devices and may not be entirely complete. You can use an open source scanning tool to get more complete information on the devices using your network, including the open ports and services the devices are using.
Several free or low-cost tools are available to help you monitor home network traffic. As these tools monitor activity on your network, they can identify performance issues and flag unauthorized and potentially malicious traffic.
Home and business network monitoring tools work similarly by tracking traffic activity using sensors or agents. The primary difference between home network monitoring tools and products designed for corporate use is scale. Home network monitoring tools are typically designed for environments with 100 or fewer devices, while commercial tools can accommodate many more.
Overall, network monitoring software provides a practical way to see activity across the network, including which devices are logged in when you aren't on the network. It will also alert you whenever a new device logs onto the network.
The benefits of packet sniffing in network security
Packet capture is one tool that can be especially effective from a security context as you monitor home network traffic. Available as open source or low-cost tools, packet capture services perform packet sniffing to see what types of traffic are traversing the network.
Once the packet capture service is installed, you need to set your adapter on promiscuous mode so it can capture all the packets on the network. You can filter the captured information to target specific conversations. You can also drill down on any packet to inspect it.
Packet sniffing can expose issues that other security measures miss. With packet capture, you can identify what ports are being used. From that information, you can look up what applications use specific ports. You can also see if files are being transferred to a suspicious external device or if an unauthorized user is logged in to your Wi-Fi.
Monitoring tools are also built into the hardware devices themselves. OSes and routers have tools for tracking activity. Vendors also bundle application software with utilities, which can provide an even richer source of information than the OS and router monitoring tools.
As in other areas of security, you need to take a multilayer approach to protect your home network and all connected devices. Cyber attackers know they can exploit security gaps in these networks. Network monitoring can play an important role in helping protect your data.