Today we have a guest essay from Noah Pack explaining why, you…yes, even you…need a firewall.
Last Thanksgiving, my uncle-in-law asked me if I could help him set up a home firewall. This request was much different than the usual “Can you hack my ex-husband?” and “My printer isn’t working?” I usually receive when people find out I work in cybersecurity.
In my previous role, I was a Network Security Engineer, managing hundreds of firewalls for various clients across the United States at an MSSP (Managed Security Services Provider). I love networking and security and I run several firewalls in my home IT lab for testing and my own security.
A firewall is a network security device that is designed to allow and prevent specific types of network traffic based on the firewall rules it is programmed with. These appliances are particularly useful for segmenting your network, meaning, preventing devices on your network from communicating with each other. When a firewall is combined with an IDS (Intrusion Detection System) and an IPS (Intrusion Prevention System), the security magic really starts to flow.
Now you know what a firewall is, but do you need one? Yes. With cyber threats on the rise and more corporations willing to spy on you and sell your data, a firewall will most likely pay for itself by protecting your computer and your information.
At SecurityMetrics we live by the motto “Never have a false sense of security.” meaning that when I hear someone say, “I have nothing to worry about because I have nothing to hide.” I must bite my tongue. Targeted cyber-attacks are not just for Fortune 500 organizations. If you have any sort of presence online, you are at a higher risk of being targeted.
An example of a public presence that puts you at extreme risk of a targeted attack from threat actors would be having a LinkedIn advertising your new role as a software developer, your job as a DOD Contractor; your twitter account advertising your skills as a security researcher, or your new C-suite role. Do not advertise your cryptocurrency holdings either; that also makes you a target.
A firewall will not stop every type of cyber-attack, but it can stop some external attacks against your home network, downloading of some malware, and botnet communication. Often when I bring up my opinion on home firewalls with other cybersecurity professionals, I hear the dismissal “No one targets my home network”. That is almost always wrong. To test this, I set up a honeypot on my network. A honeypot is an attractive target for hackers that collects information on attempted attacks. I saw tens of thousands of ports scans each week from malicious actors, and around 10-20 sophisticated attacks against my network each day. If I did not have a firewall, or if I was using an old router on my network that was vulnerable to one of these sophisticated attacks, my entire network could have been compromised.
A firewall gives you the ability to block certain types of traffic from entering and leaving your network like Telnet, SSH, and RDP, which are commonly seen in compromised networks. You can also prevent devices like your Roku and Alexa from scanning your network to see what other devices you have, what times you are home, and selling that information, by isolating them onto their own VLAN (Virtual LAN). I read the terms and conditions and the only way I will let IoT (Internet of Things) devices on my network is if they do not have access to the computers and phones I hold near and dear to my heart, which is one of the many reasons I have a firewall.
So where do you get a firewall? I would recommend buying or building a cheap one to get started. My first firewall was a small black box with four ethernet ports on its’ motherboard that I installed pfSense and SNORT on, to get things started. This can be done on a budget but if assembling computers and installing operating systems isn’t your forte, you can buy a firewall from almost every network appliance vendor, such as Ubiquiti, Netgate, or Cisco. Nearly any firewall provides better protection than the average home WiFi router that gets plugged in and never has the passwords changed. When you do get a firewall, please change the admin log-in, and all other passwords. Please also update the firewall whenever an update is available.
Firewalls are not the perfect solution to cybersecurity on any network, but they do make you a harder target. I was raised by a security guru who once told me that security isn’t about being perfectly secure, because that will never happen, it is about being as secure as you can be, and especially about being more secure than your neighbors. So please, increase your security and set up a firewall.
Noah Pack is a student at BYU and a Threat Hunter at SecurityMetrics in Orem, UT.
https://www.linkedin.com/in/noahpack/
SecurityMetrics News Podcast