Ok, so technically, someone tried to hack into my home network. Although they did not get in, I thought it would be informative to go over what happened. In this article, I will explain the different methods used to get into my network, what the hackers could have potentially acquired, and the steps I took to strengthen my network security.
Methods To Connect To My Home Network
The first way to access a home network is to plug an Ethernet cable directly into the network. This would require a hacker to be physically on my premises. I use door locks to keep individuals out of my home.
WIFI is the second access method. A hacker trying to connect to my network wirelessly would have to be within a few hundred feet of my home. Wired Equivalent Privacy (WEP) was an older protocol that was insecure against modern attacks. In 2003, Wi-Fi Protected Access (WPA) came out to replace WEP. WPA brought updates, including the Temporal Key Integrity Protocol (TKIP). A few years later WPA2 came out with improvements, the most important being the upgraded AES-CCMP encryption. Recently, WPA3 arrived with security improvements. However, because many legacy devices are not supported, WPA3 has not seen widespread adoption. To prevent a wireless hacker, I use the strongest wireless authentication method that my router and clients can employ. In my case, that is WPA2-Personal. I use a random 32-character password (the largest that all of my clients will accept).
Remoting into the network’s router is another way to connect to the network. To protect my network from this, I have disabled all remote access.
A server would be the final method of accessing my network. A server is software that processes requests and delivers data to another computer. The only server I have set up on my network is a VPN server. A VPN (Virtual Private Network) is a mechanism for creating a secure connection between two computing devices using the insecure Internet as the communication medium. The VPN creates a secure communication tunnel between the client and the server. Many employees use a VPN client to securely connect to their employer’s network through their employer’s VPN server. You may use a VPN provider (NordVPN, ExpressVPN, ProtonVPN, etc.) to hide and/or change your location by securely connecting from your computer (via a VPN client) to your provider (via the VPN provider’s VPN server). You then connect to the Internet from the provider.
I set up an OpenVPN VPN server on my router to securely connect to my home network when I am away from home. The VPN server allows me to tunnel into my network and perform any function on the network as if I was in my home, even if I am on the other side of the world. For example, if I need a file stored on my network, I can get it. This is how the hacker tried to get into my network.
How I Discovered The Attempt
I looked at my router’s log and saw MANY entries that looked like this:
ovpn-server1: 220.127.116.11:35102 TLS Error: TLS key negotiation failed to occur ovpn-server1: 18.104.22.168:35102 TLS Error: TLS handshake failed
This showed someone trying to hack into my OpenVPN server. They failed but kept trying.
If They Got In
The hacker could have accessed my router and changed its settings. I have a Network Attached Storage (NAS) device with backups and storage of my data which the hacker could have gained access to. The hacker could have acquired access to any computer, tablet, or phone connected to my network. Finally, to a lesser extent, they could have gained access to media servers, security cameras, or IoT appliances connected to my network.
But, even if the hacker had successfully bypassed the security on my VPN server, they would still have had to bypass the security on the various network devices. So, there was still another layer of security to get through.
What Changes Did I Make
Although the hacker did not get into my network, I decided to tighten up my network’s security.
First, I changed the VPN server’s port from the standard 1194 to an unused, unallocated port (5001-32767 on my router). Using a non-standard port greatly reduces the chance of the VPN server being detected. Second, I increased the password length for each VPN server user from 12 to 32 characters.
Next, I changed my router’s name and password. It was good that I did not use the default name and password (admin, admin for my router), but I still increased the length of the name I used and the length of the password from 10 to 32.
I went through my NAS and encrypted all files that contained personal or sensitive data. I did the same with my computers. I will have an upcoming article on the secure encryption tool I used.
Finally, I decided to add encryption to all backups that I make and store on my network. Over the next month or so, as my old unencrypted backups cycle out and are replaced with new encrypted backups, everything will be encrypted.
If you have any questions, please leave a comment below.