[clug] Security for home - Topic for discussion

George at Clug Clug at goproject.info
Mon Feb 25 01:49:04 UTC 2019


I hope at some point to collate these points we are posting.

To your list of "backups, (continuity), maintenance, monitoring" I
would like to add "timely and routine security and bug

It will be fun when we get down to answering the practical points like
your comment "How to do all this in a home environment?"

My answer to your question "Is it even possible?", I think "partially
it is, on an arbitrary graph of of 'effort vs perceived need vs
perceived reward/effectiveness' ".  

Using firewalls as an example;

I expect we all run a home firewall between our IT stuff and the

Do we consider an Internet firewall "necessary"?, do we consider it
too difficult to implement?, how detailed a firewall are we prepared
to configure? 

Do we have separate firewalls for wired and WiFi networks (in case
someone hacks our WiFi). What is the likelihood that our WiFi will be

For that matter, what do you think is the level of risk of "our house
been broken into" ? Do we take precautions for this event? (locks,
window security, safe, items kind of hidden, alarms, security patrols,
etc).  Does our security assessment change after we experience a
security breach?

Are we prepared to run several firewalls ? Do we separate our access
network (internet surfing, email, etc) from our management network
(the network we use for applying patches and root level
configurations, or do we only have one network. There are degrees or
levels of protection, evaluating cost/benefit is fun and challenging.


On Monday, 25-02-2019 at 12:06 Kim Holburn via linux wrote:

It's never ending.  Starts with risk analysis as Bob pointed
out.  Also involves multi-level protection: people training, network
protection, device protection.  Also we all have devices that move
around to different networks.  

In addition:  backups, (continuity), maintenance, monitoring.  How
to do all this in a home environment?  Is it even possible?

> On 2019/Feb/25, at 11:36 am, Bob Edwards via linux 
	*  wrote:
> On 25/2/19 10:51 am, Brenton Ross via linux wrote:
>> On Mon, 2019-02-25 at 10:01 +1100, Kim Holburn via linux wrote:
>>> On 2019/Feb/24, at 8:53 pm, Bryan Kilgallin via linux 
	*  wrote:
>>> Thanks, Kim:
>>> I have an on-going project to make home networks more secure.
>>> How can one measure a baseline?
>>> Impossible question.  How do you?
>> If it was my problem I would proceed thus:
>> You start with a list of all known attacks.
>> You rate each one according to how difficult it is to implement.
>> You score a network according to how many it resists.
> "all known attacks" => known to you (the author(s) of the list).
>  all attacks known to others, now or in the future.
> How about:
> - what are you trying to protect (reputation, cpu cycles, privacy
> - how much is it worth to someone else
> - how much are you willing to expend to protect it
> More airy-fairy, but allows you to have a life.
> cheers,
> Bob Edwards
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 

linux mailing list
linux at lists.samba.org

More information about the linux mailing list