Harden Your Home Network Against Network Intrusions

Harden Your Home Network Against Network Intrusions

Configure intrusion detection in OPNsense

Introduction The Internet is full of malicious actors looking to take advantage of insecure networks and devices. While corporate and government targets may be the biggest targets because of the valuable data they possess, home users still need to be cautious. Phishing attacks usually via email is the most common attack for home users. Fortunately, those attacks are typically easy to avoid by cautious users that do not blindly click every attachment and web link contained in their emails.
Inadvertently Blocked Access to Cable Modem Web Interface

Inadvertently Blocked Access to Cable Modem Web Interface

Want to access your modem's web interface and you are using VLANs or a non-default subnet address?

A few months ago, I switched to using my own cable modem instead of using the ISP provided modem/router, and I wanted to access the web interface for the cable modem status. Another reason was to change the default password if it had one since default passwords are not secure. The default web address for cable modems is typically http://192.168.100.1. Perhaps that is a common default IP address to avoid potential IP address conflicts with standard consumer grade routers which often default to 192.
Use Your Own Domain Name in Your Home Network with OPNsense

Use Your Own Domain Name in Your Home Network with OPNsense

Would you like to use your own domain name on your internal home network?

Introduction One nice thing about utilizing more advanced router features is that you can do neat things such as using your own domain name in your home network. This allows you to refer to devices on your network by using the device name/hostname followed by the domain name. For instance, server.homenetworkguy.com could refer to a host named “server” that exists on the network using the domain name “homenetworkguy.com”. Of course, depending on your configuration, you could just use the hostname “server” to access various services on your device(s) such as a fileshare, which will be shorter than including the domain name.
Enabling Rocket Loader on Cloudflare Interfered with the Nextcloud web login page

Enabling Rocket Loader on Cloudflare Interfered with the Nextcloud web login page

Using Cloudflare to access your Nextcloud web interface? Beware of pitfalls...

When setting up Cloudflare for this website, I decided to try it out on some sites that I had setup on my home network. In particular, my Nextcloud web portal. All was going well until I began enabling various optimization features that are available in the free Cloudflare account. I noticed when accessing the Nextcloud web page from my work computer that it would not allow me to log in. The login button was visible but disabled.
Enabling IPv6 Broke Functionality to My IP Security Cameras

Enabling IPv6 Broke Functionality to My IP Security Cameras

A cautionary tale of enabling IPv6 on all network interfaces/VLANs

After the long journey of learning more about IPv6 and how to enable it on my home network (see my page for detailed info), I discovered that I broke some functionality. When you have IPv6 enabled alongside IPv4 in a dual stack configuration, IPv6 will often take priority – after all, it is newest protocol intended to replace IPv4. I have created a network for my IP security cameras that is isolated from the Internet that I use as baby camera monitors.