To secure the private home network, especially create a guest network and a private one, I used raspberry pi. The private network must be protected better, because of  devices like computer, NAS, ect… . The raspberry is equipped with an additional lan port (usb to lan) and an additional w-lan card for a better signal. The first lan port is connected with the router of the ISP and the second one with the local private network. After that the routing is made (IP Tables) so that the internet is forwarded to the private network. Then the firewall (ufw - uncomplicated firewall) is configured, per default all connections are denied and the needed ports have to be opened after that. For example 80 and 443 for http and https. After that a proxy is installed, in this case pihole for blocking adds and additional IPS (intrusion prevention system) Fail2Ban is installed and configured, to secure the „Firewall“ even more.
Comments