I just thought it might be useful to give some ideas on what could be done to secure a home network if you’re planning to use the new android app with the comfort system (or iphone app) You might want to use some or all of the suggestions depending on how secure you feel you need to be.
Most routers will be able to implement some of the suggestions below but if you want them all then something like a Draytek will have to be purchased.
1.)The most obvious one is just to secure your wireless network with WPA2/PSK2 rather than WEP. This is standard on most routers these days but it’s good just to check.
2.)Use ‘Bind to MAC’ . Every device which connects to a network has a unique MAC address which can be bound to an IP address. This gives you the ability to define what device gets an IP address on your network. This means even if someone ‘cracks’ your wireless security your DHCP server would not know about their device and therefore not give it an IP address. The other advantage is you always know what IP address every device on your network will have. It takes some time to set this up but I feel it is well worth it.
3.)Change your IP address range to something that is different from the standard 192.168.1.xx. Almost all home routers use this address range as default. I feel its best to change to something else so even if the wireless security is by-passed it will be difficult to guess the range for a fixed IP.
4.)Create a ‘guest’ wireless LAN that is isolated from the rest of your network. Most visitors who want access to your home network are only after internet access and wont need connect to other devices, so setting up a guest network will satisfy their needs without the need to give out your secure networks passphrase. This network can still be protected by WPA2/PSK but doesn’t have to be bind to mac, so this saves you having to add every new device
5.)Create a home VPN (virtual private network). This means you can still access your Comfort system remotely without the need to give your comfort system access to the internet. A VPN is like a encrypted extension of your home network to your phone over the internet (this can be 3G) without the need for port forwarding. This also by-passes the need for a Web server to control your system remotely.
6.)Disable remote ping from your router.
7.)Enable your routers firewall
8.)Install something like the ‘lookout app’ on your mobile device which has many security features but the most useful are the app checker (checks to make sure the app is not malware), virus checker, and remote wipe. Remote wipe is very useful if you lose your phone but still have the comfort app installed. It will wipe all data on your lost phone.
9.)Many apps these days seem to require some strange access to your mobile before it will allow you to install them. For instance, I was going to install a alarm clock app the other day but when I read the small print. It wanted to be able to take photos with my phone whenever it wanted to without my permission!. So always read the small print while installing apps to keep your comfort system secure.
Above is just an outline, so if anybody wants a more detailed description of an item then please let me know.
I am sure there are other suggestions people might have and I am open to any comments or suggestions but thought it would be a good idea to open a thread on this to at least get people thinking about it.