SCAN YOUR NETWORK FROM THE INSIDE
TAKE ADVANTAGE OF ROUTER SECURITY
Many routers come with built-in security features: current models from Asus and TP-Link offer a range of services powered by Trend Micro, while Netgear’s Armor platform is offered in partnership with Bitdefender. It’s well worth exploring these tools, as they can block various types of hacker attack and prevent devices on your network from connecting to known dangerous sites and servers. They can also throw up an alert each time a new device connects to your network, without the need for custom apps as discussed above.
The price varies, however. Asus’ AiProtection service is completely free, while TP-Link’s HomeShield offers basic protections for free but charges £55 a year for the full set of features. Netgear Armor is free for the first 90 days, then rockets up to a steep £85 a year, although that does include a household licence to run the Bitdefender Security suite on all your Windows, macOS and mobile devices.
FIND OUT WHAT’S CONNECTED
Your router can give you an overview of attached devices, but it probably won’t go into much detail. There are several free tools that can scan your network and capture more information about exactly what’s connected, helping you stay on top of the state of your network.
One simple but powerful option is Angry IP Scanner ( angryip.org). Run this on any Windows PC on your network and it will thoroughly scan your LAN, capturing information about everything connected to it. By default it shows all active IP addresses, along with a ping time that indicates connection speed. A blue light next to the address means that the device wouldn’t talk directly to the scanner, while
a green light means it allowed the connection. You’ll also see a readout of which network ports are open, though by default the program only checks ports 80, 443 and 8080, which are used for HTTP and HTTPS connections.
If you open the Tools menu and select Fetchers, you can tell the program to scan for other potentially useful information: NetBIOS info shows whether a device is advertising an address for file sharing, while filtered ports are those which appear to be blocked by a firewall or other security measure. Angry IP Scanner also captures the hostname of each device that’s located, but sometimes this can be blank or ambiguous; capturing the MAC Vendor can help by revealing who manufactured each client.
CHECK FOR OPEN PORTS AND SERVICES
For more information about the ports and services that are accessible on your network, a free, open-source tool called nmap has the answer. Though originally designed as a UNIX-type command-line tool, nmap is fully supported on Windows, and even comes bundled with a graphical front-end called Zenmap. To get the full package, go to nmap.org/download, click to download the “Latest stable release self-installer” and install it with the default options.
Once you’ve done this, launch nmap and enter the target IP address: to scan your whole network, enter a range such as “192.168.0.1-255”. Leave the Profile set to “Intense scan” and hit the Scan button to set
nmap working – then put the kettle on, as the scan can take 20 minutes or more to finish.
When the process is done, you’ll see a list of hosts in the left-hand pane; click the
“Ports / Hosts” tab in the right-hand pane to see the full list of which ports are open and closed, along with the name of the service that normally uses each port. If a device seems to be welcoming connections that it shouldn’t, you may be able to shut off that service, or firewall it at the router. Unfortunately, nmap isn’t as helpful as Angry IP Scanner when it comes to identifying detected devices; you might need to check your router’s web console to figure out which address relates to which client.