C Y B E R S E C U R I T Y F O R S M A L L N E T W O R KS A N O - N O N S E N S E G U I D E F O R T H E R E A S O N A B L Y P A R A N O I D S E T H E N O K A CYBERSECURITY FOR SMALL NETWORKS C Y B E R S E C U R I T Y F O R S M A L L N E T W O R K S A N o - N o n s e n s e G u i d e f o r t h e R e a s o n a b l y Pa r a n o i d by Seth Enoka San Francisco CYBERSECURITY FOR SMALL NETWORKS. Copyright © 2023 by Seth Enoka. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. First printing 26 25 24 23 22 1 2 3 4 5 ISBN-1 3: 978-1 -7 185-0 148-5 (print) ISBN- 13: 978- 1- 7185- 0149-2 (ebook) Publisher: William Pollock Managing Editor: Jill Franklin Production Editors: Paula Williamson and Katrina Horlbeck Olsen Developmental Editors: Jill Franklin and Eva Morrow Cover Illustrator: Gina Redman Interior Design: Octopod Studios Technical Reviewer: Kyle Rankin Copyeditor: Kim Wimpsett Compositor: Scribe Inc. Proofreader: Scribe Inc. Indexer: BIM Creatives, LLC For information on distribution, bulk sales, corporate sales, or translations, please contact No Starch Press, Inc. directly at [email protected] or: No Starch Press, Inc. 245 8th Street, San Francisco, CA 94103 phone: 1.415.863.9900 www .nostarch .com Library of Congress Cataloging- in- Publication Data Names: Enoka, Seth, author. Title: Cybersecurity for small networks / by Seth Enoka. Description: San Francisco, CA : No Starch Press, Inc., [2022] | Includes index. Identifiers: LCCN 2022021005 (print) | LCCN 2022021006 (ebook) | ISBN 9781718501485 (print) | ISBN 9781718501492 (ebook) Subjects: LCSH: Local area networks (Computer networks)—Security measures. Classification: LCC TK5105.7 .E56 2022 (print) | LCC TK5105.7 (ebook) | DDC 004.6/8—dc23/eng/20220707 LC record available at https://lccn.loc.gov/2022021005 LC ebook record available at https://lccn.loc.gov/2022021006 No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it. To my darling wife, without whom I would surely be unable to do all the things About the Author Seth Enoka is an IT and cybersecurity veteran, having worked on large and complex cybersecurity incidents and investigations all over the world. When he’s not helping organizations kick and keep adversaries out of their net- works, you can find him teaching digital forensics and incident response, mentoring and being mentored by others in the security community, work- ing through some degree or certification, or preparing for his next power- lifting competition (whenever that might be . . .). About the Technical Reviewer Kyle Rankin is the chief security officer at Purism and the author of Linux Hardening in Hostile Networks and DevOps Troubleshooting, among other books. Rankin was an award- winning columnist for Linux Journal. He speaks fre- quently on open source software and has given keynotes at SCALE and FOSDEM.