Is removing the Ethernet cable from the router (when I'm not using it) a good security measure?

  • I have here at home a router, like many people out there. The router is connected with an Ethernet cable that comes from the modem.

    But, to prevent hackers or anything else to try bothering me, if I'm not using the router, is removing the Ethernet cable a good security measure? Or it doesn't do that much in security, so I should leave it always connected?

    This is akin to replacing your front door with a door-bridge/portcullis combo, but leaving your windows wide open. Deploying an airgap is a valid security measure. But only when you deploy everything below it on the security totem pole as well.

    It would possibly, in some case or other, leave lesser headroom for some unsecured IoT device (or other) to do whatever badness it is up to.

    @Aron It's worse than that. It's akin to replacing your front door with a drawbridge/portcullis combo but then leaving the drawbridge and portcullis wide open while going about your daily business.

    It's a great security measure because after unplugging and re-plugging 40-50 times, the connector will be broken, and you will be permanently protected from hackers accessing your machine. You will also be protected from the desire to waste your time on facebook and such, as a free bonus.

    @Damon Where do you shop for Ethernet cables? I'm only asking so I'll know where *not* to buy these.

    How many tin foil hats is too many, anyway? What's one more? This kind of thinking is why I won't take a job in security.

    The connectors are rated for maybe 750 connect/disconnects, so you may want to add a sacrificial flying socket as the location where you disconnect it. Router - short lead - - lead to modem - modem.

    It might make sense if you're going to be gone for weeks, but just disconnecting for a few hours is kind of useless. I'm recalling back maybe 1990 when I worked at IBM that you'd plug a new computer into the LAN to configure it and download the anti-virus, but the computer would be infected before the download was complete. If someone is intending to infect your computer they'll be watching for the connection.

    All this boils down to is, if somebody tried to "hack" your PC while you were using it and connected to the Internet, would you be able to tell?

    If your router has wifi you'd still leave that open as a vector for attackers in the vicinity. Even if you physically disconnected both the LAN and the internet side, the router itself is still technically vulnerable to wifi attacks as well as any wifi connected devices. It'd make more sense just to turn the router off. Then you won't wear out your connectors either. I don't do this but I do have my high-mounted home router on a power strip near the ground to make the inevitable reboots of my ISP-provided, POS router (yeah, I'm not bitter) easier, that setup would be convenient here.

    @JasonC ...what if you turn off your house's main power switch? That must be surely safe... right?

    @xDaizu You could also buy routers in bulk and throw it away after each use.

    People were compromised back in the days of dial-up modems as well.

  • nd510

    nd510 Correct answer

    4 years ago

    If there is not an internet connection to your device then a hacker is not going to be able to communicate with that device. (Edit: As some have pointed out...this is assuming an attacker is attempting over the internet from a remote location)

    With that said, eventually you will have to connect to the internet again if you want to use the internet and if you were to eventually obtain malware on your computer such as a keylogger. That keylogger is going to rely on the internet to send its data back to the hacker. If the keylogger is written properly, when you disconnect, it will just wait for you to connect to the internet again to send its data back to the attacker.

    In my opinion, I think disconnecting from your internet will prove to be more of a hassle than a protection. Instead, focus on the security of your device and your actions on the internet. Being a smart internet user can provide a great deal of security to your device.

    Elaboration (EDIT):

    I do agree that this method with decrease the time of opportunity for an attacker but the reason I chose to put emphasis on endpoint security and user education is because if you imagine an enterprise environment, they have devices and services that rely on an internet connection 24/7. So an enterprise can't rely on disconnecting from the internet as a viable security measure. Instead they focus on securing the devices on the network and the network itself. So I believe this will achieve 2 things: 1) greater security. 2) better user experience(always have internet access on demand) and I believe you can apply these strategies to your personal network as well.

    Comments are not for extended discussion; this conversation has been moved to chat.

    Not to mention that always on internet makes more sense for acquiring security fixes ASAP. And that's something that's ideal for security. The idea of disconnecting when you're not using the internet makes me worry that you wouldn't be getting security fixes, really (especially since most people install those when the computer is not being used -- typically late at night).

    "If there is not an internet connection to your device then a hacker is not going to be able to communicate with that device." If the router is also an access point then ethernet isn't the only way someone could gain access to the OP's internal network. I don't think there's enough information to tell if it's a wireless access point or what type of security they're using (WPA, WEP, etc.)

    @CraigLafferty I agree, I have revised my statement.

    Disconnecting your machine for 12 hours a day *will not* make you 50% "more secure".

    `So an enterprise (...) focus on securing the devices on the network and the network itself.` The network? Nah, just assume _every network is hostile_, saves time and hassle.

    @CraigLafferty if the ethernet cable being disconnected is the router's WAN cable (i.e. the connection to cable/DSL modem, fiber endpoint, etc) then a WiFi access point is irrelevant as the internet connection has still been severed.

    @Doktor, a wireless router that is not connected to a wan can still have devices connected to it that can talk to eachother. If OP has a device connected to the same access point as a malicious machine and there is no client isolation (which wouldn't usually be configured on a consumer router) then it doesn't matter whether or not it's connected to a wan.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM

Tags used