A security researcher recently discovered a backdoor in many Routers, allowing anyone to access your router without knowing the username or password. This isn’t the first router security issue and won’t be the last.
How to Secure Your Wireless Network
The good news is that it is not very hard to make your wireless network secure, which will both prevent others from stealing your internet and will also prevent hackers from taking control of your computers through your own wireless network.
Here a few simple things that you should secure your wireless network:
Change Your Router Admin Username and Password
Every router comes with a generic username and password, such as the password “admin”. You need it the first time you access the router. After that, change them both Immediately. If someone gained access to your router’s web interface through some sort of vulnerability or just by logging on to your Wi-Fi network, it would be easy to log in and tamper with the router’s settings.
Change Your Network’s SSID Name
The SSID (Wireless Network Name) of your Wireless Router is usually pre-defined as “default” or is set as the brand name of the router (e.g., DLink). Although this will not make your network more secure, changing the SSID name of your network is a good idea as it will make it more obvious for others to know which network they are connecting to.
This setting is usually under the basic wireless settings in your router’s settings page. Once this is set, you will always be sure that you are connecting to the correct Wireless network.
Enable Network Encryption
If someone gains access to your Wi-Fi network, they could attempt to do other bad things like snoop on your local file shares or use your connection to downloaded copyrighted content and get you in trouble. Running an open Wi-Fi network can be dangerous. So, you need to encrypt your wireless signals.
There are several encryption methods for wireless settings, including WEP, WPA (WPA-Personal), and WPA2 (Wi-Fi Protected Access version 2). And don’t use the weaker WEP encryption. To enable encryption on your Wireless network, open the wireless security settings on your router’s configuration page. choose WPA2. Enter a passphrase to access the network; make sure to set this to something that would be difficult for others to guess.
Turn Off WPS
Wi-Fi Protected Setup or WPS is a method for setting up a new wireless router for a home network which includes a way for users to set up the network via Router PIN.
By default, Router PIN is enabled. The WPS standard requires a PIN, usually printed on the wireless router or access point itself, to be used during the device setup phase. The vulnerability discovered in WPS makes that PIN highly susceptible to brute force attempts. A successful attack on WPS allows unauthorized parties to gain access to the network. Since only the Router PIN method is vulnerable to brute force attack, so we recommend disabling this function to best protect your network from invasion.
Change the Router’s Local IP Address
If you’re really suspicious, you may be able to change your router’s local IP address. For example, if its default address is 192.168.0.1, you could change it to 192.168.10.1. This step isn’t completely necessary, especially since it wouldn’t protect against local attackers — if someone were on your network or software was running on your PC, they’d be able to determine your router’s IP address and connect to it.
Enable Hidden Wireless
Hidden wireless networks are those networks which do not broadcast their Network ID (SSID). While not that many people use such networks, some have the feeling of a bit more security to have their home wireless network hidden from unwanted guests.
This setting is usually under the basic wireless network settings in your router’s settings page.
Filter MAC addresses
Whether you have a laptop or a Wi-Fi enabled mobile phone, all your wireless devices have a unique MAC address, just like every computer connected to the Internet has a unique IP address. For an added layer of protection, you can add the MAC addresses of all your devices to your wireless router’s settings so that only the specified devices can connect to your Wi-Fi network.
You can go into your router settings and physically type in the MAC address of only the devices you want to allow on the network. You can also find the “Access Control” section of your router to see a list of devices already connected, then select only those you want to allow or block.
Upgrade your Router’s firmware
Just like with your operating system and browsers and other software, people find security holes in routers all the time to exploit. When the router manufacturers know about these exploits, they plug the holes by issuing new software for the router, called firmware. Go into your router settings every month or you should check the manufacturer’s site occasionally to make sure that your router is running the latest firmware.