Attention Guest: Please make sure that you are using a unique password to login to MESO. If you have used your MESO password on another website, change it immediately. You should NEVER share the same login credentials on multiple websites.

Have you thought about your router?

Discussion in 'Security, Privacy & Anonymity' started by TS561, Oct 7, 2016.

  1. TS561

    TS561 Member

    We often focus our security measures on the device(s) itself. However, that old adage about chains and weak links has serious implication when it comes to our home networks. Honestly, the majority of people are probably just looking to steal Wi-Fi. But wherever they go, whatever they do, it will track back to you. So even if they aren't looking to steal your info. It is still a potentially bad situation. If you are unfamiliar with how to perform any of these tasks. Just a quick search will give you step by step instructions. Nothing is full proof, but taking these steps may enhance your network security a great deal.

    1) Change default admin username and password:

    I know what you may be thinking, but people overlook this sometimes. Remember, this is about access to admin privileges. Not access to your network.

    2) Enable WPA2 Wireless Encryption:

    If you're using Wired Equivalent Privacy (WEP). Upgrade to WPA2 (AES 256 encryption). WEP can be cracked with the right tools in seconds.

    3) Turn on “Stealth Mode” if you have the option:

    Basically, this will keep your router from responding to any pings from port scanning tools. Just think of an open port as an open door. Not a good thing. Not every router has this option though.

    4) Change your SSID (Wireless Network Name):

    Change your SSID to something unique and unrelated to you. If you are using your the default name. Such as Netger-xx-xx or whatever. This gives the would be intruder more information. There are pre-built hacking tools designed to reverse look up password hash. Do a quick search for “Rainbow Tables and Passwords”. You will see the potential threat.

    5) Checking the Router's Firewall:

    Most will already have the router firewall enabled. However, there is no harm in checking your settings. Also, there are on-line tools to test how effective your firewall is. If you do this, only use clear net sites and review them(the site/testing tools) before performing any test. Also, if you multiple firewalls (AV, Hardware, etc.) make sure they are not conflicting.

    6) Install a VPN on the router:

    I am confident that just about everyone will know what a VPN is, how it works, and that you need a certain level of trust in your VPN provider. So, the benefit to installing a VPN on the router is straight forward. All devices on the network will receive the benefits of using a VPN. Some routers may not support a VPN. Check your manufactures info for details.

    7) Turn off "Admin Via Wireless" feature in settings:

    By doing this, only someone who is physically connected to your router with an Ethernet cable can access the admin features, and thereby make changes.

    8) Make sure “Remote Management” is off:

    This feature is generally disabled by default. Basically, IF it were to be on. Anyone with internet access and your router IP could potentially make changes. Of course, they would need the user name and password.

    9) Update the router Firmware:

    If you are using a router provided by your ISP. Then it will probably be set to update automatically. No matter the case, checking for yourself is usually a good idea.


    If any member has any additional suggestions, critiques, or info. Please post, it will help everyone have a more secure home network.
     
    Redux1, Tom, hurricane and 3 others like this.
  2. MindlessWork

    MindlessWork Member AnabolicLab.com Supporter

    A very good guide and as a systems administrator, I feel this is something I would also never overlook on my own home network.
     
  3. franchise24

    franchise24 Member AnabolicLab.com Supporter

    Informative guide well put together.
     
  4. hurricane

    hurricane Member

    Great info brother. Working with the DOD I would say your best piece of advice is a VPN. It is a must. You can still be compromised, but it will take a skilled hacker with the right equipment to do it. Great advice!
     
    franchise24 likes this.
  5. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    Funny thing is is you have two wifi signals one of them is providing internet to the customer of that service aka hot spots. I believe some of these companies got in trouble I don't remember