Securing a router

Things to do to secure your router.These notes assume a new, out-of-the box router serving a simple home or small office network with only modest security needs. If you have a complex network or greater than normal security requirements, you will find this advice to be inadequate.

Use WPA2 security with AES encryption and a good password.

Disable WPS. Ideally you would then test to ensure that it is disabled, but I know of no way to do this.

Disable UPnP, then test to ensure it is disabled.

Check your router’s port 32764. First, test from the outside. Then, test from the inside: in any web browser inside your LAN, attempt to view, changing the URL to that of your router. A “page not available” response means the port is closed and your router passes the test.

If your router fails any of the above tests or if it does not allow you disable any of the above services, then take action. Your options are:

  • Update the router’s firmware to the latest stable version provided by the manufacturer. This would be the easiest choice.
  • Replace the router’s firmware with well-regarded open source firmware such as DD-WRT. This would be my first choice.
  • Buy a new router, then cross your fingers as you repeat the tests above.
  • Replace the router with a computer running dedicated firewall/router software, such as Smoothwall. Any old retired computer too elderly for normal use would do.┬áThis is overkill for the usual home network, but it’s the most secure and robust option, a fun DIY project, and is what the big boys do.

About Warren Post

So far: Customer support guy, jungle guide, IT consultant, beach bum, entrepreneur, teacher, diplomat, over-enthusiastic cyclist. Tomorrow: who knows?
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s