Things to do to secure your router.These notes assume a new, out-of-the box router serving a simple home or small office network with only modest security needs. If you have a complex network or greater than normal security requirements, you will find this advice to be inadequate.
Use WPA2 security with AES encryption and a good password.
Disable WPS. Ideally you would then test to ensure that it is disabled, but I know of no way to do this.
Check your router’s port 32764. First, test from the outside. Then, test from the inside: in any web browser inside your LAN, attempt to view http://192.168.1.1:32764, changing the URL to that of your router. A “page not available” response means the port is closed and your router passes the test.
If your router fails any of the above tests or if it does not allow you disable any of the above services, then take action. Your options are:
- Update the router’s firmware to the latest stable version provided by the manufacturer. This would be the easiest choice.
- Replace the router’s firmware with well-regarded open source firmware such as DD-WRT. This would be my first choice.
- Buy a new router, then cross your fingers as you repeat the tests above.
- Replace the router with a computer running dedicated firewall/router software, such as Smoothwall. Any old retired computer too elderly for normal use would do. This is overkill for the usual home network, but it’s the most secure and robust option, a fun DIY project, and is what the big boys do.