Setting up a wireless router is easy. Basically, you turn your cable or DSL modem off and your wireless router on. Connect the router to the modem with a cable and turn the modem on. You are mostly done. The system will automatically detect the router and if no other ISP specific settings are required, you are good to go.

To make setup easy, manufacturers ship routers with security settings disabled. This is where the problem lies, because if you do not take any further steps to secure your router, which happens quite often than you’d think, your system network is open to strangers. In fact it’s inviting them over.

Bots over the internet search for routers with default settings, basically the username and password. They scan for these details and gain access or malicious websites that have JavaScript embedded so that when you unknowingly or knowingly click on them, they gain access to your system and configure your router’s admin settings.

How to check if your router has malware:

  1. Go into your router’s web-based interface.
  2. Check the network connection’s gateway address.
  3. Once signed in, check for DNS settings.
  4. It must be on automatic.
  5. If on manual and there are DNS servers, there may be a malware on your router.

It is relatively easy to secure your wireless router. Here are three basic steps you should take to protect your router from Malware.

1. Password protect the access to your router’s internal configuration
To access your router’s internal setup, open a browser and enter the router’s setup URL. The URL will be specified in the manual. The URLs for D-Link and Linksys routers, the two major manufacturers of wireless routers, are http://192.168.0.1 and http://192.168.1.1, respectively.

For Linksys routers, leave the user name blank and type “admin” (without the quotes) in the password field and press enter. To change the password, simply click on the Password tab and enter your new password.

For other routers, please consult your manual. Alternately, you can search on the Internet with the term “default login for”. Don’t be surprised to find quite a number of pages listing default login parameters for many different routers, even uncommon ones.

2. Change the default SSID (Service Set IDentifier)
The SSID is the name of a WLAN (Wireless Local Area Network). All wireless devices on a WLAN use SSIDs to communicate with each other.

Routers ship with standard default SSIDs. For example, the default SSID for Linksys routers is, not unsurprisingly, “Linksys”. As you can see, if you don’t change the default SSID of your router a would-be intruder armed with a few common SSIDs from major manufacturers will be able to find your wireless network quite easily.

To change the SSID, click on the Wireless tab. Look for an input item labeled SSID. It will be near the top. Enter a new name for network. Don’t use something like “My Network”. Use a name that is hard to guess.

3. Disable SSID broadcast
Wireless enabled computers use network discovery software to automatically search for nearby SSIDs. Some of the more advanced software will query the SSIDs of nearby networks and even display their names. Therefore, changing the network name only helps partially to secure your network. To prevent your network name from being discovered, you must disable SSID broadcast.

In the same screen that you changed the name of your network, you will see options for SSID broadcast. Choose “Disable SSID” to make your network invisible. Now save all your settings and log out.

Since your wireless network is now invisible, you will have to configure your computers to connect to your wireless network using the new name. On Windows, start by clicking on the wireless icon in the Notification Area and proceed from there.

Make sure that the firmware updates of your router are set to Automatic. Most routers don’t have the options for security purposes. But make sure that the firmware is up to date on the latest protocols.

The following three steps will activate basic security for your network. You can secure the network further if you have sensitive information on the system by:

  1. Changing the channel your router uses to transmit and receive data on a regular basis.
  2. Restricting devices that can connect to the router by filtering out MAC (Media Access Control) addresses.
  3. Using encryption such as WEP and WPA.

Router security must be considered as a tradeoff between cost and benefit, which is time, money and inconvenience to ease of use. The three basis steps plus WEP/WPA encryption should provide enough security for a majority of homes.

To turn on encryption, you must first configure the router using an encryption of your choice and then configure the computer to use the encryption key. The process varies from router to router and you must consult the manual first.

RADIUS (Remote Authentication Dial In User Service) is an ubiquitous term for enterprise and not used until needed. If your company or business has sensitive information like card details or financial info and there are several users over the network, RADIUS should be the ideal choice. You can find more than enough information over the internet about your local RADIUS service providers.

Comments

comments

SUBSCRIBE VIA EMAIL

Signup for our newsletter and get notified when we publish the latest Tech related posts, videos, reviews and more. Don't miss out!