You bought a new router.....now what?
Steps to better secure your router
Routers nowadays are plug and play right out of the box. But unfortunately, securing a router is not as simple.
WHY DO YOU NEED TO SECURE ? WHATS THE RISK?
Leaving your router unprotected will allow hackers monitor your Wi-Fi transmissions and collect data while you are browsing the internet. Using this data they can get your passwords and other private information.
The good thing is that most routers, will have the WPA2 encryption protocol automatically enabled by default. This adds some security to your routers Wi-Fi network.
Setting up your router
what the F*ck is the difference between WPA/ 2 & WEP
What is WPA/WPA2?
WPA/WPA2 is an encryption protocol to obfuscate your data that is transmitted via Wi-Fi. It replaced WEP, which was the previous protocol that was used for Wi-Fi encryption and was found to be easily cracked by most modern computers .
If I am scanning your Wi-Fi with my computer and you are using WEP, I can eventually discover your router's password. From there, I can start just collecting all the browsing data that you are doing on your computers. WPA/2 is a better encryption protocol making it harder for me to decrypt your password.
Even though by default routers have this new protocol enabled, your router has other points of access that hackers can use to gain entry. Below are the steps I taker to set up a router securely.
1. Connect your computer directly to your router via an ethernet cable, then navigate to the router management web page that is mentioned in the booklet that comes with the router. Use the username and password to access the site.
If you lost the booklet, you can type your IP address into your web browser, and then change the last number to 1 to access the page. Here is an example link: 192.168.0.1
Below is a how-to geek article on how to find your IP address.
2. The next thing I do is change the admin’s page default password, because there is malware that will use a default password list to break into a router. There are also web sites that have a list of default passwords.
You can change this in the settings page alongside the username to be extra safe.
3. I then change the Wi-Fi name and password since the name tells the model of the router, making it easier for hackers to find malware.
Make your new password at least 12 characters or more and something that you can remember.
If you are super paranoid, you can enable a guest network and give that to people who visit. There usually is an option to isolate this network.
4. Next, I check that WPA2 is actually enabled. For the encryption type pick WPA2 Personal + AES (CCMP).
5. Finally, I check that the firmware of the router is up to date in the settings. Updating prevents most malware from affecting your router
In your admin dashboard, there will be an option in the settings page to do this automatically, but you can also check for updates on the routers company support page.
After this, the router resets, you are done. Once you do these steps, then you have a hardened your home network from them, dastardly hackers. While you won't be 100% protected, it will make you less of a target than other open Wi-Fi networks.