How to securely configure a wireless router - field-engineer/workmarketplace GitHub Wiki

That wireless router that is in your living is essentially the core of your entire home network. Almost all your devices are linked to it and your modem to connect to the Internet. If you do not protect it properly, then all things that connect wirelessly to it are potentially vulnerable to attack.

There are small and simple measures that can be taken to secure a router. If you do, online security is not fully guaranteed - it threatens malware and other Web-based threats, but not doing so is like leaving the chicken house door open in an area where you simply do not know if there are foxes or not. It is always better to err on the side of caution. Enterprise routers are basic product for any business/enterprise.

Each router creates a model that offers different features and presents a different interface, making it difficult to give precise instructions on how to configure one. However, almost all have a basic set of security settings accessible through the router's management interface.

Before submerging in the back end, however, it is necessary to protect with the router's password. Setting up a secure and unique password for accessing the wireless network is the first thing you should do after connecting the router to the modem. Most - if not all - new routers (not used ones) come with a CD or some other configuration wizard. If you have purchased a used router, which I do not recommend, the manufacturer probably has a downloadable version of the configuration wizard somewhere on your website. When going through the wizard, you will probably be asked if you want to password protect the router, what you should do, and it will allow you to do so without having to access the back end. The assistant can also ask you if you want to set up a guest network.

I recommend doing this too, configure it and protect it with a strong password. In this way, if one of your friends accidentally approaches with a terribly contaminated machine, it will be quarantined for the guest network and will not be able to interact with the network at all.

If your router does not come with a configuration CD, it probably has a small blue button on the back or both. In some cases this button does not exist and you have to enter the PIN number. Either way, the router is likely to have a WiFi Protected Setup (WPS) function. You should definitely use this unless you know something about the configuration of wireless networks (in that case I think you would not be reading this). The installation CD can probably configure the WPS. This is "an optional certification program designed to facilitate the implementation of Wi-Fi networks with security enabled in the home and small office." In other words, it makes all configuration work quite difficult for you. It's a great starting point,

To enter the administration interface, it is necessary to find out the make and model of the router you are using. Once you know this, you can search Google for the brand and model number plus the IP address. If you enter the IP address in the address bar, you will be presented with a login field. Do another search on Google asking what username the router has and the password. Once you have the combination "username-password", which is something very simple, you can access the back end. Some router setup wizards will automatically change the administrator password with the password you use to access your wireless network. Therefore, if the password does not work, try your wireless access password.

This would be my warning: you can seriously hinder your ability to be online if you play the administrator, but you will not do any harm if you do not change anything. Therefore, access to the backend router is perfectly safe, be careful not to mess with something there if you do not know what it is. If you break something, it is best to restore the factory settings and start the configuration process from scratch. If your password to access the router is the same as the wireless network password, then you are on the right track. If you can access the backend with the password - or if you want more security - it is necessary to change the router password, but we will get to that in a moment.

First things first: Make an ENCRYPTION. Not any encryption, but high security. WPA or WPA2, this combination is ideal. WEP is older and weaker and should be avoided if possible. It is likely that, if WPS is used to start it, WPA or WPA2 will be enabled, and all data passing between the devices and the router will be protected with high security encryption. This is also a good time to make sure that the firewall is enabled for IPv4 and IPv6 traffic. Once again, if the WPS has been used, they must be enabled. The VPN activation pass should also be enabled, and probably by default.

In the management interface of most routers, you will see the "Wireless" tab. Inside this one it is probable that there is a section called "wireless security". If you click on that, you should see the password - maybe even in text without code. If you ever have to change the wireless access password for any reason, this is where you can do it. There is also another section entitled "Administration". Within that tab, if it exists, you will see a field that says something like "Router Password" This is where you can change the password you use to access the administrative interface of your router. Is that why it is set to a default password. This section should also have a number of other security options. On the one hand, you probably have a button that allows you to activate HTTPS. The activation of this will encrypt your access and protection data against the "man-in-the-middle" and other similar attacks of interaction with the server. However, I recommend not turning on the function, or doing it with caution, since the router's back-end interface worked a lot the first time HTTPS allowed me. If you have time and patience, it is undoubtedly the best practice to activate HTTPS, but it can work from time to time for usability and certificate problems. More importantly, make sure that remote administration is disabled. This way, if someone wants to even try to access the backend of the router, he or she will have to be connected to the network. If you want to be more secure, you can disable wireless access, so, to access the backend, the user must physically connect to the router with an ethernet cable.

The administration tab can also include a subtab that allows you to update the firmware that the router controls. Some bugs arise from time to time in the routers, so manufacturers usually update the firmware. Unlike operating systems and other software, router manufacturers do not send these changes to their users.

That's why you have to download them by yourself. To do this, just look in Google brand and model of your router more "firmware update". Next, you should find out which version of the firmware is being used. There must be some indication of the firmware version visible in the backend interface. On the manufacturers site, there will be a link to your firmware version, and that link will let you know if you need to update. To update simply download and save the update file, and then go to the firmware update section of the backend interface, and follow the instructions. It is usually as simple as clicking on a "Browse" button and browsing or searching through the files on your computer and selecting the firmware update file that you just downloaded.