Securing Wireless Networks

Categories:

Recommended

Router

The starting point is the Router. Most modern home routers are actually 3 devices in 1 for convenience. Usually they consist of a “Modem + Router + Wireless Access Point, but for simplicity, I will call it router throughout this guide. A router is the gateway between our local network and the internet which is considered an external bigger network and most of them (almost all) comes with preconfigured firewall settings to block malicious attacks or unauthorized connections from the internet (the bigger, external network) from passing through this gateway and most of these settings do an OK job of filtering all unwanted access from the internet, but we are focusing in this guide on the the other settings that might allow someone to gain access to your local network by connecting to your WiFi network (which means they have to be in the proximity of your wireless network) or by connecting to your router from the internet (the outside network) through a misconfigured settings in the router. If you are in the market for a new router, then you should invest some time in reading reviews about the device you are going to buy and search for known issues or vulnerabilities with a simple search phrase like “TD-W8970 Vulnerability” and that should be enough to know if there are any issues with the device. Known Issues that is. If you already have a router, then it’s also an important step to search for any related issues or vulnerability and also update the firmware if there are any updates from the manufacture. There are 2 main ways to connect to your router’s settings and they are:

  • Local Access
  • Remote Access

Local Access

Local Access means connecting to your router from your local network. In other words, from any of the devices that are connected to your WiFi network or from any device connected to your router via a LAN cable. This is the default way you should use and the more secured than Remote Access method. There are sub methods under Local Access to connect to the router, but the best and simple way for a home user is to connect to the router via the web interface meaning you connect to the router using your internet browser (such as Chrome, Firefox, Safari, and..ehm..Internet explorer or Microsoft Edge) and you do so by typing the Local Internet Protocol Address (Local IP for short) in the address bar of the browser and most routers use the IP “192.168.1.1” or “192.168.1.254” out of the box, but if you don’t get to a page using those 2 addresses, then review your router’s manual.

Some devices will have the option to only allow devices connected to the router via the LAN cable to get to the router settings and most routers will come with a short cable that you can use for this purpose. You should enable this option if it exists to limit the access to the router’s settings page and use the cable whenever you need to access it.

Access Control

After connecting to the router’s settings page, You will be asked for a user-name and a password and if the device is new or You’ve never changed them, they will be “admin” and “admin” for both. You can review the device’s manual or search the internet for your router’s model and “Default password”. The first thing you should do after logging in, is change the default user-name and password to something else, because as you guessed, everyone would know and try them if could reach the router’s page. You would be amazed by how many routers are still using the same default credentials and accessible from the internet through the remote access option which are even periodically cataloged by search engines such as Shodan. You should use a strong, unique password that have no meaning to you or in the language such as “bwpFW93F#fm20BN” or “HeLuWK2038Be30” and if Your router allows You to change the user-name, You should change it from “admin” to anything else and preferably not your name or a name that has any connection with you, if possible. You should also make sure that if Your router comes with hard-coded users such as “user” and “support”, that You change the password for those as well.

The layout and the naming of sections could be different from router to router, but you should be able to figure out what you are looking for in a little time with the help of this guide and your router’s manual or of course, the internet. Under this section (Access Control) You will also find the remote access option and should disable it. All the sub option under remote access should be disabled and enabled only when needed for a short amount of time.

Category:

Attribution

Mohamed Adel, Securing Wireless Networks, URL: https://mohamedation.tk/securing-wifi/index-en.html

This work is licensed under Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0):  (https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en).

VP Flipbook Maker

Showcase your work with a digital flipbook and provide your readers with an awesome reading experience! Visual Paradigm Online is a professional tool support flipbook conversion and creation. Try it now!