The bad news: most people give no second thought to their routers. This lack of know-how, puts many of the households in a dangerous position. The United States Computer Emergency Readiness Team (US-CERT) has issued an alert about the Russian state-supported hackers execute attacks against a large number of home routers in the US
Some routers are inherently flawed and can never be resolved. Here is a list of routers that no one should be used. Make sure that you are not on the list.
To help beef-up your router security, here are five tactics for protecting your own network, devices, and files from hackers.
First, check your router admin page
Before you begin, make sure that you can get in to your router administration console; this is where you manage your router settings, including the management of the passwords for the firmware updates.
First, make sure that your computer is connected (wired or wireless) to the router, open a web browser and type in the router’s IP address. The IP address is a series of numbers, and the default is depending on your router manufacturer. The most common are 192.168.1.1, 192.168.0.1 or 192.168.2.1.
If you don’t know what your router’s IP address or password, it is on the internet. Here is a site that gives you both in a matter of seconds. Note: hackers know about this site!
1. Select the best encryption
Criminals love unsecured Wi-Fi networks. Security of your Wi-Fi network can also be a shield from unwanted connections that may be using your network for illegal activities.
This is why it is important to protect your Wi-Fi network using strong encryption. If you need to enter a password to connect to your Wi-Fi, you already have any encryption enabled on your router.
There are different types of Wi-Fi encryption, and you need to make sure that this is the most safe one you can use.
The most commonly used Wi-Fi security protocol is still Wi-Fi Protected Access 2 (WPA2) encryption. However, this standard is more than a decade old, and is already prone to severe security issues like 2017’s KRACK attack.
If you are shopping for a new router, look for one that supports the latest security standard WPA3. These models have just begun to roll out. Each router has a different menu layout, but you should be able to encryption under the “Wireless” or “Security” menu. You have a number of options for encryption; if you have an older router, you want to select the one that starts with “WPA2”. If your router does not have WPA-3 compatible, “WPA2-PSK AES is your best option now.
However, if you have older Wi-Fi gadgets, you might have to choose the hybrid option “WPA2-PSK AES + WPA-PSK TKIP” to make them work.
Never choose Open (no security), or if the use of WEP, change the setting immediately. An open network will make it easy for someone to steal your Wi-Fi, and the older WEP security is easily hacked.
If the only encryption options your router has are WEP or WPA, tell your router to check for a firmware update. Look in your manual for the instructions.
Without the manual? Try ManualsLib, or ManualsOnline, which both have hundreds of thousands of manuals, from routers to refrigerators to everything you could need.
If there is no update of the firmware of your router of updates, but you are still using WPA or WEP, it’s time to buy a new router. These encryption methods are too unsafe to use, plus it means that your router is probably more than 7 years old.
Click here to learn how to keep criminals off your Wi-Fi with ease.
2. Pros an additional separate network
A good tactic is to get the visitor devices on a separate network. You can do this by setting up a completely different Wi-Fi router or the switch on your router “guest network” option, a popular feature for most routers.
Guest networks are provided for the visitors of your house a Wi-fi internet connection, but you do not want them to access the shared files and devices within your network.
This separation will also for your smart devices, and it can protect your most important devices of specific Internet-Of-Things-of-service attacks.
To avoid confusion with your primary network, set up your guest network with a different network name (SSID) and the password. Make sure you have a strong and super-secure
password to your guest network. You do not want crooks and strangers mooching for security reasons.
Newer routers do this segmentation automatically. This feature allows users to make Internet-of-Things devices on a separate network, foreclosure of your central computers and other personal gadgets of attacks.
With this virtual zoning of your network, you can still have the ability to take all your smart devices and hubs to communicate with each other, while keeping your main computing gadgets safe in case of an Internet-0f-Things attack.
Also, if you’re worried about “wardrivers” or people roaming around looking for Wi-fi spots to hack, you can disable the broadcasting of your network and your guest network name (SSID).
3. Use the free parental controls
To protect your children from inappropriate sites, most routers have a built-in content filters, parental supervision, and the time on the basis of disability.
To enable these filters, visit your router’s administrator page or app again and look for a section called “Parental Controls” or “Access control.” Here you can choose what kind of sites to block access to, set the schedule on when the filters are in operation and setting a curfew hour for certain gadgets.
You can also set filters for specific IP and MAC addresses. The disadvantage of this method is the inconvenience and it takes a bit of technical skill to pull this off. The good thing about this is that you get a map of all your connected gadgets and their associated ip addresses.
To make this a little further, turn on the MAC (Multimedia Access Control) filtering. With MAC filtering enabled, you can specify which MAC addresses are allowed to connect to your network at certain times. Note: MAC addresses can usually be found in the gadget settings, label or the instructions for use. Look for a set of 16 alphanumeric characters. (Here is an example of what a MAC address looks like this: 00:15:96:FF:FE:12:34:56)
4. Turn on the VPN
You’ve probably heard of a VPN (Virtual Private Network), that is an excellent way to protect your online security and privacy.
With a VPN, your gadget IP address is hidden from websites and services you visit, and you are able to browse anonymously. Web traffic is encrypted, which means even with your
internet service provider allows your online activities. It is a good way to hide your internet tracks by cyber criminals.
VPN services are usually accessible via software, but some newer routers can be configured with VPN capabilities directly in the router itself. Instead of protecting each gadget is protected with a private VPN service, your router protects each connected device.
Routers with this open source router software support (such as DD-WRT), and they can be configured for the use of services such as OpenVPN.
Currently, there are a variety of open source and OpenVPN routers to choose from, but the most popular models are the Linksys AC3200 and the Netgear Nighthawk AC1900.
5. Turn on and test the firewall
A valuable tool that can protect your router from hackers is a firewall. Even if they manage to know that your router location and IP address, the firewall can ensure that they get access to your system and your network.
Almost every new router has a built-in firewall protected. They may be labeled differently, but look for the functions under your router’s advanced settings such as NAT filtering, port forwarding, port filtering and services block.
With these controls, you can configure and give your network an outbound and inbound data ports and to protect it from intruders. Be careful when adjusting your port settings, as a wrong port setting can your router is vulnerable to port scanners, which allow hackers the chance to slip in the past.
To check whether the firewall of the router and your ports are connected, you can use this online tool for a quick test.
What the digital lifestyle, if you have any questions? Call my radio show and click here to find it on your local radio station. You can listen to the Kim Komando Show on your phone, tablet or computer. Of the buy of an opinion to the digital world problems, click here for my free podcasts.
Copyright 2019, WestStar Multimedia Entertainment. All rights reserved.
Learn about the latest technology on the Kim Komando Show, the nation’s largest weekend radio talk show. Kim takes calls and provides advice on today’s digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, newsletters and more, visit her website at Komando.com.