Thursday, August 7, 2008

Configuring your router

You plug your router into the broadband modem, plug your computer into the router, and you’re on the internet. Ah ha! Everything must be set up correctly, right? Wrong!

The security your router provides you is only starting when you take it out of the box. As soon as you install it or after you have to do a reset (not just a reboot) of the router, you should check to ensure that your settings are still valid. Everything we recommend for your router will help with your security.

Every router’s configuration screens are different so these tips are necessarily generic. If the router has a setup wizard, it may not cover all of these features so we recommend after you run the wizard that you go back and check all of the settings.

• Open your browser and connect to your router. Find the IP address of your router with these instructions . The router is (typically) the default gateway. Or, you may be able to connect to the router using other instructions in its documentation. The documentation will give you the user name and default password you need to get in.

• Follow the wizard, if available, or instructions to ensure you are connected to the internet.

• After the wizard is completed, click on every button or tab to be sure you have completed the following tasks.

• Change the logon password. You probably cannot change the user name, but choose a non-trivial password of 6-10 characters.

• Disable remote access. Some routers allow you to configure them from the internet. This is a no-no.

• Set the wireless security. You will have a choice of WEP or WPA. “No security” is not acceptable and WEP is no better. WPA may have several options. Any of them is acceptable although you may have to experiment to find a schema that is compatible with your wireless devices. Some non-computers may not support WPA in which case you will need to make some hard choices. Without security, the information on your network is vulnerable to anyone within 300-1000 feet.

• Choose the wireless password. Use a password of 13-63 characters. There may be some limitations on your router such as it only accepts exactly 13 or 26 characters. Don’t worry that this is an ugly password. You’ll keep it on a flashdrive and only need to enter it in your portable computer once.

• If you do not need any wireless computers, turn the wireless off.

• Disable UP&P. This feature was created so some online games or other peer-to-peer programs could automatically give others on the internet access to your computer. Unfortunately, it can also allow malware to give bad guys access to your computer. You may wander through all your configuration screens and still not see it; but if you do, turn it off. If you find that a program or non-computer device on your network like TV adapters or video game consoles are missing features, you will need to make some hard choices. Insist that the manufacturer give you instructions to give their devices adequate access without UP&P. It is an idea as out-of-date as a car without airbags.

• That’s most of the security features you need to configure on your router. There are other settings you can change, but they belong in another article.

• Document what you’ve done. At the very least, write down the instructions to access the router, reset it to factory defaults, the default user name and password, the current user name and password, and the wireless password. Tape this information to the top of the router. This is not like sticking your password on the monitor of your office computer. If someone has physical access to the router, they can reset it themselves.

Disclaimer - Home Page - Blogs Home

No comments: