SECURITY TIP: Lock Down Your WiFi Router
While we’ve been focusing on the security of our desktop PCs, laptops, and mobile devices, malware-manufacturing miscreants have been exploiting the most overlooked computer in most homes and businesses: the router. Here's what you need to know…
Is Your Router Secure?
For those who have high-speed Internet, the router is the little box that connects your home or office to the Internet. And they are the latest target of the online criminal classes.
A legion of hacked consumer-grade routers were used to launch distributed denial-of-service (DDoS) attacks that brought Sony and Microsoft gaming networks to a halt over the last holiday season.
And now, according to researchers at the Fujitsu Security Operations Center, hundreds of hacked routers are being used to distribute malware that steals login credentials by redirecting browsers to rogue websites that imitate financial institutions.
A router can be compromised by changing its settings. For instance, substituting a hacker’s rogue DNS server address for that of a legitimate DNS server would redirect browser requests to a fake website. But a router can also be remotely reprogrammed with firmware that includes malware and instructions for distributing it, turning the router into a slave in a botnet.
It's unsettling that the researchers are not sure how bad guys are gaining control of routers. They speculate that users are to blame for not changing the factory default administrator login credentials when they set up their routers. Most often, the default credentials are published online; always, they’re simple and easily guessed. But I can’t lay all the blame on users.
Configuring the Router
Certainly, the first thing you should do when installing a new router is change the administrator’s userid and password to something that only the administrator (which is probably you) knows. Conventional wisdom says the password should be long and complex, but that really isn’t necessary if you make one other simple change to the router’s settings.
Most routers are shipped with “remote administrative access” or “remote management access” enabled by default. That means the administrator can log in to the router from any device connected to it. That’s convenient for admins but dangerous.
Disabling remote administration means that the admin must log in via a hardwired connection between the admin’s computer and the router’s Ethernet port. It doesn’t matter if your userid is “admin” and your password is “password.” Only someone who has physical access to the router can log in and fiddle with its settings or install new firmware.
In a home or small office, it should be easy to control who can plug an Ethernet cable into the router. But to protect against an “inside job,” the admin’s login credentials should still be changed to something non-obvious. I've visited coffee shops and motels with wifi routers that were completely unprotected. If I was malicious or mischievous, I could have logged into the router and changed the settings so that anyone who tried to access a website would be redirected to an inane cat video on Youtube.
Even if you doubt that your family, guests, or employees might hack your router, it’s entirely possible for their devices to be infected with malware that will attack a router. Denying admin access to the router foils such attacks, even if they come from machines that are connected to your local network.
I can't give specific instructions on exactly how to login to your router and change settings, because each model has a different interface. But the first step in every case is to find the address of your router. On Windows, open a Command Prompt, then enter the ipconfig command. The output will look something like this:
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . : 192.168.1.1
Look for the "Default Gateway" line, and you'll find the router address there. (Mac users can click the Apple icon, then “System Preferences” and “Network”. Your default gateway will appear next to “Router”.) So in this case, you'd open your browser and enter http://192.168.1.1 in the address box. You should be greeted with a prompt to enter your router's login and password. If you don't know the router's username and password, check with your Internet service provider.
NOTE: Your router's username and password is NOT THE SAME as your wifi password. The former allows access to your router's configuration screens, while the latter allows you (and others who know the password) to access the Internet via wifi.
For Extra Credit…
Here are a few other steps you can take to improve the security of your wifi router:
Switch to OpenDNS, an alternative to the DNS servers from your Internet provider. See my article OpenDNS - Faster and Safer Internet for details on how this can improve security, and how to make the change.
Change the router's SSID (network name) to something of your own choosing. Your router's SSID is broadcast to others nearby who are searching for wifi networks. Often the default name is "linksys" or something else that gives away the make or model of your router. That only makes a hacker's job easier.
Consider updating your router's firmware. Think of this as the operating system that controls your router. After logging into your router, look for an option called "Firmware Upgrade" or similar. On my Verizon FIOS router, there's an option to automatically check for available firmware upgrades, and even install them automatically. But those are turned off by default. Check with your Internet provider first if you have questions about where to download updated firmware.
Is YOUR wifi router secure? Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 10 Jul 2015
|For Fun: Buy Bob a Snickers.|
Voice Recognition Hacking
The Top Twenty
Google’s New Spam-Fighting Tools
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- SECURITY TIP: Lock Down Your WiFi Router (Posted: 10 Jul 2015)
Copyright © 2005 - Bob Rankin - All Rights Reserved