Setting up a home network router is relatively complicated for the average user. Therefore, to make the setup even simpler, router manufacturers have added buttons and default settings to make this process easier than ever. And from a security perspective, we can see many vulnerabilities that hackers can penetrate.
Therefore, to improve the security of the network connection when working from home, you should change some of the default settings on the router according to the following tips.
1. Change the encryption standard you trust to avoid “illegal” connections
If someone is able to access your Wi-Fi network, they might try changing the settings on the router, or do harmful things like scouting for your private files or even. is using your network to carry out illegal attacks. In general, using an open Wi-Fi network is always a bad choice.
If you set a strong password for your router, then you’ve taken the first step in securing your network (rather than leaving it open to everyone at will). With the passphrase set on a modern router, chances are you’re using WPA or WPA2 encryption.
WPA, or Wi-Fi Protected Access, is a 256-bit encryption protocol, more secure than the older and weaker WEP standards, using 64 or 128 bit encryption. WPA2 enhances WPA by using a stronger encryption algorithm. It uses Advanced Encryption Standard (AES) algorithm which is more secure than WPA combined with TKIP algorithm (Temporal Key Integrity Protocol) itself.
Many routers offer a mode that combines both WPA and WPA2 so older devices can also connect to your network, but WPA2 has been around for more than 10 years so most devices today are WPA2 compatible. . When choosing the security mode for the router, usually the user will choose WPA2 – also known as WPA2-PSK (AES) – and only switch to mixed mode if you have old devices that cannot connect to the network. protected with WPA2.
2. Change the router’s internal network address
The crook can know the default username and password on the router and then access and modify some information such as the Passwork Wi-Fi for unauthorized use through the router’s internal IP address. If you are an extremely meticulous person, you might consider changing the default IP address of your router on your local network.
The router’s default IP address is “192.168.0.1”, and you can change this to 192.168.0.X, where X <255. If the router's firmware has a security hole, or in the case when a piece of malicious code from the browser tries to spread to the local network through IP addresses that the malicious code has anticipated, changing the router's IP address reduces potential security risks. This step of protection is not strictly necessary, since people who have the ability to access your network or your computer will still be able to find out the router's new IP address with relative ease. 3. Take advantage of the Parental Control feature
In many new lines of routers, manufacturers have added Parental Control for parents to manage children’s Internet access. This feature can be used to filter content, restrict online hours, and specify which websites can be accessed. You can even disconnect Internet access completely according to a set schedule.
Parental Control can work on a device-by-device basis, such as based on the MAC address of a child’s iPad or laptop, or by creating accounts that “ignore” adults in the family so they can not affected by unlimited control and access restrictions.
4. Use the VPN feature
Installing a VPN is a great idea. You won’t need to remember to activate your VPN. It will protect all devices connected to the wireless network. In short, it solves most of the annoyances of using a VPN. The only limitation is that the connection speed can be affected (though that’s not always true for all VPNs).
Fortunately, you don’t need any special equipment to set up a VPN on your router. You can buy special VPN routers with everything set up, but to save money you can set up a VPN yourself and the process is not that difficult. Some routers are VPN-compatible. For example, the TRENDnet router allows you to set up a VPN with standard firmware (however users are limited to older protocols).
For most VPNs, you’ll need to install new firmware. DD-WRT and Tomato are two popular firmware options with good hardware and both allow you to install a VPN on your router. However, not all routers and VPNs work with DD-WRT or Tomato.
5. Activate the firewall
Not every router has a built-in firewall, but if your router does, turn it on. Firewalls can serve as your first line of defense because they are specifically designed to manage and filter traffic coming out of your network, and can automatically block suspicious accesses through the port is not authorized to use.
6. Change the default username and password
Most router models have a fairly easy to guess username and password: “admin” – “admin”. If someone can access your router through the remote access feature, or when they connect to their Wi-Fi network, logging in and editing the router’s settings is easy. .
To avoid this, change the password on the router to other than the default. Some routers even allow you to change the username. Choose an unpredictable username and password to protect yourself.
7. Turn off the UPnP feature
The UPnP protocol helps to bring many useful features, of which the one that is probably most widely used is the combination of UPnP and torrent for high-speed downloads without forward port. However, UPnP is also a feature filled with security holes: there are tens of millions of routers around the world ready to respond to UPnP requests from the Internet, and through this protocol, hackers can modify traffic. message on your router as they please.
Not only that, Flash applications can use UPnP to open more ports, making your computer a fortress… open the door. Overall, like many other features, UPnP has traded security for convenience.
8. Use the Guest Network feature
Guest Network or “Guest Network” is basically a feature that creates a virtual hotspot, often used by visitors to play to completely separate from the personal Wi-Fi network, to secure the private network. Besides, users can set the number of people accessing this network or just accessing the Internet and not being able to do anything.