security of wireless router
The tips in this article are categorized from basic to more technical levels:
This step may seem trivial to many, but most routers use the same default usernames as admin to enter their settings and simple default words like password for their password. The first thing you need to do after setting up the router is to change your username and use a complex password. Please note that this is different from changing your Wi-Fi username and password.
After you have changed the login information to the router settings, now it is time to choose a suitable name and password to connect to the router. It is also recommended that you deactivate this information and change it to something that does not represent personal information. Ideally, do not choose the name of the router manufacturer (such as Netgear or Linksys) or personal information as the Wi-Fi name. To increase this level of security, it is recommended that you change the data exchange encryption method to WPA2 instead of WPA or WEP. At this stage, choosing a long passphrase is very important and it is suggested that the number of selected characters be more than 20 letters.
By increasing the security level raised in the previous step, you can completely prevent the SSID from being released, so only users who know your network name can connect to it.
If you plan to allow network access for your guest users as well, create a completely independent Guest network. It is never recommended that you share your original connection information with anyone.
Unfortunately, laziness always jeopardizes our level of security. Although it is possible to use the WPS button and (Wi-fi Protected Setup) work so much easier, but usually not recommended for security reasons to use this feature. This may allow an attacker to try to connect to your network by testing different PINs known as brute-forced attacks.
Always make sure your router firewall is up to date. It is recommended that you enter the router settings once in a while and make the necessary updates. This is a task that is often overlooked and should not be.
Disable Remote Administrative Access on your router, and disable Wi-Fi management access. This allows the Admin user to connect to the router only via an Ethernet cable.
The next step that is usually recommended to increase the level of security is to change the default IP range of the router. Almost all routers use the same IP 192.168.1.1 and changing it can prevent CSRF and Cross-Site Request Forgery attacks .
Block access to the router with the MAC address. You can specify exactly which devices are allowed to access the network. To do this, you need to enter the Wi-Fi section of your router settings and enter the MAC address of the devices you want.
If the devices you are using are compatible with this technology, it is usually recommended that you switch from the standard 2.4 GHz band to the 5 GHz band. This reduces the signal range and restricts the ability of remote attacks to access your router.
Disable Telnet, PING, UPNP, SSH and HNAP if possible. You can disable them all at once, but it is usually recommended to put them in a state called Stealth. This will prevent your router from responding to external communications.
After completing these steps, be sure to log out of the router settings. Doing this is not just for the router. You should also log out of websites, applications or consoles when you are done.
Finally, it is recommended that you do all of the above steps, but if you are not able to do all of them, follow these steps wherever possible. It has long been said that “work does not do anything wrong.”