Information Security Asked by user136026 on December 8, 2021
I have recently got into cyber-security and I have been looking at ways to configure a router. However, the sources I have found have been on how to configure a router and not things you can do to configure the router.
So far, I have found out that it should use WPA2-AES encryption as well as it should have a strong password. In addition, you can also configure it to only accept connections from known computers.
Are there other ways in which it can be configured?
First of all, you mention WPA and 'router'. I am assuming that you are not asking about a router but about a device with many functions build into one set of hardware. Probably: Modem/firewall/wirednetworkswich/access point/DHCP server/DNS server/etc etc".
So much for things you should do, there are also a few things which you do not want to do:
Answered by Hennes on December 8, 2021
Not all routers have the same functionality but as a rule of thumb you could do the following.
Firstly, you may want to bin the router provided by your ISP and buy one that allows you to have more granular control, and/or install open source firmware such as dd-wrt.
The general advice I tend to give is:
Change the default setting on things like Admin usernames and password.
Restrict what devices can connect to the router with MAC address filtering.
Ensure that the web-interface is using HTTPS and is not reachable from the public internet.
Disable Wi-Fi Protected Setup (WPA).
Change the password that allows WiFi access regularly.
Answered by TheJulyPlot on December 8, 2021
Change your default admin password to something secure
Use WPA2 for wifi access with a very long password which should be periodically changed.
Set up MAC address filtering to allow only devices you trust.
Disable remote admin tools
Disable secondary SSIDs you are not using if they are supported
Turn off SSID broadcast
Turn off Wifi Protected Setup
Some sources recommend changing the SSID to something to mislead attackers, so if your router is Belkin, change your SSID to 'Cisco'
Enable the firewall if available
Keep your firmware up to date
Review logs periodically for suspicious activity
You can use servcies such as Shields Up to run basic testing of your network https://www.grc.com/shieldsup
Answered by iainpb on December 8, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP