Did you know that those getaway routers we use at home are not secure?
Indeed, they’re not secure and every security expert can confirm they’re also very open to attack. As a matter of fact, every good hacker can probably attack your Wi-Fi.
Simply, experts say that you shouldn’t use getaway routers at electronics stores, or the ones you get from internet providers. Now you’re probably wondering:
What can I do to protect my Wi-Fi from an attacker?
Regardless of whether you have a small house or a larger home, you should consider commercial routers. However, if you can’t upgrade to commercial routers, but you still want safe internet access, there are some things you can do to prevent any attack.
Finally, follow these simple instructions and you’ll be safe to enjoy anything from Netflix movie to basic internet surfing.
Lock home Wi-Fi routers
The very first thing you should do if you want to avoid attack is to separate modem and router. More precisely, ISPs usually give out router and modem as a same device, which leaves them with no control over network that’s actually their own.
Simply, if you buy a modem and router as a single device, you should contact the ISP and have that separated. In that case, you can then add your own home Wi-Fi routers to it.
Try not to buy those consumer-friendly routers, even though they are quite on the cheap side. Instead, invest in a low-end commercial Wi-Fi router.
The reason for this is because commercial routers usually don’t have UPnP or WPS enabled. Also, they feature certain specifications and features that help protect you from any internet attacker. In addition, you’ll find firmware rollbacks that’s always useful if a firmware update goes bad.
At last, there are ways to protect both consumer-grade and commercial routers. Some steps and ways are easier than the others are, but they’ll make internet a safer place for you.
Don’t worry, if you’re uncertain about if you’ll be able to do these steps, just read them carefully. If you’re not very advanced in technology, you can still do some more simple steps.
(check here out list of best wi-fi extender)
Keep in mind, anything you can do to protect your Wi-Fi router counts.
Steps to fix your Wi-Fi router
1/ Administrative Access
First thing you should do is definitely change administrative access credentials such as password and username. This step alone isn’t enough to protect you from a hacker attack, but it’s a good start.
If there’s an attacker, your password and username will be the first things he tries to break into. If you don’t know how to change the credentials, check in the user manual you got with your Wi-Fi router.
Now, your SSID is probably Netgear, Linksys, or another default network name. If this is the case, you should change it to something more unique. However, make sure you choose a name that doesn’t identify you.
For example, make sure you don’t write your phone number, last name, etc. Normally, if your nextdoor neighbor is trying to break in your Wi-Fi network, the first things he’ll use is the information he knows about you.
Try to think of something very random, and write it down on a piece of paper if you must. Of course, find a safe spot where you’ll keep that paper.
3/ WPA2 wireless encryption
Next step is quite basic but people often forget about it even though it’s crucial in safe internet access. There’s such thing as WPA2 wireless encryption and you must enable it. Once you do that, only users that are authorized can use your network.
4/ Wi-Fi protected setup
Now, check if your router allows you to disable Wi-Fi protected setup. If it does, go on and disable it.
5/ guest Wi-Fi network
Of course, people will come to your house and will want internet access. A feature that can help you with this is a guest Wi-Fi network that some routers have.
If you can set this up, you’re free to hand it to people when they need Wi-Fi in your house. Also, some routers allow you to set a timer that will shut off the guest network after a certain period of time. In addition, keep in mind that it’s much safer to connect all smart-home devices to this guest network.
Simply, these devices aren’t usually very safe, so you want them far away from your primary network.
6/ cloud-based router management
Furthermore, it’s important to avoid cloud-based router management. Even though some manufacturers offer this feature, we suggest you turn it off for safety reasons.
Simply, if you allow this it means that there’s a third person between your router and you. Of course, this is in no way safe. Nonetheless, many new routers depend entirely on cloud management and the only way to interface with them is through smartphone apps.
Naturally, these models feature many other safety improvements, which is why people mostly opt for them. However, try to find a mesh router that allows local administrative access.
7/ install brand new firmware
Another thing you can do when it’s available is to install brand new firmware. From time to time, log into administrative interface in order to check.
In some cases, maybe you’ll have to visit the manufacturer’s website for those updates.
However, if you own a newer model or a mesh router, it will probably update the firmware automatically. Still, our advice is to have another extra router just in case something goes wrong.
8/ set the router to 5-GHz band
A tip we always give is to set the router to 5-GHz band for Wi-Fi. In most cases, routers use standard 2.4-GHz band.
5-GHz is harder to spot, because it can’t travel as far, while your 2.4-GHz is quite easy to notice by any attacker who lives few streets away.
9/ change your settings for administrative web interface
If you know your way around technology, there’s a few more things you can do. For example, we suggest you change your settings for administrative web interface.
Normally, some routers won’t allow this, but make sure to do it if you’re allowed to. Usually, interface enforces a safe HTTPS connection over your non-standard port.
10/incognito and private mode
No doubt, incognito and private mode offered by each browser can come in handy when protecting your internet access. Simply, use it when you want to access administrative interface. This way, your URL won’t be saved in browser’s history.
All browsers offer this feature, and thanks to it, you’re able to hind pretty much any URL. Still, most people forget to use private mode to protect their internet access information and URL’s.
11/ turn off PING, SSH, HNAP, Telnet, and UPNP
Next, if you’re allowed, turn off PING, SSH, HNAP, Telnet, and UPNP. These are all remote-access protocols, which is why you should disable them. Of course, instead of setting them to closed, make sure you set them to stealth.
This way, they won’t give any response to any external communications such as attackers trying to hack your network. Luckily, every router has this feature where you’re allowed not to respond to PING commands.
For this reason, you should turn this on. It helps you hide from pretty much everyone except, of course, your ISP.
12/ virtual private network
We suggest you use a virtual private network router, also called VPN, to replace or supplement the router you’re using. Use VPN to also encrypt all your internet traffic.
This entire step allows you to hide your actions from the internet service provider you’re using. Simply, VPN routers are VPN clients, and once you sign up with VPN company, you send everything through them. This way, your internet service provider doesn’t see what you’re doing.
Most Wi-Fi routers can run firmware that’s open-source, like DD-WRT firmware, for example. Commercial routers, however, support OpenVPN and give you the instructions on how to use network.
13/use a service for port-scanning
Final step you should do is use a service for port-scanning, such as Gibson Research Corp.’s Shields Up. What this does is test your router for all kinds of different vulnerabilities. Of course, your router’s administrator can mitigate most of these vulnerabilities.
Finally, now you probably realized how unsafe your Wi-Fi router was. Once you read these steps, you can understand just how open your router was to all kinds of attacks.
Luckily, these ways are proven to help you protect your internet from anyone who’s not authorized to access. As you saw, even people who visit your home shouldn’t use your Wi-Fi just like that. In addition, none of these steps are very hard.
As a matter of fact, some are quite easy and you’ll be able to do them yourself. Even the more advanced steps are easy to complete when you have the right guide. However, if you’re having difficulties don’t be scared to let someone else do it for you.
Protecting your Wi-Fi router is crucial in safe internet access and surfing. Therefore, don’t wait another day to protect yourself and your data from any attacker.
How safe is your Wi-Fi router? Have you ever had anyone try and hack your network? Please, feel free to join the conversation in the comment section down below.