How to Se­cure Your Home Wi-Fi Net­work

6 use­ful Tips for bet­ter home net­work se­cu­rity with ASUS Routers.

HWM (Singapore) - - LEARN - TEXT // JAMES LU

One of the big­gest con­cerns for any­one with a home wire­less net­work is en­sur­ing that your net­work – and any data sent across it – is se­cure from would be hack­ers and data thieves. Of course, no net­work is ever 100 per cent se­cure, but there are plenty of ways to toughen up your se­cu­rity and make it harder for people to ac­cess through a few ba­sic router set­tings.

1. USE WPA2 SE­CU­RITY (AND CHANGE THE DE­FAULT PASS­WORDS)

WPA2 (Wire­less Pro­tected Ac­cess 2) is a se­cu­rity tech­nol­ogy for Wi-Fi net­works based on the IEEE 802.11i tech­nol­ogy stan­dard for data en­cryp­tion. It is a newer, more se­cure re­place­ment for WPA and WEP (Wire­less En­cryp­tion Pro­to­col) and should be used when­ever pos­si­ble.

Two dif­fer­ent forms of WPA2 se­cu­rity ex­ist: Per­sonal and En­ter­prise. WPA2 Pre-Shared Key (PSK), more com­monly known as WPA2 Per­sonal, uti­lizes 64 hexa­dec­i­mal digit keys to en­crypt your pass­word and is gen­er­ally the best choice for home users. WPA2 En­ter­prise is more com­monly used by businesses and re­quires set­ting up a RA­DIUS au­then­ti­ca­tion server.

As well as fre­quently chang­ing the pass­word to your wire­less net­work, you’ll also want to change the ad­min ac­count pass­word, which gives ac­cess to your router’s man­age­ment soft­ware. Most routers come pre­con­fig­ured with a stan­dard ad­min/ad­min user­name/ pass­word, which as you can imag­ine, is not very se­cure. It varies from router to router, but chang­ing the ad­min pass­word can usu­ally be done from the Sys­tem or Ad­min­is­tra­tion set­tings of the router in­ter­face.

2. CHANGE THE DE­FAULT SSID NAME, OR BET­TER YET HIDE IT

Don’t make yourself an easy tar­get for Wi-Fi hi­jack­ing. There’s noth­ing that looks more tempt­ing to a would be hacker than a de­fault SSID net­work name, such as “ASUS_5G”. These pre­con­fig­ured SSIDs give away the make, and of­ten the model, of the router. If you haven’t changed the ad­min pass­word, it’s easy for a hi­jacker to sim­ply Google the de­fault ad­min cre­den­tials to that router’s soft­ware and ac­cess your net­work. Change your SSID name to some­thing that doesn’t re­veal the make or model of your router.

Bet­ter yet, choose to not broad­cast your SSID at all. The only downside to this is that you’ll have to man­u­ally type in the SSID name on any de­vices you want to con­nect to your net­work.

3.

MON­I­TOR YOUR CLIENT LIST

Most routers have a client list that shows the wired and wire­less de­vices cur­rently con­nected to your net­work. Mon­i­tor your client list and look for any un­fa­mil­iar de­vices. Most routers will dis­play a con­nected de­vice’s IP ad­dress, MAC ad­dress, host­name, and some­times an icon to dis­play the type of client con­nected, e.g. a com­puter, NAS, smart­phone etc. If you do spot any for­eign de­vices on your net­work, you can opt to ban their IPs, which will pre­vent them from con­nect­ing again in fu­ture.

4.

EN­ABLE MAC AD­DRESS FIL­TER­ING

A MAC or me­dia ac­cess con­trol ad­dress is a per­ma­nent, unique se­rial num­ber used by a de­vice’s Wi-Fi hard­ware to iden­tify it­self on wire­less net­works. Cre­at­ing a fil­ter by MAC ad­dress al­lows you to grant or deny ac­cess to your wire­less net­work based on the spe­cific de­vice be­ing con­nected. For the high­est level of Wi-Fi se­cu­rity, you should set up your net­work to only grant ac­cess to the MAC ad­dresses of your own de­vices. You can do this by set­ting MAC fil­ter­ing to ‘ac­cept’ or ‘grant’ and man­u­ally en­ter­ing the MAC ad­dress of each of your de­vices in the router soft­ware page. The eas­i­est way to find your de­vice’s MAC ad­dress is to iden­tify your de­vice in your router’s de­vice list. Al­ter­na­tively, most smart­phone and tablet MACs can be found by go­ing to the de­vice’s Set­tings or About menu. Some­times the MAC ad­dress is listed as the ‘Wi-Fi ad­dress’.

5.

KEEP YOUR FIRMWARE UP TO DATE

Even the most ad­vanced routers can some­times have se­cu­rity loop­holes. Re­cently, some ASUS routers were found to have a se­cu­rity flaw that made it pos­si­ble for hack­ers to ac­cess drives con­nected to the router by us­ing the routers’ AiCloud fea­ture. For­tu­nately, a firmware up­date was quickly re­leased by ASUS, which com­pletely fixed the prob­lem. Some routers of­fer auto-up­dat­ing of firmware, but if yours doesn’t, be sure to reg­u­larly check the man­u­fac­turer page for up­dates.

6.

USE FIRE­WALL SET­TINGS

Most routers have some sort of fire­wall or WAN pro­tec­tion to guard the de­vice from In­ter­net threats. For ex­am­ple, most ASUS routers have set­tings that al­low you to en­able fire­wall pro­tec­tion for both IPv4 and IPv6 traf­fic, as well as fil­ter po­ten­tial In­ter­net threats and DoS at­tacks.

Newspapers in English

Newspapers from Singapore

© PressReader. All rights reserved.