When it comes to securing a Wi-Fi router, there are a lot of things people often do that aren't actually effective. For instance, hiding the name of the router (the SSID), won't help. Another scheme that's particularly onerous is MAC address filtering. Every computer has a unique MAC address, and the router can be set up to only allow computers with known MAC addresses to access the network. This technique is used by businesses and schools, but it overlooks MAC address spoofing. This is where a hacker could monitor the network, capture MAC addresses (since that information has to be sent through the network), and then change or "spoof" the wireless card to be an approved MAC address. It would then kick the legitimate user off, and give the hacker access to the network instead. Despite these ineffective methods, there are still plenty of ways to make your wireless network just as secure as a wired network.
Here's Leo's list of things to do to keep your wireless router secure:
- Rename the Router. It's best to avoid personal details and not use the router's brand name.
- Change the default login and password.
- Turn off WAN administration.
- Turn on WPA2 encryption.
- Turn off UPnP (universal plug and play).
- Turn off WPS. It's broken and easily hackable.
- Test your router for port 32764 with GRC's SHIELDS UP!
Check out Leo's explanation of securing your wireless router on The Tech Guy episode 1050.