Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
2Wire HomePortal 100W
Author: Tim Higgins Review Date: 4/5/2001
Although 2Wire's management interface and features
are much improved, here's my punch list:
Print Server: You can get it on
less expensive boxes and a product that wants to be a one-stop
solution should have one. (Those USB ports are still
just taking up space, guys...)
Remote Administration: Although there's
a checkbox in the Firewall Settings screen for "Remote
Management", I couldn't find a way to get at the web
admin screens from the WAN side of the 100W.
Email Alerts - Logging is already separated
for Security events, why not let it be emailed?
Access Controls by User: Could be managed
similar to the Hosted Apps.
Content Controls: You'll have to find
another way to keep objectionable material from being accessed
from the net.
Static Routing: You can't set static
routes to communicate with other routers' subnets if you have
them. (probably not a must-have)
DHCP Disable: You can't shut off DHCP and you can
only control the private IP range (but not the number
of clients) that's handed out via the MDC.
joins the party
Of course the biggest change from the last review is that the
100W adds an 802.11b wireless Access Point to the other
networking media options. This makes it the first
product that lets you create a network using Ethernet, USB, HomePNA
2.0 (phoneline), or 802.11b wireless (or any combination)
The 100W's wireless capability comes via a Lucent mini-PCI
card radio, which fits into a connector added to the 100W's
mother board. Two dipole antennas are bolted to the internal
metal RF shield at the front of the box: one parallel to the floor,
the other vertically aligned. There are no external antenna connectors
available for connecting "booster" antennas.
The Wireless Controls are pretty simple as shown
in the screen shot above. You can set the Wireless Network
Name (ESSID), and either use the default 40 bit WEP encryption
key (WEP is enabled by default), enter a 10 character Hexadecimal
key yourself, or disable WEP. Naming the Access Point and
choosing a channel are the only other things you can do.
Note that you can't control which wireless clients can access
your AP by limiting access by MAC addresses.
The 100W gives you more monitoring information than
most consumer grade APs. You can use the MDC's Statistics
screen to see transmit and receive stats and errors for the wireless
(and other) channel types. The main Network screen will
show you the clients that are on your network. Since only
active clients are shown, when a wireless client moves out of
range, their icon will disappear. You can get client IP and MAC
addresses by using the MDC's Home Network Status screen.
2Wire doesn't sell 802.11b client cards, but they include a
Wireless Card configuration guide that gives detailed
configuration instructions (complete with screen shots) for
Lucent ORiNOCO Silver/Gold, Cisco Aironet, 3Com Airconnect,
and Apple AirPort cards. They also include a section for
other wireless cards, which contains advice that looks pretty
good to me. (If you still need help you can check our
I ran the Qcheck test suite on the 100W, using
a Lucent Gold PC card
as the wireless client, and a Windows PC as the other LAN client.
Both clients are on the LAN side of the router, so these tests
do not include the router. Here are the results:
- WEP encryption DISABLED
- Tx Rate: Automatic
- Power Save disabled
Comment: Performance was average for an
802.11b AP. Transfer Rate performance at Condition 4 varied
from 2.9 to 3.9Mbps, probably due to the Marginal signal condition
indicated by the ORiNOCO client utility.
The 15% throughput decrease with WEP enabled
probably wouldn't be noticed while web browsing, but would slow
local client-to-client transfers that aren't limited by a broadband
I also tried an SOHOware NetBlaster II
(Intersil PRISM II based) client. Although there were no problems
connecting with WEP enabled, I experienced the same WEP-enabled
I didn't expect any change in router performance,
but reran the Qcheck suite just to make sure:
(Tests run with 220.127.116.11 firmware)
Transfer Rate (Mbps)
Response Time (msec)
[10 iterations 100byte data size]
Comment: LAN-WAN transfer rate performance dropped by
almost 20% from my earlier review. But it's still
plenty fast for any broadband connection that a home
user's gonna throw at it!
2Wire appears to be making some inroads in the crowded
Home Portal/Gateway/Router market. Since I last reviewed
them, they've signed up Dell, CompUSA, CDW,
and Earthlink as distribution partners. Although
that's not as large a "footprint" as, say, Linksys or
Netgear have, it's a big step from their initial "direct
sales only" availability.
So is $400 a good deal? Let's once again see
what it would take to put together the equivalent of the 100W
(pricing data is from Pricegrabber
on 6 April 2001):
(4 port wireless router)
Linksys HPB200 (less $ than Netgear PE102)
NETGEAR EA101 USB to Ethernet adapter
Still looks like a good deal, but it's close enough that 2Wire
will need to keep an eye on pricing.
Bottom Line: If you're looking for a blazing fast router
that can handle Ethernet, USB, HomePNA2.0 and 802.11b wireless
connections out of the box at a competitive price, the HP100W
is more than ever worth a look!