Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
9/9/00 A Linux firmware updater is now available for the UG3000 and UG3200.Get it here.
6/15/00 IPSec passthru added via V2.03h firmware.
5/31/00 MAC address change capability, Java firmware upgrade client added via V2.03g firmware. MacOS upgrade utility also available.
5/24/00 MAC address cloning capability added with V2.03e firmware.
03/06/00 PPPoE and single PPTP client support has been added. Go here for the details!
1/24/00 Corrected "exposed computer" information. Only one computer can be exposed at a time.
1/10/00 Clarify that product contains a 4 port 10/100 autosensing hub.
The UMAX UGate 3000(UG3000) is a Ethernet to Ethernet NAT-based router that includes a 4 port autosensing 10/100BaseT hub. It comes in a small attractive package, similar to UMAX's 8 port hub, but with a different color. All RJ45 jacks (one WAN, 5 LAN--4 ports plus Uplink) are on the rear panel of the unit, along with the power adapter input and recessed reset switch. A full complement of indicator lights are on the front panel including:
Test (lights if the unit malfunctions)
WAN Link and Activity
Link/Activity/Speed for each of the 4 built-in 10/100 autosensing ports
Partition (lights if continuous collisions are detected on a port and the port is "partitioned", i.e disconnected from the LAN)
The unit is powered by a small external power unit. I did notice that the unit is warm to the touch, so be sure to not block the ventilation port on the back of the unit (there is no fan in it)!
Since the UGP and UG3000 are very similar in features, I will only focus on differences between the units. You can read the Ugate Plus review on this page.
Installation and troubleshooting hints for the Ugate Plus and 3000 can be found here.
The UGate 3000 manual can be found here (in PDF format).
The bad news...
Access control is provided, but you still can't set access by time, or have password enabled access. Content filtering is not yet available (although you can filter services by port number) and logging capability hasn't made it into the unit yet either.
UMAX has also removed the email sharing feature that was provided in the UGate Plus. Seems that most users didn't use this feature, given the multitude of free email choices on the Internet for those users whose ISPs are stingy with email addresses.
The Good news...
As of early 2000, both the UG3000 and UGate Plus have been updated to support a single PPTP client. PPPoE support has also been added to the UG3000. Go here to get information on downloading the free firmware update.
Pretty much all the basic setup can now be done from this one screen, instead of having to switch among many screens in the UGP. There are also a few features that have been added as a result of feedback to UMAX on the limitations of the UGate Plus:
The Device Name field is for those users whose ISPs require a particular host name for authentication (some @Home affiliates require this).
If your ISP uses names like mail, news, pop, smtp for their server names, the Domain Name field will let you enter a domain name that will be added to these names so that your clients can find the servers (again, this is common practice with @Home).
Clicking on the Road Runner menu button will allow you to enter the TAS server, Username, and Password information that some RoadRunner affiliates require.
5/31/00 MAC address changing capability has been added with V2.03e firmware. You can just enter a new MAC address on the Device Administration page. You can also upgrade the firmware via a built-in Java applet, but it only works with Internet Explorer 5.0 or higher. MacOS users can also download a new MacOS firmware upgrade utility from the Maxgate Web site.
6/15/00IPSec client passthru capability has been added with V2.03h firmware.
Help for the Domain impaired..
Most cable modem users receive their IP address via DHCP, which means that the address can change. Sometimes it changes often, sometimes it doesn't change much at all, but anyone who has tried to host a server, use PCAnywhere, or do anything that requires remotely accessing their PC knows what a pain it is when it does change.
The UG3000 offers one year of dynamic DNS service through a partnership with TZO. What this basically means is that after you register for the service and properly configure the UG3000, you'll be able to access computers in your LAN by name instead of by IP address. When the IP address issued by your ISP changes, TZO tracks the change and automatically keeps your computer names linked to the new IP address.
The main limitation is that your domain name must end in Ugate.net. If you already have your own domain name registered and want to use it with the UG3000, TZO can handle that too, but that's not a free service. If you'd like to explore this aspect of the UG3000 more, try this link to some on-line documentation.
What else does it do?
As I said at the start, the UG3000 will do most everything that the UGP will do, with the exception of email sharing and the additional features described above. You can open holes in the firewall, restrict service access, and set up static routes to other routers on your LAN. You can also have "Virtual Servers", which may be even more useful with the Dynamic DNS service.
UMAX has taken an incremental step with the UG3000. They've trimmed some less useful features, added features to remove authentication roadblocks encountered by some UGP users, and bundled in an autosensing 10/100 4 port hub and Dynamic DNS service.
The UGatePlus has been a solid performer and I'd expect the same from the UGate 3000.