Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
Buffalo AirStation Local Router Model WLAR-L11L
Author: Tim Higgins Review Date: 1/18/2001
- Has wireless configuration features usually only found in "Enterprise" grade Access points
- 40 bit WEP only - Documentation and admin screens difficult to understand.
4/19/01- Added connector info.
2/6/01- PPPoE / PPTP Client passthru firmware upgrade is now available. See details.
Wireless LAN Link/Activity
WAN Ethernet Link/Activity
4 LAN Ethernet Link/Activity
One RJ45 10BaseT Ethernet WAN
Four RJ45 10/100BaseT switched Ethernet LAN
printed Install manual
printed "AirStation Setting Recipe"
printed "AirStation Reference manual"
printed "AirStation Internet Connection Manual"
CDRom with drivers, utilities
UTP normal cable (Access Point)
100-120VAC Power supply
Fixed position, Integrated (non-removable) Antenna in Access Point
Can attach external Antenna
Has Hardware Reset switch
NO Uplink port or Normal / Crossover switch for LAN Ports (see this page if this concerns you!)
This is my second review of a Buffalo Technology AirStation product. My previous review last September covered the AirStation Basic model and client PC card and was generally favorable, especially since it was the first unit we saw under $300. Since then the 802.11b market has exploded with new product offerings from a number of companies! So I headed into this review having seen a lot more products than I had for the last one.
This review will focus on the "Local Router" model, which is designed to compete with the wireless routers that are now coming onto the market. Since the basic capabilities of the product haven't changed, this review will focus on the differences, and you should refer to the earlier review to get the basic info.
The AirStation Local Router model (ALRM) is 4 port 10/100 switched router that you can think of as having a fifth port that's an 802.11b wireless Access Point. This means the ALRM will route both Wireless and Ethernet clients simultaneously.
The ALRM comes with a number of printed guides that attempt to ease the installation process. However, many users have found the documentation and especially on-line help hard to follow. I didn't pay much attention to the documentation on the previous review, and just used the installation wizards to get me through the installation smoothly. However, this time I didn't use the wizard, since I knew that the ALRM had a web interface and figured I'd just set it up that way. This did not go smoothly for the following reasons:
The ALRM does not come with its DHCP server enabled. So I couldn't just connect my PC, do a DHCP release/renew and get an IP address that would talk to the ALRM.
The ALRM does not come set as a DHCP client on the WAN port. So it didn't pull the info needed to connect to the Internet and pass it to my DHCP client workstations.
Neither the "AirStation Setting Recipe" or "Install Manual" poster, which looked like typical "Express setup" sheets had the information needed to figure out the above two points, or give you the default IP address of the ALRM (which is 192.168.0.1)
Once you get connected to the ALRM, you'll find the basic interface to be very similar to the AirStation Standard's. This is good news if you've used an AirStation before, but bad news if your previous experience has been with configuring hardware routers. You can definitely see the ALRM's Access Point (non-router) heritage in the organization of the screens. For example, all the basic settings are not in the "Basic" screen, but are split among a few screens.
That's not the main problem, however. You may be more confused by the different terminology used for functions that are pretty much standard in routing products. I was most confused in the "Address Translation" (for mapping/forwarding ports) and "Packet Filter" (for Access control) pages (see screen shots below).
Clicking on the Help balloons didn't bring much useful help, either. I managed to find the answers in the printed "Reference Manual", but novice users may have a much harder time figuring things out. Buffalo Tech told me that they know they need to improve the documentation and have a US produced installation guide in the works.
The non-routing features of the ALRM are described in the AirStation review, so I'll just describe some of the router-specific features.
you can place one computer outside the firewall (called "IP address of LAN which does the transfer of the unknown port ")
you can forward up to 32 single TCP or UDP ports or port ranges
you can control access to the Internet by single TCP or UDP port or port range for either individual or ranges of IP addresses ("Packet Filtering") You can set multiple Access control rules. You can't control access by client MAC address, however, or by time of day.
"Loopback", i.e. using the WAN side address for forwarded services from LAN clients, worked just fine.