Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
The RG Setup program is very basic. You select "Typical"
or "Custom" mode, enter the ID number of your RG (from a label
on the rear of the RG... clearly indicated in the manual and in the setup
program) and answer a few questions. The "Custom" install
option lets you change "Network Topology" settings, which include
DHCP Server and Client settings and selecting NAT router or Bridge mode.
The screen shots below give you a flavor of what the RG setup is like.
(click on an image to open a new window with a full-sized
Features and Controls
Among the features you can control on the RG are:
Set the AP channel (frequency)
Set one 5 character ASCII Encryption key (40 bit encryption
But you can't:
Set the AP Name, Group name, ESS-ID (same as "SSID",
or "Service Area")
Set the AP bit rate
Set a Hex Encryption key
Allow/disallow clients by MAC address
Setup packet filters
Set the DTIM Beacon interval to control client power
Get any network statistics
Run any RG diagnostics
Force a modem connect and disconnect
Force a DHCP lease release / renew
Note that you have to step through each screen even if you
just want to view the configuration of the RG and there is no way to just
check the RG's status.
As I said previously, you may want to
use the RG as a Bridge instead of a router. Here's why:
PPPoE is not supported, so many (most?) DSL users are
out of luck (Update 3/26/01: PPPoE supported
in Spring 2001 software update.
Go here for info.)
You can't specify either the Host Name or Domain Name,
which @Home users need (Update 3/26/01: Host
name supported in Spring 2001 software update.
Go here for info.)
You can't change the Ethernet port WAN address, which
some MediaOne/RR users now need to do
You can't forward ports, control access, or log traffic
You can't control the DHCP server, other than to turn
it on or off.
The above limitations don't matter if you use the RG as
a Bridge, because your router would handle them. All the RG would
have to do is pass packets between the Ethernet and wireless parts of
ORiNOCO says that the RG's DHCP server will hand out 50
IP addresses, but they also say that you shouldn't plan to have more than
10 clients connected, due to memory limitations in the RG.
Note that you can't control peer to peer wireless client
communication from the RG (or any other Access Point!). That's handled
with the Client Manager program on the wireless clients, so let's move
on to look at the LAN client cards.