Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
One of the FV318's most valuable features is its ability
to generate a secure Virtual Private Network (VPN) tunnel with other offices
or remote users to establish data connections with other offices or remote
users. This is far less expensive then dedicated site-to-site leased lines.
In order to protect data transmitted in this way many security protocols
are built into the 318s that encrypt your data and keeps its contents
hidden from unauthorized users.
Using NETGEAR Firewall's Web browser management interface,
a secure connection may be easily created between two or more sites. IKE
is a protocol negotiation and key exchange protocol that is part of the
IPSec protocol suite specified by the Internet Engineering Task Force
(IETF). IKE allows VPNs to automatically negotiate IPSec Security Associations
(SA) during the creation of a VPN tunnel. The Security Association between
two systems is based on the SPI, and includes the Destination Address
Range, IPSec Gateway Address, Encryption Method, Encryption Key, and Authentication
Key. The FV318 can support up to 5 VPN tunnels. VPN support is limited
to one tunnel on the FR318. In order to connect to a remote workstation
to your VPN, you'll need to purchase client software such as Nortel
routers firewalls abilities are pretty impressive for a SOHO product. We tested
the firewall using some of the more well known testing sites. Gibson
Research Corporation's Shields Up!, Port Probe and HackerWhacker.com's
default port-probing tests and Trojan Horse test. In all of these tests, the
FV318 archived impressive results. The famous "Test my Shields!" test
reported that "this computer appears to be VERY SECURE since it is not
exposing any of its internal NetBIOS networking protocol over the Internet."
It goes on to say that "Most Windows systems hold NetBIOS port 139 wide
open to solicit connections from all passing traffic. This port has closed this
dangerous port to all passersby. (Congratulations!)"
The only possible cause of concern I saw was reported by GRC's
LeakTest which tests to see if your firewall will prevent unknown applications
from making outbound connections to the Internet. According to the test, the
firewall was penetrated. We'll do some further investigating on this issue and
report our findings in the next update.
Configuration and administration of the 318 routers takes
place through a Web-based interface. The menu interface, while not incredibly
attractive, is efficient and straight forward. Installation of our FV318
was incredibly simple. We plugged our cable modem into the WAN port, attached
our workstations and servers to the LAN ports, pointed our browsers to
its default IP address (192.168.0.1) and supplied the information requested
by the installation wizard. We rebooted our workstations and server and
we were online.
After that, maintenance and administration is simply point
and click. We learned that a firmware update was available for our router
which was necessary for 3DES encryption. We downloaded the file, logged
in to the router and pointed it to our download folder. It took about
a minute and half to upload the new firmware. When finished we simply
restarted the router and 3DES encryption was now available.
We ran the standard Qcheck
suite to test performance, with the following results:
[1MB data size]
[10 iterations 100byte data size]
NETGEAR Cable/DSL VPN Routers are both easy to install, configure and
administrator. Most of the features can be setup by a person with a moderate
amount of networking experience. As you network needs grow, these routers
will grow with you. So if you need a low-cost switch, Internet access
sharing capabilities and the security that comes from a real firewall,
give these routers a try.