Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
Nexland Pro100 Internet Security Box
Author: Brien M. Posey Review Date: 9/26/2002
The Nexland Pro 100 Internet
Security Box is a very basic product for sharing an Internet connection
while providing firewall capabilities. While the unit is designed to merely
cover the basics, it does have a few nice extras, such as the ability to automatically
establish a dial up connection to an ISP should the broadband connection fail.
Option to back up the configuration
Analog or ISDN modem backup in the event that primary WAN connection fails
Supports user level and debugging level logging
Only a single L2TP session is supported
Supports only a single DMZ
No wireless support
The Nexland Pro 100 offers most of the basic features that you expect to find
on a mid-grade Internet connection sharing device intended for home or small
office use. The unit contains a single LAN port that can be attached either
to a PC or to a hub. Through this port, the unit can service up to 253 users
and includes a built in DHCP server. The unit can also act as a DHCP client
should the ISP provide a dynamic IP address.
The Pro 100 has the ability to establish a dial-up session to an ISP should
the primary connection fail. The dial-up session can be initiated through either
an analog or an ISDN modem. Should the unit make a dial-up connection, it will
still frequently attempt to reestablish the primary broadband connection.
It includes a NAT firewall with DMZ support for a single server. The firewall
also supports the use of several preconfigured virtual server types and allows
you to configure custom virtual servers.
The Nexland Pro 100 includes VPN support as well. Multiple PPTP and IPSec sessions
are supported with unlimited tunnels. However, only a single session L2TP pass
through is supported.
Finally, the unit supports many popular protocols such as RIP2, SNMP, and IGMP.
It is designed to be compatible with PC, Macintosh, and UNIX workstations. One
of the features that I really like is that it allows you to make a backup of
the unit's configuration.
The setup procedure was very simple and straight forward. The unit had four
ports; a LAN port, a WAN port, a serial port, and a power port. After unboxing
the unit, I attached the power supply, connected the WAN port to my DSL modem,
and plugged the LAN port into my hub, and was ready to roll. The unit's capability
of using an external analog or ISDN modem requires a serial based external modem,
which I didn't have and was therefore unable to test. The unit came with a serial
cable for attaching to the modem, but I would really like to see a modem integrated
into future versions of the product.
Like most other Internet connection sharing devices, the Pro 100 came preconfigured
to use the IP address 192.168.0.1, and had its built in DHCP server turned on
by default. This meant that accessing the unit's Web interface was as simple
as setting up a client to obtain an IP address automatically, opening a Web
browser, and entering the unit's IP address.
When the configuration Web-page loaded, I wasn't prompted to enter a password.
The unit does allow you to setup a configuration password, but I really liked
that I could begin the configuration process without having to hunt through
the instruction manual for the default password.
The next task was to connect the unit to my ISP. My ISP uses the PPPoE protocol.
Therefore, on the unit's Main Setup screen, I only had to select the Enabled
button in the PPPoE section, and enter my user name and password. The one thing
that seems to be missing from the Main Setup screen though is a connect button.
The only way to actually initiate the connection is to go to the Advanced PPPoE
screen and click a Connect button. The Advanced PPPoE screen contains the ability
to set a static IP address and also contains the PPPoE log file. From here,
you can even take advantage of any special PPPoE services that your ISP may
I tested the unit's performance by using the speed tests at broadbandreports.com. In the area
where I live, the phone company only offers DSL speeds of up to 384 KBPS. I
ran the DSL speed test at about 9:00 AM on a Thursday morning, when traffic
should have been pretty heavy. The report indicated that I was having upload
speeds of 330 KBPS and download speeds of 323 KBPS. Both of these speeds are
about right given the time of day and my ISP's limitations. The Nexland unit
boasts up to 8Mbps throughput, but I have no way of validating the claim.
VIRTUAL SERVERS and PORT MAPPING
The unit offers full support for virtual servers and for port mapping. The
Virtual Server support allows you to simply select a protocol or service (Web
server, FTP, SMTP, etc.) and then map the service or protocol to an IP address.
This feature worked perfectly. The Custom Virtual Servers section takes the
concept a bit further by allowing you to associate port numbers with an IP address.
Again, there were no problems.
I tested the unit's security and access control by running the ShieldsUP!!
tests found at Gibson Research. They
confirmed that the unit's security was working as intended.
While the Nexland Pro 100 Internet Security Box lacks some of the features
found on higher priced products, it seems like a great choice for anyone on
a budget and in needs of the basics. The product is fast, reliable, and easy