Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
LAN security risks come in different forms. Here is some information
on the most common ones.
Viruses are generally not a "security" threat to the
computers on your LAN (although they can cause plenty of problems).
The main effect of viruses can be erratic operation of your computers,
possible data loss, and the ability to pass on the virus to other networked
Viruses are most commonly spread through two methods:
floppy disks or other removable media that are used to transfer files
from one computer to another
Your best defense against viruses is to run a good anti-virus program
and keep the virus database updated (at least monthly).
In case you've just come out of a coma or have returned to the planet
after a long absence, I'm doing my cyber-civic duty by repeating
what should be firmly embedded in your brain by now:
Rule #1: Never,
never, never open email attachments that come from people that you
J U S T P R E S S D E L E T E !
Rule #2: If the attachment
is a forwarded joke, video, audio, .vbs or whatever
kind of file
J U S T P R E S S D E L E T E !
Rule #3:As Melissa and LoveBug
and their variants have shown, if you receive an unexpected email
attachment from someone that you do know, check with
them before opening it to be sure that they meant to
send it and to find out what is in it.
Rule #4:If the attachment is a legitimate
file from a known source, you should still scan it with up to date
anti-virus software before opening it.
(Your anti-virus program should have a mode where it will do this
scan automatically, but you should check and make sure that it is
Get the picture? If in doubt, throw it out! If it's a legitimate
file, it can always be resent, after you check with the sender!
The people who create these things are getting nastier and cleverer, and
it just isn't worth taking the risk of losing even one file due to what
boils down to curiousity!
Probes Probes or port scanners check for improperly secured
servers or services that may be running on computers on your LAN (especially
the one that is directly connected to the Internet). These checks
are usually performed by programs that take a range of IP addresses selected
by the person running the program, and look for common services like Web,
mail, FTP, Telnet, pcAnywhere, or proxy servers. (Check
here for a list of "well-known" TCP/IP port numbers).
If any of these (or other) services are found, the program tries to see
if it can login or otherwise gain access to that service. If it
can, it flags that IP address and service to the person running the program
and what happens after that depends on what they have in mind for your
Your best defense against probes is to not run any servers or services
that you don't understand, or are not sure what they are used for.
You also should properly secure any services that you do run. Finally,
if you are a relative "newbie" and/or especially paranoid about
intruders, don't run the free Wingate 2.1d version, which is
easily misconfigured and can allow intruders into your LAN.
"Trojan Horses", are programs that are somehow downloaded and
installed on computers in your LAN. Although physical access to
the target computer is a common method of installation, these programs
can be installed via network access to an unprotected shared network drive.
Orifice and NetBus
are perhaps the most infamous in the Windows world.
They can allow an unknown person to do almost anything that they want
with the computer that B.O. is running on. (Check
here or here
for a list of port numbers commonly used by "Trojan horse" programs.)
Your best defense against B.O. and other Trojan horses is to never
open any email attachments that come from people who you don't know, or
that come as part of a widely distributed or forwarded email. If
in doubt about any file attachment, delete it first, and ask questions
Worms These troublemakers are self-replicating, self-propagating
programs that are spread through the Internet and generally don't require
any action on the part of the computer owner to be activated. All
they need is an unprotected connection to the Internet.
The "netlog" worm I recently encountered one of these in the form of the netlogworm (read about it here).
I run a dialup connection that I thought I had properly
secured and haven't had any problems before now. But I had recently
run a webserver log analysis that required me to keep my computer connected
to the Net overnight, and had left my C drive shared with no password
and had left Client for Microsoft Networks and File and Printer Sharing
for MS Networks bound to my Dialup Adapter's copy of TCP/IP. Stupid,
My system had been acting funny for a few days, i.e. very sluggish, slow
Internet connection, the clock was losing time. I thought it was "normal"
Windows stuff. On the third day, I finally decided to run the Windows
System Monitor and found my Processor Useage was solidly at 100%.
I closed all the programs I was running. Still at 100%. Closed all the
programs on my System Tray. Still at 100%. Finally brought up the
"Close Program" box and saw "Wscript" running.
Killed it and the Processor Useage went to 0!
Checked my Startup folder and found a shortcut to a file called "network.vbs".
Searched my C drive and found about 5 copies of this sucker. I right-clicked
on them to Edit them and found that some were the legitimate Windows Scripting
Host sample program that is supplied by Microsoft as part of the Win98
Install. But the one in my startup folder started out like this:
and was not from Redmond! Needless to say, I deleted all
copies of the file and immediately updated my anti-virus program DAT file
(which had been recently updated to catch this worm.)!
Moral of the story: Follow your own advice! <blush>
Now that you know what you're up against, you might want to use some of
the tools on this page to help detect
and remove threats to your LAN's security.