Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
is the OEM for broadband routers from many companies including: SMC,
Asante, GVC, 3Com, D-Link, and U.S. Robotics. (AMIT does not necessarily
supply all the routers in a company's product line.)
Be careful about using the information on this page for one manufacturer's
product on another's product. Do so at your own risk!
If it ain't broke...!
Upgrading router firmware can sometimes cause more problems than it fixes!
Here are a few lthings to consider before you click that "Upgrade"
Check the Readme or other information that describes what the firmware
will do before you do the upgrade. If you don't need new features and
your product is happily doing it's job... leave it alone and don't
perform the upgrade!
If you do need the upgrade, first download a copy of your
existing firmware revision, or the closest earlier revision
available. You may need it in case something doesn't work right with
the new firmware.
and AMIT firmware can generally be interchanged between the routers,
but you do this at your own risk!
The manufacturer reserves the right to consider
using other manufacturers' firmware a violation of your warranty and
may refuse support help.
If you have problems, load the proper firmware before you contact
Updated 5/26/01 Firmware for
the Asante FriendlyNet
WARNING! WARNING! WARNING!
If you have loaded AMIT or SMC firmware on
your FriendlyNET, you may not be able to upgrade to Asante's
2.02 firmware. One reader's report follows:
Much of the info that you have on your site about this
hardware is based on the SMC hardware, but the assumptions that
you make aboout the Asante are not completely right.
I have the Asante hardware, which came with firmware prior to
1.90. I flashed to the SMC 1.90, and had no problems until
I tried to flash to Asante 2.02. This did not work using either
method provided by Asante.
After version 1.87, the upgrades are done through the web browser
using a .bin file only. When trying to upgrade the Asante
to 2.02 using this method, it returns a "unallowable upgrade
file" error. When using the traditional upgrade method
of executing the .exe file, it returns the message tha the upgrade
was successful, but that's not true. Did not upgrade at all.
All attempts to return to either a previous version of firmware,
including the original, have failed. I cannot seem to get back
prior to 1.90, and I cannot seem to get further than this either.
I contacted Asante for help, and they were pretty unhelpful.
I didn't expect better, but got it just the same.
Please advise Asante owners to not flash to any other firmware.
Asante is not forgiving and neither is the firmware.
You cannot fall back to firmware revisions below
1.88 once you load 1.88 or higher firmware.
Latest Asante Router Firmware [All firmware can be downloaded from this
page unless otherwise noted]
You'll need 1.88 or higher firmware and you'll need to forward port
500 to the IP address of the LAN client that you want to use as an
Forwarding port 500 is no longer necessary to get IPsec clients to work,
with FW version 1.91a. [Thnx Jim Salem!].
There are still cases where mapping port 500, even with the latest firmware
installed, can get a balky IPsec connection working. So try it
if you're having problems.
You may be able to avoid having to call your ISP to register your new
MAC address. See this page.
Some ISPs use the Adapter (or MAC) address of your NIC to enable
service (MediaOne/RR in the New England area does this, as does Prestige.Net (Carroll County
Maryland). If this
is your situation, you'll need to follow your ISPs
procedure to register a new address, but using the router's MAC address. You can find the address on the
router's Setup page listed next to WAN IP Address,
and titled MAC address. (It looks something like
Copy this down and give it to your ISP. After you change the
address at your ISP, do the following:
1) After you call in the address, unplug your cable modem power and unplug the
Wait about 5 seconds and plug in the cable modem and wait for it to boot up.
2) Now plug in the router power, & wait for the router to
finish starting up.
3) Check your router's Status screen and look to see that
there is a WAN IP address and valid DNS servers listed.
4) If you don't see the IP info in #3, reset the router or
force the router to do a WAN DHCP renewal.
screen. If you didn't get valid IP address info, repeat the WAN
DHCP renewal process.
5) If you did get valid IP address info, start your web
browser and see if you get your normal start page.
6) If you don't get your browser start page, you may need to reboot your computers, or run winipcfg
and do a Release/Renew on your client's Ethernet adapter before you can access
1/3/01Stopping Dialup reconnect
If you are using the router as a Dialup router (through the COM port
with a modem), you may find that the router keeps reconnecting to your
ISP, even if no computer is trying to use the Internet.
Upgrade to the 1.90 AMIT firmware (available from the link in
the Upgrading Firmware section) and make
sure that the "Auto-Reconnect" box on the Primary
Setup screen is not checked.
Interpreting the System Log file
The old Barricade's System log messages are a little cryptic. This
MS Word document from SMC contains explanations for most of the
the Router to Factory Defaults
This information comes from SMC Support. You should also be able
to apply these procedures to the Asante FriendlyNET.
There are two ways to restore the Barricade
1. If you are able to get into the Barricade's
management screens and have updated the firmware to version 1.88 or
higher, use the "Reset to Default" button in the
"Toolbox" section of the Management screens.
2. If you cannot get into the Barricade's
management screens no matter how you try, then reset the router by holding
a metal object (ie: paper clip) to pins 3 and 8 of the Com port (9 pin
Connector) for 5 to 6 seconds after turning it on. (See diagram below)