With the exponential mounting internet crimes, it becomes ever more important to tighten network security. So with everyone working from home for a year plus now, one of the most important investments we have made is on our home network. Most of us rely on a broadband connection delivered to devices via a Wifi network. Have you wondered how secure is your home network of the Wifi router itself?
You don't need to be a security nerd to check the basic level of security of our wifi routers. It doesn't take an expert to do this with the availability of technology now.
Rule No 1
Typically an internet connection provider gives you a router that comes with a default username & password which is mostly admin/admin by nature. You only switch it on and off, no monkey business around it because you're afraid of screwing up something thus making the internet not working. Well, it isn't news that millions of routers on the internet run with the default credentials. Changing the default credentials of your router should be the first step and it doesn't take much. Google your router maker name and model and you'll find numerous pages on the internet walking you through how to change the default password.
Go, do that first..
Rule No 2
How strong is your Wifi password? is it 012345678? I have seen enough routers with this as the router password. Pls go ahead and the first action should be to change the wifi password to something strong. If you follow a simple rule, it is easy to create a strong password yet something that you can memorize.
- Minimum 8-10 in length
- A mix of characters, numbers & symbols
- Use of capital and small letters (well, for a computer 'A' is different than 'a')
There, if you just stay with this, you can easily create a strong password for your wifi and you will never forget this.
Here is one above. It checks all the boxes and complex as well. Try checking the strength of this password at the password meter yourselves (Password Strength Checker (passwordmeter.com)). It is that simple.
Obviously, don't use that particular one!
Rule No 3
You need to know you're using an authorized DNS server. Well, I don't like my ISP to know my browsing patterns and I would like to have a DNS server that gives me;
- Speed, the DNS resolution should be fast, if not faster.
- Would appreciate blocking of URLs based on family content etc. Well, Family you see.
- It should offer me adblocking functionality, if possible.
I use AdGuard as primary and CloudFlare as secondary DNS servers. Check out below on how to set it up in your router.
Rule No 4
Check what services are you running on your router. You don't want to open up a lot of services open, for one simple reason. The more protocols you open, the more vulnerability you're opening yourselves up to.
Again, you don't need to be a nerd.
- Nothing Open To Internet
- Check and limit what is open to your local network.
No ports or ping on your public IP should be open to the internet. How do you check that?
Go to Google and type 'what is my IP'. You'll get your public IP address.
Go to https://nmap.online, paste that IP and do a Port Scan. One scan a day is free.
I have nothing open to the internet, not even PING. My router shows up below (I ran the Nmap locally on my laptop). I have the DNS, SSH and Web management ports open on the router and they can be accessed locally (within the Wifi network).
There, it's that simple.
There are the most advanced toolsets available which might need some learning but the security of your home Wifi can be as simple as checking these 4 items. It will not secure you from all the threats in the world but will help you protect yourself from most of them.
You're only as secure as your entry point when it comes to computer networks.
Check it out today itself...
Feeling excited? There are much more checks that can be done, to get a glimpse of what all, head over to Test Your Router - RouterSecurity.org