Wireless Router Security
From TWUUG
Most of the content from this page has been copied from this wikibooks article. DaveHarris is the original author of this section of the wikibooks article on this topic.
Why care about security?
You must consider security because you are legally responsible for any activity that goes on originating from you IP address. Your neighbors or possibly someone parked outside your house in a vehicle can access your internet connection and possibly commit illegal activity. The more likely scenario is that they would use your internet connection for free internet access.
A possibly greater threat would be access of private data stored on your computers.
Security becomes even more important if you are in a high-density location, such as an apartment complex or dormitory, where more people are likely to pick up your signal.
A good rule of thumb is:
Don't stick with the out-of-the-box settings!
It's fine to use the default settings when first setting up your network, but once settled in you will want to protect your network using a password protection mechanism called WPA (Wi-Fi Protected Access).
Choose a passphrase that is relatively long and contains both characters and numbers. Also, do *not* use "dictionary words" as these can be easily cracked. The more nonsensical your passphrase, the better. For example,
f7S9jeiF9M8254nZ8s
is more secure than the passphrase
toaster
For more information on choosing good passwords, visit Password Policy.
You should also change the SSID (Service Set Identifier) of your device to something besides the default setting. The default SSID ("linksys" for Linksys, "NETGEAR" for Netgear, "default" for D-link) is often a dead giveaway for unprotected networks.
In addition to changing your SSID and setting up a WPA key, be sure to change the default administrator password for your router. Most routers today come with no password for the administrator by default. If you don't change your administrator password, it may be possible for someone to set up your wireless router to block you from using it (though there would be very little personal benefit for the hacker for doing this).
What if I forget my administrator password?
All is not lost. Your router should have a "reset" button that you can press (maybe using a ball point pen) to restore your router to the factory default settings. From there, you can recreate all the security settings on your router. Also, check the web-based interface for a setting to backup or restore a file containing the settings of your router. You can use this to back up your router once you've set all your security features up, and restore it in case of failure.
