The following are the steps you can follow to secure your wireless home network:
- Secure your router management interface.
- Setup SSID
- Setup wireless security encryption.
- Setup MAC Address Filtering
Note:This guide is intended to be used as supplemental material and should be used in conjunction with the user guide for your particular make and model device.Most of these user guides can be found at the
manufacturer’s website.
Linksys Support
Belkin Support
D-Link Support
Before we begin, you might be asking yourself “How do I even connect to my router to set the configuration settings?”Well, simply put, your router, typically, has a built in web page that allows all users, currently connected to the router, to change the configuration data.
<!–[endif]–>
- Load your router’s management page.
<!–[if !supportLists]–>a. Load your internet browser. (e.g. Firefox / Internet Explorer)
<!–[if !supportLists]–>b. In the address club type one of the following depending on the brand of your router:
<!–[if !supportLists]–>i.<!–[endif]–>Linksys (192.168.1.1)
<!–[if !supportLists]–>ii. Belkin (192.168.2.1)
iii. D-Link (192.168.0.1) or (192.168.1.1)
<!–[if !supportLists]–>c. Next you should receive a password prompt.By default, most home networking routers have a default username/password combination that can be found in the router’s user guide.
i.<!–[endif]–>If you have forgotten your username and/or password are forgotten you are going to have to reset your router back to factory defaults.(Use this only as a last resort as the entire set of configuration settings will be lost and will need to be restored after the router is reset.)
1.<!–[endif]–>With the router powered ON locate and press the RESET button for approximately 10 seconds or until the lights on the router stop blinking. The reset button is typically located on the back of the router near the power jack.The button is typically recessed, to prevent inadvertent pressing, and will require something small (i.e. a paperclip or pen) that will be able to reach the button. After the button is released the router will require approximately one minute to reboot and will have the entire factory defaults restored.
Secure your router management interface.
- If you haven’t done so already, I recommend that you change the default password to the router management interface. This setting is typically found in the System Settings section. After you decide on a password I also recommend insuring that remote management has been disabled.
- <!–[endif]–>Click Apply or Save changes.<!–[endif]–>
- You should now be prompted to login to the router again as your password has now been changed.
SSID is really a catch 22 in my opinion. If you broadcast it, it’s in the open for everyone to see, but if you disable it and someone comes around wardriving and discovers that you’re SSID was disabled they’ll be more inclined to attempt to access your network because you probably have something important to keep hidden. It’s definitely not always the case, but I thought I’d share my 2 cents 🙂
Sorry, I should have added that your passphrase for WPA should be random generated and not a weak passphrase of a plain “dictionary” word that can be cracked very easily.
I agree that not broadcasting your SSID is only a layer but it can still be cracked. Anything can be cracked given the right tools and given the time, any network can be infiltrated.. The point is, to make your network a more difficult target so that the criminal (or hacker if you will) decides to move on to a more easily accessible target.
Considering most wireless networks are unprotected, getting this information out just so people impliment basic protection is a good start.
I agree. The MAC filter is not the equivalent to a bouncer, but more a little old lady asking you for your name without ID. You can lie (spoof) about it. As far as a WPA passphrase, you should use a passphrase generator to generate one for you up to 63 characters long (the longer the better and with all character types). This will make it more difficult, if not impossible, to brute force attack it. Using a dictionary word will only take a few seconds to crack.
Not broadcasting the SSID only adds another layer but it’s not impossible to crack it. Most scanning software will show it but without the SSID so it’s just a bit of extra work for the hacker to sniff that out.
Disabling SSID doesn’t add security. MAC addresses can be spoofed.