Home Network Router Security Secrets
- Apr 7, 2006
Most people who install a home network never delve inside the netherworld of security settings on their router. Who can blame them—it’s about as frightening as putting your hand in a shoebox full of rabid gerbils. Nevertheless, it’s worth the effort if you know what you’re doing.
That said, here are 10 router settings you can use to make your network more secure. For the purposes of this article, I used a popular router, the DLink DI-524, to show you how to engage the features, because this router doesn’t bite—usually.
To use these features, you need to get inside your router and access its control panel. To do this, type the router’s internal IP address into your web browser on a computer on your network like this address for DLink routers: http://192.168.0.1. For Linksys routers, it’s http://192.168.1.1, and http://192.168.2.1 for several other brands. Check your router’s manual if none of these work for you, or look for the Default Gateway IP address when you use the ipconfig /all command (mentioned in tip #5).
1. Turn off UPnP.
UPnP, or universal plug and play, is a handy feature that lets devices on your network self-configure on a network, but it’s also a security hazard. A Trojan horse or virus on a computer inside your network could use UPnP to open a hole in your router’s firewall to let outsiders in. So it’s a good idea to turn off UPnP when not in use. To do that, click the Tools tab then the Misc button, and click Disabled next to the UPNP listing. Be sure to click Apply to update the router with this new setting. See Figure 1.
Figure 1 Turn off UPnP in your router to stop malware on an infected computer from opening holes in the router’s firewall.