A router makes an excellent hardware firewall. It can protect your computer by blocking incoming unsolicited network traffic and even blocking undesirable outgoing network traffic. If you have a router, you should follow all the steps below to secure it.
- Make sure the router’s administrator function has a strong password, not the default one! (see Password Security)
- Disable “Remote Management”, if the router has such a function.
- Disable “Universal Plug and Play” (UPnP), if the router has such a function.
- Stop the router passing pings from the Internet to your internal network, if the router has such a function.
- Enable “ICMP Flood Attack Filtering”, if the router has such a function.
- Enable “UDP Flood Attack Filtering”, if the router has such a function.
- Enable “TCP-SYN Flood Attack Filtering”, if the router has such a function.
- Block access to top-level domains of countries that you wouldn’t normally surf to, or equivalently, only allow top-level domains of countries that you would normally surf to. e.g. If you live in the U.S.A., the address of most local sites will end in “.com”, “.net”, or “.org”. Now, assuming you are not Chinese, you would probably never need to visit a site with an address ending in “.cn” so for extra security, you might as well use the router to block all such domains.
- Block access to dangerous top-level domains that you wouldn’t normally surf to. Dangerous domains are ones which host a large number of websites containing browser exploits and malware downloads, many of which will download to your computer without your permission! Even supposedly authentic download files from such websites may contain viruses and malware, so for extra security, you might as well use the router to block all such domains.
- These are some of the world’s most dangerous top-level domains (as of 2010):
.info .vn .cm .am .cc .asia .ru .ws .tk .biz
- Block access to WAN ports that you wont use, or equivalently, only enable ports that you will use.
- Here are some ports that you may need to open:
Port 25 = Email (Outgoing, Insecure & Secure).
Port 53 = DNS.
Port 80 = HTTP (Web Browsing, Insecure).
Port 110 = Email (Incoming, Insecure).
Port 443 = HTTPS (Web Browsing, Secure).
Port 465 = Email (Outgoing, Secure).
Port 995 = Email (Incoming, Secure).
- Update the router’s internal software every 12 months – Search the manufacturer’s website for “firmware updates”. Reasoning: Bugs are occasionally found in router firmware. Network standards are occasionally modified.
- If using a router in a home or business environment to prevent access to unsavoury websites, you may want to prevent physical access to the router since many routers can be reset simply by pushing/holding a button on the back of the router.
|Copyright © 2009 Andrew White||Created: 12 Aug 2009|
|Page authored by Andrew White||Updated: 09 Nov 2012|
router security, home network security, Remote Management, Universal Plug and Play, UPnP, disable plug and play, ICMP Flood Attack Filtering, UDP Flood Attack Filtering, TCP-SYN Flood Attack Filtering, top-level domains, dangerous top-level domains, prevent physical access, computer security tips