Why you need to secure your home router and how

Nowadays, most people have a router in their home from an off-the-shelf brand. The thing is, people should be aware just how vulnerable they can be. Here’s what you can do to secure it.

Passwords

I believe that the first thing you should do is change the password. Many routers come with the same default user and password. Those in question may be:

  • admin:admin
  • *company*admin:*company*admin
  • root:admin
  • root:root
  • admin:password
  • user:password(yes, that’s a possible combination)

By changing the default router credentials right away, you will avoid the risk of an intrusion. This can be from a neighbor who knows how default passwords work or a hacker trying to login. In some cases, the router will force you to make up one during setup or initial configuration.

UPnP

This one irks me quite a bit. UPnP stands for Universal Plug and Play. It basically allows software from a computer or device to communicate with the router and open ports. While this may seem beneficial to the average user, the risks are very high.

Any malicious program can phone the router’s UPnP server to open up desired ports and configure port forwarding. In the end, it gives them access to your system. Check your router to see if it has been enabled by default, which it usually is. I recommend you turn it off and configure port forwarding yourself.

Firewall

The firewall keeps any bad actors from accessing your router through the internet. By default it should already be enabled, depending on the manufacturer. Make sure that is the case. You shouldn’t worry about your computers being at risk, since port forwarding will have to be configured to expose them behind the home network.

DMZ

DMZ stands for Demilitarized Zone. Accidents do happen. It’s always possible for DMZ to be enabled by accident and for a computer to be exposed to the internet. For example, if DMZ is enabled and the IP is 192.168.1.9. All traffic going to that IP will pass through the firewall and won’t be blocked. Make sure DMZ is not configured as such, and if it is, your computer should have a firewall already configured and working.

Remote Access

Some routers have a setting to configure remote access. This allows the router to be accessible through the internet. By default, it should be off and remain that way. This is especially dangerous for routers that are not updated and contain security vulnerabilities.

Firmware Updates

The most important part to securing your router would be to keep it updated with the latest firmware. Not all manufacturers do, but by doing so will help secure your router and plug in vulnerabilities that might linger. Refer to your manufacturer on how to do so.