Results 1 to 11 of 11
  1. #1
    Lounger
    Join Date
    Oct 2003
    Location
    Connecticut, USA
    Posts
    49
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Preventing home network intrusions

    Good morning. I need to tighten the security on my Linksys EA4500 router. I have been seeing different cell phones listed on my Network in File Explorer.

    I am using WPA/WPA2 Mixed Personal encryption. Obviously, my password was not tough enough. Knowing most of my neighbors and their technical abilities, I didn’t think that I needed a Fort Knox password. Wrong.

    In my research I have read that hiding the SSID is worthless (even if I could- not possible on this router), MAC address filtering is not worth the effort if someone technically sophisticated is intent upon breaking into a network.

    I will change my router password and WPA2 passphrase today. I have turned off guest access to the network.

    Is there anything else that is worthwhile to hinder intrusions?

    Thanks for the help./ cel
    Last edited by CelVerhaegen; 2014-02-23 at 12:27.

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    10,181
    Thanks
    129
    Thanked 1,139 Times in 1,050 Posts
    Regarding the wireless network itself, there isn't much more that you can do. With WPA2 and a good, long password, you should be fine. Regarding access to your networked computers, I would disable any sharing that is not password protected. If you run a software firewall, make sure you only allow known devices to have access to your computer.
    Rui
    -------
    R4

  4. #3
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,624
    Thanks
    67
    Thanked 526 Times in 475 Posts
    In addition to Rui's suggestions,disable Router Remote Management and WPS if available.

    Jerry

  5. #4
    3 Star Lounger
    Join Date
    Jul 2012
    Posts
    391
    Thanks
    201
    Thanked 27 Times in 26 Posts
    Using a good long password has already been mentioned
    You can also check the strength of your passwords
    https://www.microsoft.com/en-gb/secu...d-checker.aspx

    To determine whether or not your router is accessible from the outside (an external IP address)
    --- Find out your IP address when you are online go to http://www.whatismyip.com/
    --- Visit http://dnstools.com/ and choose option check port 80, put in your IP address you just found & click Go
    --- If you get connected successfully to port 80 then your router is accessible from the outside and you need to change your settings

  6. #5
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Quote Originally Posted by jwitalka View Post
    In addition to Rui's suggestions,disable Router Remote Management and WPS if available.
    If you cannot disable the Remote management (there are some brand/models where it cannot be disabled), ensure that you change the login User name from the default and create a secure password for it.

  7. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Rochdale, UK
    Posts
    824
    Thanks
    13
    Thanked 52 Times in 52 Posts
    Quote Originally Posted by cmptrgy View Post
    Using a good long password has already been mentioned
    You can also check the strength of your passwords
    https://www.microsoft.com/en-gb/secu...d-checker.aspx

    To determine whether or not your router is accessible from the outside (an external IP address)
    --- Find out your IP address when you are online go to http://www.whatismyip.com/
    --- Visit http://dnstools.com/ and choose option check port 80, put in your IP address you just found & click Go
    --- If you get connected successfully to port 80 then your router is accessible from the outside and you need to change your settings
    There are far more ports than just port 80! That is the HTTP port to access a web server. If that that port is open and the OP doesn't knowingly have a website running within their network then it is a cause for concern.

    https://www.grc.com/shieldsup will show what ports are open.
    Last edited by Browni; 2014-02-23 at 20:41.

  8. The Following User Says Thank You to Browni For This Useful Post:

    cmptrgy (2014-02-23)

  9. #7
    3 Star Lounger
    Join Date
    Jul 2012
    Posts
    391
    Thanks
    201
    Thanked 27 Times in 26 Posts
    I will definitely follow up on how to use the grc.com website

    I just ran the tests at grc.com and it was good to see so many stealth reports
    --- One failure I got is on the Ping Reply
    --- Since I don't do file & printer services I need to review the Network Bondage section which I will do because I want to understand what's going on
    Thanks again
    Last edited by cmptrgy; 2014-02-24 at 00:41.

  10. #8
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Tennessee,USA
    Posts
    129
    Thanks
    9
    Thanked 11 Times in 10 Posts
    Changing passwords frequently is also recommended. Keep observations frequently after changing password to see what if any differences.
    Michael

  11. #9
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,137
    Thanks
    202
    Thanked 206 Times in 198 Posts
    Rather than hide your SSID, you can give it a nondescript name, such as "football fan", something that will prevent people from knowing that it is you. This won't actually keep anyone out, but it will deter those who are looking specifically for your router -- it will keep them from knowing that it is you.

  12. The Following User Says Thank You to mrjimphelps For This Useful Post:

    cmptrgy (2014-02-24)

  13. #10
    Lounger
    Join Date
    Dec 2009
    Location
    UK
    Posts
    33
    Thanks
    0
    Thanked 20 Times in 2 Posts
    Hiding the SSID may not be worth much.

    Firstly, if you hide the SSID then instead of the router broadcasting that the SSID exists only around your home, your laptop will broadcast a request to see if the SSID is available wherever it is located.

    Secondly, with an appropriate program on their phone (WiFi Analyser for Android for instance) I think that they can find the SSID anyway.

    As previous people have said, use WPA2 (rather than WPA or WEP which were good(-ish) in their time but can be hacked easily these days) with a strong password (since you only need to enter this password very rarely). On my router I use WPA2 with a 25+ character password with upper and lower case characters, numbers and symbols.

    (And whilst we are at it, it is probably worth using WiFi Analyser or similar to see what channels other routers are operating on around you, and select the best channel for your own router to operate on.)

    P

  14. #11
    3 Star Lounger
    Join Date
    Jan 2010
    Posts
    275
    Thanks
    2
    Thanked 25 Times in 25 Posts
    On the router's login screen it is important, as another poster already said, to change the user name to something other than "admin" because any good hacker knows that's the standard user name on most routers. Of course, you should also put in a good password here.

    And, turning off WPS (Wi-fi Protected Setup) is important because hackers have found ways to exploit that, too.

    There's a turn-around area on our side street where cars sometimes pull up and park for a while. i've walked by and seen drivers using a laptop or tablet. A few times they quickly put down the laptop and drove away when they saw me. Gee, do you think they may have been trying to piggy-back on our wireless router? Or our neighbors? Or maybe hack in and steal data? Maybe so, but with a long, strong WPA-2 passphrase and the router's login safely changed and WPS off .... well they will be there all day trying to hack into that!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •