Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Star Lounger
    Join Date
    Apr 2010
    Location
    Minneapolis, MN
    Posts
    76
    Thanks
    18
    Thanked 2 Times in 2 Posts

    Linksys N750 EA3500-NP security settings

    Greetings All -

    The wireless transmitter on my old router died, and I replaced it with that listed in the header. I had a nice set of security instructions for the old router, but much is different about the new one's settings. I've already changed the passwords to long and complicated but was wondering about some of the other items. I'm especially concerned that access to the router is through the Linksys website rather than simply a direct connection to the router. My old guidance held that the main default settings were pretty much OK, but the wireless settings needed several changes to make it secure. Any thoughts would be appreciated. Thanks.

    Casey H.

  2. #2
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    3,396
    Thanks
    445
    Thanked 404 Times in 376 Posts
    Here are some things I would do:

    1. Make sure that you have selected "WPA2 personal" as your encryption. That is currently the most secure encryption.
    2. Pick a non-descript name for your SSID. For example, I wouldn't pick something like "Casey's House". I would pick something generic like "footballfan". Doing so will make it a bit more difficult for a mischievous neighbor to know which wireless network is yours.
    3. In addition to selecting a good password for getting on the internet via your router, I would change the router's admin password, so no one can get in and change your settings.
    4. I would disable PIN login to the router (found under Wifi Protected Setup).

    To avoid having to go to Linksys's website just to get into your router, unplug the cable which is plugged into the yellow Internet port (the wire that goes to the modem), and then log into your router. In order to disable remote access to the router, however, it looks like you will have to go to the Linksys website and log into your account there, and then uncheck "Allow remote access to Linksys Smart Wi-Fi" (Router Settings / Connectivity / Administration). To me, this one is a HUGE privacy violation. I wouldn't buy a router which required me to go to the mfgr's website in order to get into the router, even if I had to do it only once.

    Here is more information about your router: http://www.linksys.com/us/support-pr...0000003K7bbAAC

    I bought a basic, plain-vanilla router -- Netgear N150. It gets the job done, and it cost about $30. And I didn't have to go to netgear.com in order to access my router.
    Last edited by mrjimphelps; 2016-02-16 at 15:12.

  3. The Following User Says Thank You to mrjimphelps For This Useful Post:

    Casey H (2016-02-16)

  4. #3
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,137
    Thanks
    101
    Thanked 576 Times in 461 Posts
    Hi Casey - Temporarily disconnect from the internet, i.e. temporarily remove the cable from the yellow Internet port on the router then enter www.linksyssmartwifi.com in your browser. As there's no connection to the internet your browser will connect directly to the router instead.

    Alternatively, open a command prompt and enter ipconfig. When the results are returned, look for the IP address for Default Gateway. You can use that IP address in your browser's address bar instead of www.linksyssmartwifi.com.

    Before you temporarily disconnect from the internet, have a look online here, in particular Manually setting up the wireless network of your Linksys router or in the How to configure your router section in the router manual.

    I suggest you change:
    1. The default password to the router's web interface.
    2. The wireless network name (its SSID).
    3. Set a secure password for wireless access.
    4. Use the highest level of security you can (depending on your devices. For example, if I remember correctly some older Kindle's don't support WPA2). Your router is probably already set by default to use WPA2 Personal.
    5. Disable remote access (unless you definitely need it).
    6. Disable WPS (Wi-Fi Protected Setup) - it's insecure.

    Hope this helps...

  5. The Following User Says Thank You to Rick Corbett For This Useful Post:

    Casey H (2016-02-16)

  6. #4
    Star Lounger
    Join Date
    Apr 2010
    Location
    Minneapolis, MN
    Posts
    76
    Thanks
    18
    Thanked 2 Times in 2 Posts
    Thanks Guys -

    That's exactly what I was looking for. I disabled both remote access and wireless access. I also disabled WPS. I remembered it as being insecure, but until now, didn't know how to shut it off. Originally typing in the ip address took me to the Linksys connection, but after unplugging the cable, I was able to access the router directly. Entering the IP address now just takes me to the router. I believe everything is now behaving as it should. Thanks again.

    Casey

  7. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,164
    Thanks
    47
    Thanked 976 Times in 906 Posts
    WPS push button is OK, WPS PIN is not.
    WPS push button makes connecting your phone nice and easy.

    cheers, Paul

  8. #6
    3 Star Lounger
    Join Date
    Jul 2011
    Location
    Florida
    Posts
    399
    Thanks
    168
    Thanked 28 Times in 26 Posts
    What is the danger in being able to be identified by your SSID?

    For someone to access your router, wouldn't they first need to connect to your network?

    I've always understood that a strong wifi connection password with WPA2 was the important factor; please tell me if I'm wrong.

  9. #7
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,164
    Thanks
    47
    Thanked 976 Times in 906 Posts
    Some people like obfuscation, but as you correctly point out, it's not security.

    cheers, Paul

  10. The Following User Says Thank You to Paul T For This Useful Post:

    Trev (2016-02-17)

  11. #8
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    3,396
    Thanks
    445
    Thanked 404 Times in 376 Posts
    Quote Originally Posted by Trev View Post
    What is the danger in being able to be identified by your SSID?

    For someone to access your router, wouldn't they first need to connect to your network?

    I've always understood that a strong wifi connection password with WPA2 was the important factor; please tell me if I'm wrong.
    Quote Originally Posted by Paul T View Post
    Some people like obfuscation, but as you correctly point out, it's not security.

    cheers, Paul
    The danger is that my neighbor might be a bad person, a hacker perhaps; and he might not like me, for some reason. Maybe my dog went in his yard and messed up his flower garden. So he wants to get me back in some way.

    Putting "JimPhelps" as my SSID might encourage him to try to mess me up via my home network. However, if he sees "footballfan", he might not get any mischievous ideas; he might not even know that it is my network.

    You're right; there's no security there. Just a little obfuscation, to slow down someone who might want to do me harm.

    Kind of like leaving something valuable on the front seat of your car, and throwing your coat over it so that no one will see it. The only protection you have is that people don't know that it's there.

  12. #9
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,721
    Thanks
    146
    Thanked 156 Times in 149 Posts
    If he's your neighbour, might he not guess that 'footballfan' is you anyway? Especially as any other neighbours' SSIDs might well be obvious? Just saying ....!
    Talk is cheap because supply exceeds demand

  13. #10
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    3,396
    Thanks
    445
    Thanked 404 Times in 376 Posts
    Quote Originally Posted by access-mdb View Post
    If he's your neighbour, might he not guess that 'footballfan' is you anyway? Especially as any other neighbours' SSIDs might well be obvious? Just saying ....!
    It is doubtful that he would guess that it is me, because I always choose a team that they would never suspect that I would pull for. Kind of like a Green Bay fan putting "VikingsFan" as his SSID.

  14. #11
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,137
    Thanks
    101
    Thanked 576 Times in 461 Posts
    Quote Originally Posted by Trev
    What is the danger in being able to be identified by your SSID?
    If you use something like TREV@NO19 as your SSID then it pinpoints dwelling no. 19 as potentially having high-value goods inside (or at least a router ). I don't want to come home to find someone's caused hundreds of pounds worth of damage forcing their way into my home to look for them. Why advertise?

  15. The Following User Says Thank You to Rick Corbett For This Useful Post:

    mrjimphelps (2016-02-17)

  16. #12
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    A SSID name is not hidden unless whatever you are using hides it from you (honors a flag that is set to not show you its presence in the area of your wifi's detectability). Plenty of wifi scanning apps will ignore that flag such as Acrylic Wi-Fi.

    Obscuring your SSID with something that does not out you, such as the aforementioned VikingsFan, doesn't work when directionality can be established with a cell phone/tablet or laptop getting a couple of directional signals from a stroll or drive down the block. My wifi app gives a general direction and location of each SSID.

    The reason for obscuring your SSID is to make it harder for hackers to learn anything about you that might allow them to guess passwords/decryption keys.

    My next door neighbor uses FBISURVEILLANCEVAN9.

    I have three different ones (transmitters) for my cell phone's wifi access, my laptops and my media players. Anyone who knows me would be able to guess it was me from my "hidden" SSIDs, but I really don't think they can guess my passwords (which are long and random) from it. No, if they want access they either need to go through my ISP which has challenges of its own or break into my home in which case hacking my wifi would be the least of my worries.

    At any rate hidden SSIDs, MAC Address whitelisting, changing wifi default user name, password, SSID can deter simpletons hacking, but WPA2 with a decent ASCII password still makes wifi pretty secure (if WPS using Pin# is disabled). Default user name/password on the wifi router for menu access don't much matter if you disable access to the menu over wifi (ie, Ethernet access only).

    https://www.grc.com/passwords.htm

  17. #13
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,721
    Thanks
    146
    Thanked 156 Times in 149 Posts
    Quote Originally Posted by Rick Corbett View Post
    If you use something like TREV@NO19 as your SSID then it pinpoints dwelling no. 19 as potentially having high-value goods inside (or at least a router ). I don't want to come home to find someone's caused hundreds of pounds worth of damage forcing their way into my home to look for them. Why advertise?
    Rick, surely there are many more indications of having something high-value in the house (e.g. Ferrari parked outside).

    In any case, my understanding is that most burglaries are opportunistic where someone has left a door/window unlocked. If they know you have got something they want, it would be difficult to stop them anyway, SSID changed or not.
    Talk is cheap because supply exceeds demand

  18. #14
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,137
    Thanks
    101
    Thanked 576 Times in 461 Posts
    Quote Originally Posted by access-mdb
    Ferrari parked outside
    You been scoping my house? I'm going to start parking it in the triple-garage, behind the stables and pool house.

    Quote Originally Posted by access-mdb
    In any case, my understanding is that most burglaries are opportunistic where someone has left a door/window unlocked. If they know you have got something they want, it would be difficult to stop them anyway, SSID changed or not.
    I'm a Which subscriber and, coincidentally, it released a report today after interviews with 100 former burglars. There's no percentages mentioned re: planned vs opportunistic break-ins (but does report that some burglars spend up to 3 days evaluating whether to break in). It's no surprise that the report shows laptops and mobile phones are both in the top 5 "most interested in stealing" list.

    I agree that if they know you have got something they want, it would be difficult to stop them anyway but, again, why advertise?

  19. #15
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,721
    Thanks
    146
    Thanked 156 Times in 149 Posts
    To get back on subject, my SSID is the manufacturer and model, pretty anonymous. Pehaps calling it VogonPoetLivesHere would do the trick!
    Talk is cheap because supply exceeds demand

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •