Securing DLink wireless routers

I like DLink routers. I like the configuration options, the user interface, and the detailed and well written manuals. If you want to log traffic you can choose to filter the information so you only see only what you want to. But there is one downside if you have legacy WEP devices. The new DLink router I checked doesn't support it. So if you have WEP only devices you can't use secured mode on DLink routers.

Open your browser and enter the IP address to the router. DLink routers use 192.168.0.1 as the default IP:

The default admin user is admin with no password:

The first thing to do is go to the Tools tab and add an admin password and add a user password for times you just want to check things, not change them:

After adding an admin password go to network settings and change the IP from the default 192.168.0.1 to one of the ranges below the graphic:

Use an address in one of the following ranges:

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

The last thing to do is turn on the wireless and setup the security. You can probably leave these at their default settings unless you have trouble picking up the signal. An exception is the SSID, which you should change. 'Enable Auto Channel Scan" lets the router find the channel with the least interference, so it should be checked if it isn't. 'Visibility Status' should be changed to 'invisible'.

That concludes the "Securing your router" series. I hope it was helpful.

Setting Belkin wireless security

I don't currently own a Belkin router, but the Belkin wireless router I had beat the tar out of the Linksys I have now. Even though I don't own one I thought I'd be able to download a manual and use images from it to walk people through setting one up. I learned one thing. Belkin manuals are poor excuses for manuals.

I found a good instructions for setting up Belkin routers at corenetworkz.com. I'd been looking for good images to use, but good images of Belkin router setup pages are hard to find. His are fair, and his right up is good.

Tomorrow I will have instructions for DLink routers. The first wireless router I had was a DLink router, and it was probably the best. I need to order one and use the Linksys as a spare.

Securing Linksys wireless routers

Securing a wireless router isn't hard, but it does take a little thought. How many devices are hooking up to your wireless? What encryption modes to they support? What is the best mode supported by all of them?

You can worry about things like whether or not to broadcast your SSID, filter MAC addresses, or using static IP's instead of DHCP, but in most cases the defaults will be fine. The main benefit is to make your wireless more of a pain to crack than your neighbors. The trouble of maintaining a list of MAC and/or IP addresses just isn't worth the slight added security most of the time.

Today we're looking at the wireless security settings of the Linksys WRT54GS2. If you have another model Linksys router the settings should be similar enough for this to help setting it up.

The first thing to do is to use a Cat-5 or Cat-6 ethernet cable to connect to your router. That way you don't have to change the settings on your computer every time you save a wireless setting on the router. To connect to a Linksys router, type 192.168.1.1 in the URL field on your browser. A login dialogue will popup. The default user is 'admin' (you can't change it). There isn't a password by default.

The router basic setup page will load. Leave the pull-down menu on automatic configuration. Change the local IP address to any address in the public ranges. Don't leave it at the default. If the DHCP server isn't enabled, enable it. Set the starting IP address for the router to give to other devices. I usually just set it to start right after the routers IP (ie 192.168.1.2 if the router is 192.168.1.1).

Once you have the basics setup, click on wireless security. The Wireless Basic setup page will load.



Linksys has 6 security options. WPA2 Enterprise and Radius require security servers and are intended for corporate use. If you can, use WPA2 with AES, otherwise, use the best security all of your devices support.

There are no other settings that you really need to worry about for security, but there are settings you may want to look into for information. You can block computers on your network from the internet, route a VPN through, open ports for specific services. It's a fairly versatile consumer router.

Securing your router

Time's tight tonight, so I will list the settings you should change to make your wireless router more secure. Tomorrow I will cover specifically how to change those settings on a common Linksys router, the WRT54GS2. If I have time I'll also look at a Belkin router. Thursday I will look at Belkin if I don't have time Wednesday, and last we will look at a DLink router. Generally once you know how to change the settings on one model router you can figure out how to change the settings on other models by the same company. Linksys, Belkin and DLink are the most common consumer routers, so those should help most people get set up.

The steps are really pretty simple:

1. Change the user name and/or password. Not all routers allow you to change both. There are lists of default usernames and passwords for most routers and most other electronic devices available online.
   
   
2. Set the encryption to the strongest you can. If you have older devices that only support WEP use it. It's not much, but it will discourage people looking for open wifi. If at all possible use WPA2.
   
   
3. Change the default SSID. Make it anything you want, just don't leave it as the default. There are lists of default SSID's.
   
   
4. Change the default IP address. All routers use IPv4, although the new standard IPv6 is supported by a few. Most devices don't support IPv6 yet, so we only need to worry about IPv4 addresses.

Here are the private IP ranges for IPv4:

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255