User:WikiWriter/Sandbox/Router security settings

Wired and wireless
Routers - both wired, and wireless allow a single internet connection to be shared by many computers. It does this using Network Address Translation, a technology that means a router behaves as a hardware Firewall. It prevents all data from the internet (outside), not requested by a connected computer (inside), from passing through it. This built-in technology is great for security, but routers have other built-in features that are bad for security.

Routers come from their makers with default settings that makes them as easy to use as possible - these default settings are bad for security. Hackers know the default settings for every router, all they need is access, and leaving a router with its default settings makes that easier.

The default settings worst for security are the :
 * Administrative Username and Password
 * WAN Administration
 * UPnP Service

Administrative Username and Password
Routers can have their settings changed by an Administrator who can log-on to the router using a Username and Password. Unfortunately - the default Administrative Username and Password for every router is know by hackers.


 * We recommend changing the default Username, and using a good Password

WAN Administration
WAN is Wide Area Network - in this context that means the internet. WAN Administration is on by default - unfortunately this setting means the router's settings can be accessed from the internet by a hacker.


 * We recommend switching WAN Administration off

UPnP Service
UPnP is Universal Plug and Play - a technology that allows devices to be added to a network easily. Unfortunately this technology can be used by a hacker to change your router's settings over the internet even if WAN Administration is off.


 * We recommend switching UPnP off

Wireless
A setting specific to wireless routers is for encrypting the traffic between the router, and its connected computers. If this connection is not encrypted any Wi-Fi capable computer can connect to the router, use its internet connection, and capture data traffic between the router, and its connected computers.


 * We recommend using at least WPA encryption, and a strong password

Note : The steps for making these changes are specific to your router - refer to its User Guide for details.