Internet, Routers, Computers, Printers, Devices: You have a home network!
Almost all of us have home networks because we have many computers, laptops, printers and mobile devices that need Internet access. Routers provide that access and allow us to extend the range of computer devices inside the house and sometimes outside the house. But what about security involved with routers and home networks?
Most of us have routers that are three or five years old or older and limited our range or number of devices because older home routers were designed to handle three simultaneous connections, Now a new generation of routers with an 802.11ac connection will help us deal with the future of smartphones, tablets and TVs that we want connected to the Internet.
Two major breakthroughs in technology have ushered in a new generation of routers. One is MIMO or multiple-input multiple-output and will allow data to simultaneous stream from more devices. This means that the data rate is multiplied allowing more data at the same time. Second is that this new generation will use millimeter wave frequencies to get the data to its destination.
They will also look better and can be displayed more openly. Keep in mind that the higher the router is and the more open it is will result in a stronger signal.
The downside is that these new routers will cost more. The ASUS (RT-AC68U) Wireless-AC1900 Dual-Band Gigabit Router is on sale for $162.95 and the Linksys WRT AC1900 Dual-Band+ Wi-Fi Wireless Router costs $171.99. You can still get a basic router for $50 dollars but it will be limited in what it can do. In the future, it will be harder to get yesterday’s router.
This year, news broke of several router security issues involving both DSL and wireless routers. DNS exploits, for example, and other vulnerabilities in Belkin systems were reported. Thus, you home network may be at risk.
Would you believe that most of my customer networks that I see are not very well protected or are protected with a such a flimsy password that any hacker worth his salt can crack.
Perry’s focus on is on security and home networks require security
In my previous blogs, I have focused on protecting your computers from malware and viruses. So I will not repeat that information here such as requiring strong passwords and malware protection, but focus on network security which is simply another layer of security that you must have to protect yourself.
All networks even enterprise networks have vulnerabilities but the trick is to make them as few as possible.
There are some simple things you can do yourself like giving your network a strong password. Fifteen years ago WEP or wired equivalent privacy was the most widely used algorithm, but now it is obsolete and susceptible to being easily hacked. Then came WPA which was a great improvement, but now that standard has become obsolete. Currently, the WPA2 encryption with the mandatory use of AES algorithms and the introduction of CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) is the best protection but is not without its problems. But for home networks it is sufficient when incorporated with other layers of security.
If you are setting up your own network, I will give you some cues. If you don’t want to be troubled, call Perry’s Computer repair. We are specialists in setting up home networks.
Router Configuration
To configure your router you will need go to the router log in page. Most routers will have a router log in page with the IP address of 10.0.0.1 or 198.162.0.1. You can access it by typing this IP address in your browser. You will then be asked for user name and password which for Netgear router is “admin” for the user name and “password” for the password. If you have a different router, then you have to consult the manual that came with the router or go to their web page.
Also, you can find the IP address of the router at the CMD prompt. For Windows 8 and 10, hit the windows key and type CMD. The command prompt should come up. Type in IPCONFIG/ALL and it will give you the IP addresses of all of the devices on your network. The IP address of the default gateway is your IP address for your router.
Once you gain access to the router log in page you will see a lot of data on your router settings. Find your password box and change the password to a 64 bit password or a very long combination of numbers and letters, both lower case and upper case. You can find a random generator online and generate a complex password. Make sure you copy this password down and put it in a safe location. You can also save it to a word processor file.
The next step is check on your router firmware to insure you have the latest revision. Old firmware which may be five years old or more may have some holes and is a sitting duck for that evil hacker who is waiting for you around the corner.
This is where the router log in page comes in handy. Simply go to your router page and see if you have the latest revision. In Netgear, for example, the router log in page will have a notation at the top if you have a revision available. Simply click on it for the updating and it will update in three or four minutes.
If your router firmware has not been updated in four years, consider getting a new router. Some companies are notorious for not doing patching, and the only solution is to get a new one using the latest technology.
Using Open DNS for home security
A further layer of network protection is using a third party vendor such as “Open DNS” to protect your domain and network. Your network could be subject to domain shadowing which is when an attacker gains admin access to a legitimate domain and uses an exploit kit to register a lot of shady subdomains. Cisco threat researcher Nick Biasini says “Domain shadowing using compromised registrant credentials is the most effective … technique that threat actors have used to date. The accounts are largely random so there is no way to track which domains will be used next.”
To protect your network, you can use “Open DNS” which is part of Cisco, the world largest and most popular router manufacturer. “Open DNS” will filter your IP address to block nasty malware, exploits and pornography. This company analyzes unusual DNS request patterns, atypical domain names, suspicious DNS records and BGP route changes. Their servers will identify malware, botnets, phishing and all serious threats in real time. Get the free service which is probably sufficient for most home owners.
To configure “ Open DNS” on your network, go to their website and find your router and click on it. Using a Netgear router, for example, change your DNS settings in your Netgear router log on page, using the tab for Internet, to 208.67.220.220, 208.67.222.222, and 208.67.222.220. Then test your settings by going back to the Open DNS page.
All right maybe it wasn’t that easy. So give Perry’s Computer Repair a call and we will do it for you. We are specialists in setting up home networks.
Perry J. Mitchell
Microsoft Certified Systems Engineer
