How To Secure Home Wi-Fi ( Wireless ) Network

In this practical introduction to the basics of securing your home wireless network, you will learn how to secure a network of game consoles, phones, and PCs. Following are totally useless security measurements specified in arstechnica’s guide:

ADVERTISEMENTS

=> MAC filtering
=> Disable DHCP
=> Disable SSID

You need to enable WPA / WPA2 to protect network (don’t use wep). I also recommend disabling Universal Plug and Play (UPnP) support. The UPnP protocol does not implement any authentication, so UPnP device implementations must implement their own authentication mechanisms, or implement the Device Security Service. Unfortunately, many UPnP device implementations lack authentication mechanisms, and by default assume local systems and their users are completely trustworthy. Most notably, Routers and firewalls running the UPnP IGD protocol are vulnerable to attack since the framers of the protocol omitted to add any standard authentication method.

My recommendation

  1. Always use WPA / WPA2 with TKIP or AES encrypting with a strong paraphrase
  2. Change paraphrase every month
  3. Disable UPnP
  4. Disable wireless router remote (public IP based) management and ssh / telnet port features. Only use your local PC for telnet / ssh or router management.
  5. Turn on firewall, port scan and DoS protection (which is a default for many routers)
  6. Turn on email notification when DoS or port scan attack detected
  7. You may find our WPA / WPA2 Linux configuration guide useful
  8. Additional tips for Windows user – Use an anti virus, firewall / internet secruity suite. Most important don’t use bloated Norton product. My personal recommendation is NOD32 or kaspersky anti-Virus. Both are extremely light on system resources and detecting viruses. Either is an excellent anti-virus solution. Keep your operating system and virus databases always up to date.

=> Read: The ABCs of securing your wireless network

If you have more security tips, please add them in the comments.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
2 comments… add one
  • Rolf May 4, 2008 @ 20:49

    I would probably also turn down the signal strength of the wireless router. This way it becomes less available and less exposed for others.

    This is not really anything to do with security, but it could place you in a group of wireless networks where your not network isn’t interesting for some hackers. Those who just want free internet connection. … the less people that know about you, the less attention you’ll get.

  • AVP Jan 21, 2009 @ 7:29

    Turning off router when away from home is also essential,why leave anything on when you are not watching it?
    VPN over wireless can be another option if you always need home wireless on.

    Just my 2 cents.

    Cheers,
    AVP
    http://www.avp-blogs.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.