{"id":5213,"date":"2014-12-15T04:21:11","date_gmt":"2014-12-15T09:21:11","guid":{"rendered":"http:\/\/kasperskydaily.com\/uk\/?p=5213"},"modified":"2020-02-26T15:10:44","modified_gmt":"2020-02-26T15:10:44","slug":"seven-tips-on-how-to-make-your-home-wi-fi-more-safe","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/seven-tips-on-how-to-make-your-home-wi-fi-more-safe\/5213\/","title":{"rendered":"Seven tips on how to make your home Wi-Fi more safe"},"content":{"rendered":"

Time and time again did we write about the dangers public Wi-Fi<\/a> hotspots pose to users, but today we are talking about threats coming specifically from home wireless networks. Many wireless router users do not remotely consider them to be a threat, but we are here to bring this illusion down. This guide is by no means complete, but several great tips can help you to increase the level of your home network security.<\/p>\n

Step 1. Changing the admin password<\/h3>\n

One of the most common\u00a0mistakes is using a default out-of-box admin password (likes of frequently used \u201cadmin:admin\u201d and \u201c1234\u201d). Combined with some non-critical remote vulnerability or open wireless connection, it might give hackers the ability to fully control the router. We strongly recommend updating the password to a more complicated one<\/a>:<\/p>\n

\"wifi-1\"<\/a><\/p>\n

To illustrate our point, we present screenshots of TP-Link router settings. Naturally, not all router access points look like this, however the general settings will remain the same.<\/p>\n

Step 2. Disable remote management<\/h3>\n

The second problem is open access to the router\u2019s control interface. Usually manufacturers enable only LAN-based router control by default, but this isn\u2019t always the case. Make sure you check whether you router\u2019s control interface is available on the internet.<\/p>\n

\"wifi-2\"<\/a><\/p>\n

In most cases, in order to disable remote management, you should enter the 0.0.0.0<\/strong> address into the appropriate field or de-check the box. It also makes sense to block access to the router through Telnet or SSH protocols (provided your connection supports them). Proficient users might apply restrictions to control capabilities over LAN based on hardware\u2019s MAC addresses.<\/p>\n

Step 3. Disable\u00a0Broadcast SSID<\/h3>\n

As a rule, a wireless router transmits your Wi-Fi network ID (the so-called SSID) to everyone. You can actually disable the broadcast of the SSID by selecting the option below. \u00a0This means that you\u2019ll still be able to connect to the network, however it won\u2019t be visible in the wireless selection\u00a0menu. \u00a0This makes it that little bit harder for attackers to spot your network.<\/p>\n

\"wifi-3\"<\/a><\/p>\n

Step 4. Using reliable encryption<\/h3>\n

Enabling encryption on the Wi-Fi broadcast means\u00a0that people will need to know a password before joining your network. \u00a0However, not enabling encryption means that anybody can join your network and download what they wish. \u00a0It\u2019s a lot simpler than it appears to enable encryption and having strong security on the network goes a long way to making sure it\u2019s safe for every user. \u00a0The first step is making sure that the encryption is strong enough. \u00a0WPA2 is currently one of the strongest encryptions available so you should make sure you choose it if you can.<\/p>\n

\"wifi-4\"<\/a><\/p>\n

Once you\u2019ve selected WPA2 setting, it\u2019ll ask you for a password. \u00a0Remember to ensure that this is as strong as possibles<\/a>.<\/p>\n

Step 5. UPnP et al.<\/h3>\n

Today\u2019s wireless routers are not only capable of serving a internet access; they also support different protocols to automatically\u00a0connect smart devices:<\/p>\n

\"wifi-5\"<\/a><\/p>\n

Universal Plug and Play (UPnP), DLNA support (Digital Living Network Alliance) and alike are better off disabled if not in use \u2014 you run a lower risk of being affected by vulnerabilities in software using those features.<\/p>\n

Step 6. Updating built-in software<\/h3>\n

Updating firmware is something of a dark art and as such, the majority of users will never even think about it. \u00a0However, if you\u2019re up to the challenge, it\u2019s worth researching as some hardware is patched significantly after launch and the only way to get these updates is through firmware. \u00a0What\u2019s worth noting however is that most modern routers now have the ability to update themselves, without user intervention.<\/p>\n

\"wifi-6\"<\/a><\/p>\n

If you do need to update the firmware, the instruction are usually stored on a separate tab in the router\u2019s web interface. All you need to do is download the firmware\u2019s image, back-up the router configuration (sometimes the older file cannot be used with the new firmware, and in that case you might need to run the process from the beginning), run the update and restore configuration after restarting your system.<\/p>\n

Step 7. Not only router<\/h3>\n

\u2018Ultimate\u2019 protection does not exist, as the years have proved. \u00a0A sensible approach to router settings, using strong passwords and encryption, and timely updates to firmware will significantly contribute to a higher level of safety of your wireless network, but it does not 100% guarantee your network is safe from hacking.<\/p>\n

\n

7 tips for securing your connected home. http:\/\/t.co\/YMdv5vGrLj<\/a> by @JacobyDavid<\/a> via @Securelist<\/a> #IoT<\/a><\/p>\n

\u2014 Kaspersky (@kaspersky) November 26, 2014<\/a><\/p><\/blockquote>\n