Setting up a Secure Home Network

The following is a simple guide to make it harder for attacks to reach your routers and devices.

On April 2018 it was reported that Russian hackers targeted several home routers in the United States. These attacks consisted of many things, for example: Malware campaigns, data and identity theft. An unprotected home network is a vulnerability, it is important to set up a secure home for you and yours.

1. Change your SSID (Service Set Identifier), updating your SSID makes it hard for hackers to identify what type of router you have and avoid them from exploiting known vulnerabilities.
2. Your network name shouldn’t disclose any personal information, even a little can be used in identity theft.
3. After you update your SSID, change your default admin credentials. Most of the time routers come with weak usernames and passwords by default. A hacker can determine what router you have, then later look for its default credentials by using sites like RouterPasswords and DefaultPassword.
4. Use a strong password that has between 15–20 characters, with symbols and numbers. You can also use a password manager app to help you create and keep your strong password.
5. Turn on WPA2 encryption with AES (Advanced Encryption Standard). WPA2 AES is currently the most secure encryption standard available until WPA3 becomes widely available.
6. Afterwards you should disable WPS(Wifi Protected Setup) and UPNP(Universal Plug and Play) features. WPS allowing adding a new devices to your network easier and simply by pressing the WPS button on the router. This however, can be used by an unauthorized person to gain access to your router.UPNP lets devices on the network discover newly-connected devices, which comes with its own security dangers.
7. Disable remote access to your router’s admin panel. While accessing this admin panel itself isn’t the issue, doing so wirelessly can be. This is because the login credentials you send through the air may be intercepted by hackers.
8. Make sure to have a Network Firewall. Hardware firewalls add an extra layer of security by blocking incoming data which is deem unsafe. Some routers may come with a built-in firewall, if so make sure to enable it.
9. Update your software! especially your routers firmware! Older firmware has vulnerabilities which an attacker can exploit. Always check the manufacturer’s website for the latest version.
10. If your router has a guest feature, make sure to have your visitors use it. A guest network allows visitors access to your internet connection without providing them a password.
11. Last, place or transfer your router at the center of your home or as close to the center as possible. Doing so, ensures an equal wireless signal range around your home. Most importantly, making your signal harder to be found from far away.

Security tools for your devices.

1. Make sure to have a firewall software on your computer and mobile devices. Your router’s built-in firewall does a good job blocking incoming connections, but it has a hard time deciphering outgoing traffic. Being able to decipher which programs should be allowed to go out, helps prevent botnets, trojans, and other malicious malware.
2. You need a VPN(Virtual Private Network). A VPN adds no just on but two layers of security to your online connection. Adding another layer of encryption( on top of the AES encryption already provided by your router’s WPA2 AES) and as a bonus replacing or hiding your IP address.
3. VPN are important for your home devices and mobile devices, especially when connected to a risky public Wifi. Not all VPNS are safe, do your research.