router security

Sat May 23 04:07:12 UTC 2009

On 05/22/2009 04:53 PM, Robert Holtzman wrote:
> I'm running a Linksys wireless router with wpa encryption for my
> laptop and a desktop is hardwired into it. I'm wondering how
> secure the wired connection is in as much as wireless isn't
> involved. It seems as though the wired connection wouldn't be
> secure if the router got cracked. The router has a 64 hex character
> passphrase.
> 
> Anyone knowledgeable have any thoughts on this?
> 

In addition to what has already been posted: I think that simple common
sense security actions will keep you safe for the time being.

For simplicity sake:
http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm
My comments added to the titles.

1. Change Default Administrator Passwords (and Usernames)
[you'd be surprised how many people neglect this simple step]
2. Turn on (Compatible) WPA / WEP Encryption
[whatever you do, don't touch WEP and *only* use WPA]
3. Change the Default SSID
[again a simple step - not really much use IMO but easy to do]
5. Disable SSID Broadcast
[won't do much of anything as a cracker will find you anyway]
6. Do Not Auto-Connect to Open Wi-Fi Networks
[goes without commenting]
7. Assign Static IP Addresses to Devices
[excellent advise]
8. Enable Firewalls On Each Computer and the Router
[goes without commenting]
9. Position the Router or Access Point Safely
[tin hats... but not really a bad suggestion]
10. Turn Off the Network During Extended Periods of Non-Use
[execellent suggestion -- don't leave home for vacation with it on]

11. Follow info in https://help.ubuntu.com/community/Security
12. Look into changing default ports that you leave open for services
such as vnc, ssh, etc., it won't keep a determined cracker out, but it
will make it harder for them.
13. Keep the firmware in your router up-to-date & make a habit of
checking the router logs on a regular basis. Also make sure that you
bookmark and check the router vendor forums, support sections, and
update pages, and check them on a regular basis.
14. Be security conscious... sounds silly doesn't it? Don't be paranoid,
but just think of your network as an open house invitation for your home
advertised on craigslist or ebay. Once advertised, someone is liable to
test the locks on the front door, the back door, windows, etc. Just as
you'd take the most basic measures to protect your house and your
personal security, do the same for your network.
- Don't advertise too much
- Secure the locks that you have and add more if needed. Test them on a
regular basis
- Close windows & doors if you are not using them & don't leave the
garage door open so that anyone passing by can see from the street
- Keep in touch with local crime, neighorhood watch, and the local
police (remember this part is analogous to computer security)

Just use common sense.