How to Hack-proof Your Wireless Router
Wireless networks are widely used and it is quite easy to set them up. They use IEEE 802.11 standards. A wireless router is the most important device in a wireless network that connects the users with the Internet.
Although wireless networks offer great flexibility, they have their security problems. A hacker can sniff the network packets without having to be in the same building where the network is located. As wireless networks communicate through radio waves, a hacker can easily sniff the network from a nearby location.
Enable WPA2 Wireless Encryption
If you aren’t using Wi-Fi Protected Access (WPA2) encryption to protect your wireless network then you might as well leave your front door wide open because hackers can virtually walk right into your network. If you’re using outdated Wired Equivalent Privacy (WEP) security, which is easily cracked in seconds by most hackers, you should consider upgrading to WPA2. Older routers may need a firmware upgrade to add WPA2 functionality. Check your router manufacturer’s manual to learn how to enable WPA2 wireless encryption on your router.
You will also need to make a strong SSID (wireless network name). If you are using your router’s default network name (i.e. Linksys, Netgear, DLINK, etc) then you are making it easier for hackers to hack your network.
Using a default SSID or a common one helps hackers in their quest to crack your encryption because they can use pre-built rainbow tables associated with common SSID names to crack your wireless encryption.
Create a lengthy and random SSID name even though it might be hard to remember. You should also use a strong password for your pre-shared key to further discourage hacking attempts.
Turn on Your Wireless Router’s Firewall
If you haven’t already done so, you should consider enabling your wireless router’s built-in firewall. Enabling the firewall can help to make your network less visible to hackers looking for targets on the Internet. Many router-based firewalls have a “stealth mode” that you can enable to help reduce your network’s visibility. You will also want to test your firewall to ensure that you have configured it correctly.
Use an encrypted personal VPN service at the router level
Virtual Private Networks used to be a luxury that could only be afforded by large corporations. Now you can buy your own personal VPN service for a small monthly fee. A personal VPN is one of the biggest roadblocks you can throw at a hacker. A personal VPN has the capability to anonymize your true location with a proxied IP address and can also put up a wall of strong encryption to protect your network traffic. You can purchase personal VPN service from vendors such as WiTopia, StrongVPN, and others for as little as $10 a month or less.
If your router supports personal VPN service at the router level then this would be the best way to implement a personal VPN as it allows you to encrypt all traffic entering and leaving your network without the hassle of setting up VPN client software on your computers.
Using the personal VPN service at the router level also takes the encryption process burden off of your client PCs and other devices. If you want to use a personal VPN at the router level, check to see if your router is VPN-capable. Buffalo Technologies has several routers with this capability as do other router manufacturers.
Disable the “Admin Via Wireless” feature on your router
Another way to help prevent hackers from messing with your wireless router is to disable the “admin via wireless” setting. When you disable the “admin via wireless” feature on your router it makes it so that only someone who is physically connected to your router via an Ethernet cable can access the admin features of your wireless router.This helps to prevent someone from driving by your house and accessing the administrative functions of your router if they’ve compromised your Wi-Fi encryption.
Given enough time and resources a hacker might still be able to hack into your network, but taking the steps above will make your network a harder target which will hopefully frustrate a hacker and cause them to move on to an easier target.