Author |
Topic: Wireless router - Firewall |
Ed Meadway
From: Western New York
|
Posted 1 Mar 2007 6:37 am
|
|
During a discussion it was mentioned that a wireless router has a built in firewall. Is that true? |
|
|
|
Cal Sharp
From: the farm in Kornfield Kounty, TN
|
Posted 1 Mar 2007 9:49 am Wireless security
|
|
Hey Ed,
A wireless router is a firewall, a physical one, in that it acts as a barrier between you and the internet. Make sure you change the default password and use WPA or WPA2 encryption. The older WEP encryption isn't quite as robust, but it works pretty well against the casual intruder.
C#
www.calsharp.com |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
Posted 1 Mar 2007 10:12 am
|
|
Most routers available today, wired and wireless contain configurable firewalls. The Netgear Firewall/Routers even allow you to shut down access the the Internet between certain hours or days, as well as blocking certain websites you describe, and all unsolicited incoming UDP and TCP traffic (which is meant to either spam or harm you). Check the documentation for the model you are interested in to see if it has a user configurable firewall.
As Cal mentioned, the first thing you should do when you bring a new wireless router home is to change some of the default settings to protect the router from takeover by neighbors or wardrivers. The general procedure is to plug a network cable into one of the router's Ethernet ports, and the other end into your computer, type in the IP address to the router (RTM), login with default credentials (RTM), then start securing it as follows.
- Change the default SSID to a private name that won't be obvious to passersby.
- Turn off SSID Broadcasts. This means that only computers that are configured to know your particular SSID can connect to the router, since the unit won't broadcast that info anymore.
- Setup WPA encryption following the details in the manual, using a setup CD that may be supplied to get her going.
- If you know that only a couple of computers are going to connect to the wireless router you can assign additional security by limiting the connections to the specific MAC addresses of the network adapters in those computers/laptops.
- Change the default Admin login to a new name and password. Never leave that information in the default setting.
- Disable remote administration, Pings from the 'Net, and UPnP.
- Change the IP address of the router, reboot, and login to the new address.
- Change the DHCP Server range to a non-default starting point, and limit the number of connections to the number of computers you own and will connect to it, wired or wireless.
- Also, change the default channel (6) to a higher channel. This also helps resolve connection problems caused by interference from wireless telephones in the immediate vicinity of the router or wireless carded computer. I personally had to move up to channel 11 to avoid disconnects caused by my telephone.
_________________ "Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Wiz Feinberg
From: Mid-Michigan, USA
|
|
|
|
Ed Meadway
From: Western New York
|
Posted 3 Mar 2007 4:05 am
|
|
Cal and Wiz. Very clear. Thanks a ton............Ed |
|
|
|