Website by |
This site focuses on the security of routers. Period. If you are interested in faster WiFi, look elsewhere. The site covers configuration changes to make a router more secure, and, picking a router that is more secure out of the box.
Why devote an entire site to router security?
I used to be like you. That is, I would buy a router, it would work fine and I would ignore it for years. But, anyone who follows tech news has no doubt heard of assorted router flaws. After some huge flaws, affecting millions of routers, caught my attention, I started following the topic more closely. As a Defensive Computing guy, I eventually realized that I needed to upgrade my own router security and get more up to speed on the topic.
Non-techies can start at the Introduction to Routers page, which discusses what a router is conceptually, describes the hardware and the many ways to communicate with a router.
The list of configuration changes to increase router security is far from complete. The topic on selecting a secure router is complete, as is the checklist page which lists the security features to look for when buying a router. The router bugs page will never be complete, but that's not the point. It exists to backup my argument - don't buy a consumer router.
I spoke on Securing a Home Router at the HOPE conference in July 2014. This website is planned to contain all the information in that presentation and be kept up to date with new developments. It's a work in progress. A PDF of my HOPE presentation is available at box.net (last updated Oct. 4, 2014). Audio is available at x.hope.net (thanks to 2600). An article about the talk appeared in Toms Guide.
I will again be speaking about Router Security, this time at the upcoming O'Reilly Security Conference in New York City at the midtown Hilton Hotel in Manhattan. The conference runs from Oct. 30 - Nov. 1, 2017. No exact date/time yet for my presentation.
Router security may be a dull and boring topic, but it's important. For more, see what can happen if your router gets hacked.
This site has NO ADS. If you see ads, either your browser, computer or router is infected with adware.
The first step towards a secure router is choosing a router.
Many people use the device given them by their Internet Service Provider (ISP) which I think is a bad idea for a number of reasons.
The next decision is buying a consumer router or a business class device. Don't buy a consumer router.
I am not alone in pointing out the sad state of router software/firmware.
Which router do I recommend? The Pepwave Surf SOHO router from Peplink. My only relationship with Peplink is that of a customer.
How secure can a router get? Only as secure as its included features allow. For a list of router security features see my Security Checklist. The most expert person in the world can only make a router as secure as the included features allow.
Consumer Reports is no help in picking a secure router. Here's a screen shot from the ratings on their website. Each router is graded on security which they define as "features such as encryption, remote administration default settings and filtering and firewall compatibility." Useless.
When complete, this site will list dozens of tweaks to make a router more secure. But, at the least, make these changes:
When you are all done making configuration changes to a router, it is a good idea to back them up. Routers normally can export a file with the current settings. On a Pepwave Surf SOHO router, go to the System section, click on Configuration, then click the Download button to Download Active Configurations. With a TP-LINK Archer C8, go to the Advanced tab, click on System Tools, then on Backup and Restore, then the Backup button.