Linksys wireless router noob help

Discussion in 'other software & services' started by securitynoob79, Nov 22, 2011.

Thread Status:
Not open for further replies.
  1. securitynoob79

    securitynoob79 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    24
    Location:
    United States
    Hello,

    I've bought my first ever wireless router so I'm completely unfamiliar with how I can use the Linksys software to make my router as secure as possible. I'm using old OS, Windows XP SP3. The router I got is E4200 Linksys wireless router.

    I'd appreciate any advice on any settings I can change from default in order to more secure it? I actually don't, at the moment, have any wireless devices at all. I simply have the router connected to my SB6120 cable modem.

    Also, I'm confused as to which Security Mode to set. It wpa2/wpa mixed mode preferred?
     
    Last edited: Nov 22, 2011
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hello securitynoob79,
    the most secure mode would be WPA2 only but not all devices work with WPA2 so wpa/wpa2 mixed is the most compatible. dont forget to use a strong passphase for the wireless. I normally get a passphase from this site.Another thing I would advice is to change the password for connecting to the router itself to avoid other people from being able to change settings.
    if there is a remote access settings option disable it. you only want to be able to change the settings locally.
     
  3. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,129
    Location:
    USA
    Change the logon password for accessing the router settings.

    Change the default SSID but make it impersonal - for instance PrivateNET - don't use your name or your address (crazy but I've seen it).

    Enable wireless security - wpa2/wpa is fine - use a strong passphrase, but don't make it so long it's a PITA to type. Your friends and family will be ticked trying to tap it in on their smartphones, etc :) I use LastPass to generate random passwords and usually use 12 characters. Bump it to 16 if you're concerned. Just don't use your street address or you phone number - you get the idea.

    You can enter alternate DNS servers in the router such as Norton DNS, Open DNS or Google DNS. These filter for malware and may provide better performance too.

    Turn off remote access unless you think you might want to access the router settings from a different location over the internet.

    And since you don't have any wireless devices at the moment you could just turn off the wireless radio until you need it (it's good to have it configured and ready to go though for when you do).

    It's really common that people forget the passwords for the router logon and wireless network. I highly recommend LastPass for saving passwords, but whatever you do make sure you know where to find them when you need them. Otherwise you will have to push the reset button on the router to access it. That will erase all of your settings and you will have to start over again, usually at a very inconvenient time. Hope this helps!
     
  4. securitynoob79

    securitynoob79 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    24
    Location:
    United States
    Thanks for all the help thus far. I've changed passwords as specified and I also made most of the changed listed below (some were default). I just wanted to check if these are correct?

    Wireless -> Guest Access
    Allow guest access - No
    SSID Broadcast: Disabled

    Wireless -> MAC Filter
    Wireless MAC Filter - Disabled

    All the options under VPN Passthrough are enabled. Can someone explain what that means?

    Administration -> Management
    UPnP: Disabled
    Remote Management: Disabled

    I had one final question. Since hooking the router up, when I turn off my PC at night, all the lights on my router stay on. Before, it use to shut off (bottom light would turn solid orange). Is there anyway to shut down the router when I turn off my PC?
     
    Last edited: Nov 22, 2011
  5. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    Change the Wireless MAC Filter back to = Enabled

    The securty here is, any MAC Address not in the MAC Address Filter List will not be able to connect to the Router.
    Being that there are no MAC Addresses entered, all MAC Addresses will be Voided.

    Disable All Options for Virtual Private Network (VPN).
    An Virtual Private Network is an Secure Tunnel through the Firewall of the Router connecting one computer to another.
    Mostly used for business.

    Leaving the Router on has some benefits, such as the Router does not have to re-establish an connection with your
    Internet Service Providers Servers to obtain an IP Address all over again. Any Networked Computers will still be
    able to communicate. Powering electronics on and off may shorten the life of some electronic components due to the
    expansion of heating and cooling. If your computer is the only computer connected to the Router there is still no
    security breach by leaving the Router powered on because no connection from outside of your Network is going beyond
    the Router, it will be trapped inside the Router enviroment if you will, or not be present at all.

    Otherwise pull the plug on the Router, some Routers have an on/off button on the back panel of the Router.

    EDIT:
    The orange light on the Router is most likely an indicator that the computer connected to that port of the Router
    was Powered Down. Double check the location of the orange light. There are four ports on the back of the Router, if
    you plugged the Ethernet Cable into Port #1 on the back of the Router then Port #1 light on the front panel of the
    Router would be orange after powering the computer down. There are four lights on the front panel of the Router
    labeled 'Ethernet'.


    HKEY1952
     
    Last edited: Nov 22, 2011
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,129
    Location:
    USA
    The VPN pass through is an option to connect to your desktop computer from a remote device, eg laptop, over the internet through an encrypted "tunnel". Unless you intend to leave your desktop on all the time so you can connect to it remotely you can disable VPN pass through.

    Disabling SSID broadcast doesn't turn off the wireless, it only makes the wireless network invisible. I've read it doesn't add much to security. It's better to turn off the wireless radio if you don't need it and when you do allow SSID broadcast so it's easy to find in the list of available networks (just my .02 :) )

    I leave my router on all the time, but I don't think it would hurt it to turn it off overnight. If yours doesn't have a switch just pull the power cord. When you want to use the system again turn on the router first and wait until all the lights are green and stable, otherwise your computer will complain that it can't connect to the internet.
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    WPA - WPA2 at a minimum, if the router supports it and a custom passphrase. SSID could and often is set to custom assuming the Wireless Security is set.
     
    Last edited: Nov 22, 2011
  8. securitynoob79

    securitynoob79 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    24
    Location:
    United States
    Thanks for all the information. I did everything as you said. So, the MAC filter does not apply to my own MAC then?

    Also, one more question. Using Firefox latest version, my saved passwords to not appear on a login screen as they did before. It's as if I'm using private browsing on Firefox. I simply refresh the screen and the username/password appears in the login.

    Also, thanks Victek123 for the information as well.
     
  9. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    You are quite welcome securitynoob79

    That is correct, your computer is 'hard wired' to the Router via Eathernet Cable, so the Wireless MAC Address Filter
    in the Router does not apply to the MAC Address of the Network Adapter in your computer. However, as stated, the
    Wireless MAC Address Filter in the Router should be Enabled for security reasons with no MAC Addresses Listed.
    And also Disable the Wireless Radio until you need it as suggested by Victek123.

    As for the Firefox issue regarding Passwords not appearing on the Log On Screen, I am not familiar with Firefox and
    can not provide an answer.


    EDIT: completeness


    HKEY1952
     
    Last edited: Nov 22, 2011
Loading...
Thread Status:
Not open for further replies.