Security is probably the most important aspect of any computing experience and probably one of the most neglected. With security measures, like many things, one can go as deep as they want to go but a little effort to employ the basics can go a long way. While it is said that locks are only for honest people, you wouldn’t go to bed without locking your door. Let’s lock your door and show you how to secure a D-link wireless Router.
General Networking With D-Link Wireless Routers
After connecting your D-Link wireless router and opening the start page in your browser, you’ll see a login screen. All of these routers come with a default password or no password at all. The first thing you’ll want to do is set one in order to guard against local and possible neighborhood intrusion. While this measure seems a given, many may be tempted to skip this step for convenience. The administrator password is your first line of defense.
Next you’ll configure your network settings according to your connection, hardware, and purpose of the router. In addition, the option to configure remote management is offered so you can access your router from outside your local network. It is not advised to allow this unless necessary as individual internet addresses can be spoofed and leaves your network another opening for intrusion. In the advanced settings of the network there’s a tickbox for enabling WAN (from the internet) pings. Leave this unchecked so that your router will not answer pings confirming its existence.
The most important part is under the Wireless Settings. Here you will secure your router connections. The first thing one might want to do is change the default name because most routers ship with their brand name as the default SSID, or broadcast name. While this doesn’t help a whole lot if it’s broadcast across the neighborhood, at least it will hide your brand making it a bit harder to crack.
Next is the Enable Extended Range Mode. Do not enable this unless your equipment is indeed in a large building. There’s no sense in creating a larger circle of coverage to encompass even more neighborhood hackers than is necessary. Most average sized homes and small business settings will not require this option to be turned on. Along these same lines, it’s not recommended that one exchange the factory antenna for a high-range aftermarket replacement for the same reason. If your wireless network card in your computer supports 802.11g, then perhaps you might want to tick the 802.11g checkbox, perhaps excluding some who may not have the latest equipment.
Hiding your SSID aids in security by not announcing its existence. This way only those who know your SSID will be able to use it. While some experienced hackers may own tools to detect your router regardless, it will guard against some. In and of itself hiding the SSID isn’t a strong security measure, but coupled with others decreases your chances of falling victim.
The most important part of securing your router is the Security Mode. Here you will enable encryption and require a password to connect. With most modern routers you have several choices ranging from the least secure to more so. Leaving this disabled allows your information to soar across the air unencrypted inviting others to capture and read it, including credit card numbers, passwords, and private conversations as well as allowing connections from outsiders at will.
WEP, or Wired Equivalent Privacy, provides a modicum of protection better than nothing, but its algorithms were cracked many years ago and anyone with the tools to pull in your transmissions will certainly have these basic conversion tools as well. WPA (version 1), or Wi-Fi Protected Access, was created in answer to the WEP failings, however, it too was cracked several years ago. Again, it’s better than nothing and will keep regular freeloading neighbors from using your connection, but WPA2 is even better. Most modern computer networking cards support this newer encryption standard, but some slightly older equipment may not. If your computer supports WPA2, then that’s your choice.
After choosing WPA or WPA2, you also have the choice of TKIP (Temporal Key Integrity Protocol) or AES (Advanced Encryption Standard) based algorithms. Again, TKIP is the older less secure method and most computers and software support AES, so choose that. Then you have the further choice of PSK (pre-shared key) or EAP (Extensible Authentication Protocol). PSK is the type in which you have to set up your password on each device before encryption begins, so there is a chance someone could have gleaned that information during that process. EAP is more secure but encompasses many different methods and can require specialized software matching the methods of your particular router model. Many businesses use the latter for its increased security, but most home users choose the prior. Be sure to pick a strong password with upper and lower case letters as well as numbers and even special characters.
One last element is the toggle to enable or disable accessing the configuration over wireless. If your D-Link model has this option it is recommended to use it. This way one would need physical access with a RJ-45 cable to try and guess or crack your password to change settings or invade your local network.
While nothing in the computer world is completely safe, things can be made reasonably so. By implementing these simple measures your local and wireless network is much more secure. Along with continued diligence in monitoring activity, your door is safely locked against many would-be intruders.
There were a couple of other related posts on MakeUseOf before:
Please share your comments below. If you have other suggestions on how to secure a D-link router we would like to hear them as well.