Thursday, March 27, 2008

How To Secure a Linksys WRT54G Router

Many Windows XP users have home networks which utilize a router which allows several computers to share the same Internet connection. It is important to know that perimeter security is just as important as keeping your PC locked down. Doing so will prevent successful attacks from the outside world. This article covers how to secure a Linksys WRT54G router.

Here are the step-by-step instructions:

  1. Log in to your router by opening your web browser and going to http://192.168.1.1 - this is the address to acces your router. If this is your first time logging in, leave the username field blank and enter 'admin' (without the quote marks of course) as the password.
  2. The first thing to do is back up your current configuration. This way if you set something incorrectly you can always revert back to the original setup. Click the "Administration" tab.
  3. Click "Config Management"
  4. Click the "Backup" button. Choose a location to save your configuration where you will remember.
  5. Click "Management"
  6. If you have not yet created your own router password you will need to do this now. If you have, please skip to step 11.
  7. Next, where it says "Router Password:" enter a new password into the text field.
  8. Enter the password again in the box that says "Re-enter to confirm:".
  9. Then, Click the "Save Settings" button. and wait for the confirmation page.
  10. Click the "Continue" button. From now on when you log in you will need to enter 'admin' as the username and use your new password.
  11. Click the "Security" tab.
  12. Where it says "Firewall Protection:" tick the box that says "Enable" if it is not already selected.
  13. Place a check mark next to the box where it says "Block Anonymous Internet Requests"
  14. Place a check mark next to the box where it says "Filter Multicast"
  15. Place a check mark next to the box where it says "Filter Internet NAT Redirection"
  16. Place a check mark next to the box where it says "Filter IDENT(Port 113)"
  17. Click the "Save Settings" button and wait for the confirmation page.
  18. Click the "Continue" button.
  19. If you are not using your router for incoming http (web) connections, it is a good idea to turn off remote admin. Click the "Administration" tab again. Where it says "Remove Management:" tick the box that says "Disable" if it is not already selected.
  20. Click the "Save Settings" button and wait for the confirmation page.
  21. Click the "Continue" button.
  22. Sometimes disabling this does not work, so to make sure, click "Applications & Gaming"
  23. In the first available slot under the "Application" column, enter "Security".
  24. In the same row, under the "Start" column, enter the number 80.
  25. Enter 80 again in the adjacent box to the right under "End".
  26. For the "Protocol" select "TCP".
  27. Under "IP Address" enter the number 254.
  28. Check the "Enable" box for this entry.
  29. Click the "Save Settings" button and wait for the confirmation page.
  30. Click the "Continue" button. This will divert all incoming connections for web access to the router to a non-existant host. This reduces the chance of a break-in from a nosy outsider.

0 comments: