Securing a Home Router (Wireless)

Published on
17,812 Points
9 Endorsements
Last Modified:
Community Pick
In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you strengthen the  out of the box  default mode that was set by the manufacturer.

Wi-Fi or 802.11 networking uses radio waves to transmit data.  Most wireless routers provide a range of up to 300 feet in all directions and if you do not secure your network then just about anybody will be able to peruse your files!  For minimum security levels you will at least want to set up a Wired Equivalency Privacy (WEP) key.

You might be surprised to know that spammers and malware users could be "Wardriving" in your neighborhood with their laptops and Wi-Fi detectors seeking a wireless connection to tap into.  These hackers know default router passwords and often will find an open portal where NOTHING can be traced back to them. Unfortunately, every nasty act that they perform on an unsecured and open wireless network will be traced back to you.

Since your router is connected to the internet and stands in front of your computer -- there is no firewall that will warn you about this type of intrusion.  The router firewall can block users from the internet from accessing your computer but this same firewall will not stop people in range of your local Wi-Fi signal from getting into your network. Local traffic can slow down your internet performance, browse your file system, drop dangerous malware on your system, read your email, intercept your user name and password, send you spam, surf porn, and perform myriad illegal activities with your internet connection.

Always read the instructions that come with your wireless router.  Since you are using this technology it is up to you to secure it as best you can.

How to secure your wireless router:
Go to and Change the I.P. address of your router to a valid private address like -- You will always be able to get to the web interface by typing the IP address of your router (default gateway into the browser navigation toolbar): 
Always change the default settings on your router. The first thing you should do is to change the default administrative login and password.  This should never be a word that you find in your dictionary!
Wireless Network Mode = mixed.
Turn on the router hardware firewall - Block Anonymous Internet Requests, Filter IDENT at Port 113, and filter multicast. Editor's note: Check your specific routers manual for how to enable its firewall as this can be brand specific.
Set your Service Set Identifier (SSID) wireless network name to something unique that will not be confused with your neighbor's name.
To protect your router DNS settings from being hijacked you should install EZDNSWatch.  (This application is totally free for personal use).
Set a different default channel (default is channel 6.) Use channel 1 or channel 11.
Disable remote administration.
USE DATA ENCRYPTION.  Try to use Wi-Fi Protected Access (WPA) encryption instead of WEP.  WEP can be easily compromised.  For WPA Algorithms, use TKIP. To create a strong password for WPA -- use Steve Gibson's strong password generator.
DO NOT USE MAC FILTERING!  A MAC address is a 12 digit long HEX number that can be easily sniffed by a hacker.
DO NOT Auto-Connect to Open Wi-Fi Networks.
DHCP -- Eliminate or reduce the allocation of IP addresses.  Give your nodes static addresses or reduce the size of the address pool.  Limit the amount of DHCP addresses to the amount of devices on your network that will require DHCP.
Make sure that your router has the latest firmware installed. Your router manufacturer will periodically issue firmware updates so you should check the manufacturer website for updates on a quarterly basis.

Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free