Solved

setting up security on Netgear N300 wifi router

Posted on 2012-04-04
8
2,005 Views
Last Modified: 2012-04-10
I setup a new Netgear N300 router and gave my business the defaults...basically nothing.  I need some assistance as far as setting up some type of security on this thing.  I turned on the wifi which comes predefined with a key, no problem there, but I wanted to know what else I can setup on the wired section.
0
Comment
Question by:vulture71
8 Comments
 
LVL 6

Expert Comment

by:Patrick Tallarico
ID: 37808562
What firmware are you running?  There is an updated version that has a different interface than the older version.
0
 

Author Comment

by:vulture71
ID: 37808790
Not really sure, I left the client side already.  

Can you tell me in general?
0
 

Author Comment

by:vulture71
ID: 37809334
Hello stpmt11,

I just upgraded my N300 router to version:  V1.1.1.72.  What other security features can I use?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 37820225
setup the wireless with wpa2
you  may want to restrict the mac addresses that can access it
TURN OFF or DISABLE QSS it is broken easier than WEP to gain access.
change the administrator name and password from the defaults.
change the SSID from the defaults. Mine is "RCMP_SECURITY_VAN"
0
 
LVL 44

Expert Comment

by:Darr247
ID: 37820294
Which model do you have, specifically?
I searched on netgear's website for "N300" and when the list got to a dozen different models I stopped trying to narrow it down without asking.

WNXR2000
DGNB2100
WNB2100
WNR2200
DGN2200
DGN2200M
WNA3100
WNA3100M
DGND3300
DGN3500
WNR3500
WNR3500L

I use WPA2/AES on the main and guest SSIDs of my WNR3500L running SamKnows firmware, without any problems.

Netgear assumes if the person has physical access to the router so they can plug in a network cable to it, they're supposed to be able to have network access.
What kind of restrictions were you hoping to make on the wired ports?  
You could always epoxy the LAN ports closed... that would secure them.
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 37820382
Minimally go for wpa2/psk and use not broadcast ssid where possible to avoid unnecessary snooping and attempt to break system via bruorce. This especially if you are allowingcontractor into the wlan as well or public facing. It can be a bridge point into corporate lan, so do segregate these two lan physically if possible through single switch vlan since there is allowing config to vlan hop or bridge.

Have access control list configured to allow trusted and known MAC address for authentication reach. To avoid rogue devices or ap attempting bridge to our ap. Kind of whitelisting. Also change all default admin and user account esp when they can be found easily in admin guide public available.

Some netgear links....also need user security savvy as well

 http://support.netgear.com/app/answers/detail/a_id/112/~/secure-your-wireless-network%3A-wpa%2Fwpa2-(recommended)
 http://support.netgear.com/app/answers/detail/a_id/13112
 http://support.netgear.com/app/answers/detail/a_id/1104/~/guide-to-internet-security
0
 
LVL 44

Expert Comment

by:Darr247
ID: 37829311
In my opinion, not broadcasting the SSID just makes it a more-attractive target for hackers.
Then they'll spend days brute forcing the WPA2 security 4 times per minute, because the 'hidden' SSID can be sniffed when authorized users connect to it.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Macbook Sierra OS OpenVPN issue 13 85
Need some help with Cisco 3750 switch configuration 8 30
E-mail delayed during DNS server reboot 8 39
Home lab datacenter 9 55
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question