How is your Wireless Network Configured?

Posted on 2012-09-18
Last Modified: 2012-11-05
I just bought a Netgear RangeMax Dual Band Wireless Router and I want to make it as secure as possible.

I have a laptop, desktop, 2 wireless printers, and a smart TV for Netflix.

How would you configure your router to give maximize security without degrading performance? Is setting WPA the only thing I should do or can that be hacked?

Thank you.
Question by:RockySea
    LVL 10

    Expert Comment

    If you can configure WPA2 use it. Then choose a long and complex wireless password.
    You might also want to set a long and complex password for your router configuration itself to make sure the setup is not being changed by the legitimate users of your network.
    Regarding security "WPA2" is considered secure, together with a strong password no successfull attacks are known yet.
    LVL 21

    Assisted Solution

    Using WPA2, or highest level your devices wil support, is a good idea.

    Also you can turn off broadcasting your Network name or SSID. That means you will need to manually configure it on all of your devices but it helps to keep outsiders out.

    On the Netgear routers you can set up an access list and allow only your specific devices, by MAC address, to have access.
    LVL 1

    Expert Comment

    Well, anything can probably be hacked but If you select WPA2-PSK and set a good password, at least 8 characters with numbers, letters, and a special character or two you should be ok.

    You can also hide the SSID from being broadcast so users can't see the name of the access point.  Another thing you can also do is MAC Address filtering.  You will have to add each devices MAC address to the table in the router configuration.   MAC filtering can be an administrative hassle if you have guest come over with a laptop.

    If the router allows you to limit power you can size the coverage area to just your property.
    LVL 10

    Accepted Solution

    When it comes to hiding the SSID just keep in mind that it just makes life only a little harder for a determined attacker as it is still possible to find the network.
    The same holds true for MAC filtering: As MAC-addresses can be chosen arbitrarily on some devices it does not give you any _real_ additional security.
    So the absolutely most important (and in the end sufficient) security means are:
    - choose WPA2
    - choose a long and complex password. I'd recommend some random character string with letters, numbers and special characters, length at least 16 (!).
    LVL 44

    Assisted Solution

    WPA2 / AES (not TKIP)

    Use a complex passphrase of at least 10 characters, and definitely not a dictionary word.
    By complex I mean consisting of mixed-case letters, numbers and symbols.

    Use wired connections where possible.

    WPA/TKIP is more secure than WEP but can still be hacked, mainly because it's really WEP with the password rotated every so many packets according to vectors negotiated during authentication. If WPA/TKIP-encrypted traffic is captured, it can be decrypted because the encrypted password is included with every packet, so your data would not be secure.  
    WPA2/AES traffic encrypted with a complex passphrase can take a million-computer 'botnet hundreds of years to decrypt by brute-forcing the passphrase... and brute force is the only way to crack it because the passphrase is not ever exchanged between client and station.

    However, you should be aware that any time you're connected to the internet, even by wire, and not on an encrypted link (e.g. http instead of https), your traffic can be intercepted and viewed... so if you want security you should ensure the URL starts with https or sftp, and use the highest number of bits possible. You can check your browsers' encryption levels at

    Author Closing Comment

    Thanks! I will setup WPA2/AES with a long,complicated password.

    I will also disable SSID broadcast(I will have to figure out how to manually configure each device to associate with this router).

    Very helpful!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
    The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now