Advanced Router Setup

Securing Your Router

To access the management settings on a Cisco Linksys router click on Administration on the top of the page.

Change the Router Password to something of your choosing. For a detailed description of the rest of the settings on this screen click on the “Help..” link in the right of the Administration page.

 

To access the management settings on a D-Link click on Tools on the top of the page.

Change the Admin and User passwords to something of your choosing.

 

Setting up your wireless

To access your wireless settings on a Cisco Linksys router click on Wireless at the top of the page. Wireless security settings can be changed by clicking on the “Wireless Security” sub-tab. For more information about any of these settings, click on “Help...” on the right side of the Wireless page.

 

To access your wireless settings on a D-Link router make sure you're on the Setup tab and select Wireless from the left. Scroll down and click on the Manual Wireless Setup button. For more information about any of these settings, click on “More..” on the right side of the Wireless page

 

Wifi Protected Setup

 Recommended setting: Disabled or Manual

 

While Wifi Protected Setup (WPS) can be handy when connecting new devices to the wireless network it has a major security flaw. More information about this security issue can be found here: http://www.kb.cert.org/vuls/id/723755.

 

Network Mode (or 802.11 Mode)

Recommended setting: Mixed

 

Mixed network mode provides the most compatibility supporting more devices. Selecting a particular wireless standard (a, b, g, n) may improve performance slightly, but may not allow some of your devices to connect.

 

Network Name (SSID)

 Recommended setting: Whatever you like! Need some ideas? Use your name, pets name, family name,  or descriptive location (eg “Bob”,“Spike”, “Smith” or “Johnston Cottage”)

 

The network name or SSID identifies your wireless network. It is recommended to change it from the default value to help avoid confusion when selecting a wireless network. Remember that anyone with a device that has wireless built in can see what you write in here. If you don’t feel comfortable with people seeing your name or address then do not use that information as your network name.

 

Channel

 Recommended setting: Auto

 

When Channel is set to auto the router will select the wireless channel with the least interference at the time. This is recommended, however, if you are having issues with the router interfering with your cordless phones or vice-versa you can try changing the channel to either 1, 6, or 11 to see if this corrects the issue.

 

SSID Broadcast ( or Visibility Status)

Recommended setting: Enabled, or Visible

 

This setting either hides or displays your wireless network name when other devices are searching for networks. Enabling SSID Broadcast makes it easier for friends and family to connect their devices to your wireless network, while disabling it makes it a little more difficult for unauthorized users to access your network.

 

Security Mode

 Recommended setting: WPA2 Personal

 

For personal networking, there are 4 different options when it comes to security modes:

 

None – Security level: none -  There is no encryption on your wireless traffic meaning your data is being sent in “plain text” form. You do not require a password (or key) to access the wireless network. These networks are the easiest to connect to, but do not provide any kind of security.

 

Wired Equivalent Privacy (WEP) – Security level: low – These networks encrypt your wireless traffic and your data can only be unencrypted by another device that knows the password (or key) for the network. There are flaws in the protocol that make it particularly vulnerable to attack and they are rather easy to exploit. An overview of these flaws can be found at http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html. WEP should only be used if your devices will not connect with WPA or WPA2.

  

Wifi Protected Access (WPA) – Security level: moderate – These networks encrypt your wireless traffic and your data can only be unencrypted by another device that knows the password (or key) for the network. WPA was created in response to the security flaws exposed in WEP and therefore is more secure. This protocol was improved upon in WPA2 and should only be used if your devices cannot connect to your network when it is set to WPA2.

  

Wifi Protected Access Version 2 (WPA2) – Security level: high - These networks encrypt your wireless traffic and your data can only be unencrypted by another device that knows the password (or key) for the network. WPA2 improves upon some authentication weaknesses in WPA and should be used whenever possible in home networking.

  

Encryption Type

 Recommended setting: AES

 

This is how the wireless router encrypts the data each device is sending over the network to keep unauthorized users from being able to “pull” the data out of the air and steal sensitive information. Advanced Encryption Standard (AES) is the recommended type due to known vulnerabilities in the Temporal Key Integrity Protocol (TKIP). More information can be found on this here: http://www.cisco.com/c/en/us/support/docs/csr/cisco-sr-20081121-wpa.html

  

Passphrase ( or Pre-Shared Key)

 Recommended setting: Whatever you like. The more complex the better. (eg “IEnjoy2Donuts!And1Coffee$”)

 

A passphrase (also known as password or key) is required when you have your Security Mode to set to anything but none. The longer and more complicated you make it, the more secure it will be. Any device you connect to your network will need to be programmed to use this passphrase so keep in mind you will either be giving it to guests, or typing it in on machines to connect.