Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Router hardening
Message
<blockquote data-quote="ForgottenSeer 58943" data-source="post: 717676"><p>A router isn't a firewall, a firewall isn't a UTM. You cannot make a router/firewall into a UTM appliance like Untangle or a Sudo-UTM like PfSense/OPNSense in the general sense. The horsepower is there, the underlying software isn't. Untangle CAN be installed on some home routers though, you'd have to look into that.</p><p></p><p>To configure a home router to be 'somewhat' secure is painfully simple as there are few options to do it properly.</p><p></p><p>1) Turn off Admin from WAN.</p><p>2) Enable HTTPS admin.</p><p>3) Change admin account from admin to something else, such as: 3XkU7Lwe and give it a complex password.</p><p>4) Disable UPNP, WSD, SSH, etc. (any un-needed services/protocols)</p><p>5) Setup your WiFi networks as GUEST rules. This creates a sort of VLAN with your router, putting tags on your WiFi so they cannot communicate with your internal subnets. </p><p>6) Enable SSID Segregation (if option presents), this prohibits inter-SSID communication.</p><p>7) Update firmware regularly. If it won't update - factory reset it. If it won't update after factory reset it's compromised, throw it out.</p><p></p><p>That's about all you can do to a home router to lock it down. Remember, a home router won't protect you much, it's purpose is to DNS Resolver/Forwarding, DHCP Scope Management/ARP Tables, and NATTING internal traffic. About all you are doing above is keeping a threat actor out of your gateway and locking down WiFi a bit.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 58943, post: 717676"] A router isn't a firewall, a firewall isn't a UTM. You cannot make a router/firewall into a UTM appliance like Untangle or a Sudo-UTM like PfSense/OPNSense in the general sense. The horsepower is there, the underlying software isn't. Untangle CAN be installed on some home routers though, you'd have to look into that. To configure a home router to be 'somewhat' secure is painfully simple as there are few options to do it properly. 1) Turn off Admin from WAN. 2) Enable HTTPS admin. 3) Change admin account from admin to something else, such as: 3XkU7Lwe and give it a complex password. 4) Disable UPNP, WSD, SSH, etc. (any un-needed services/protocols) 5) Setup your WiFi networks as GUEST rules. This creates a sort of VLAN with your router, putting tags on your WiFi so they cannot communicate with your internal subnets. 6) Enable SSID Segregation (if option presents), this prohibits inter-SSID communication. 7) Update firmware regularly. If it won't update - factory reset it. If it won't update after factory reset it's compromised, throw it out. That's about all you can do to a home router to lock it down. Remember, a home router won't protect you much, it's purpose is to DNS Resolver/Forwarding, DHCP Scope Management/ARP Tables, and NATTING internal traffic. About all you are doing above is keeping a threat actor out of your gateway and locking down WiFi a bit. [/QUOTE]
Insert quotes…
Verification
Post reply
Top