Lock Down Linksys Wireless Access Point in 10 Steps

I’m using Linksys WRT54G Wireless Router and Wireless-G USB Adapter at home. This is how I secure wireless home network. Apply these 10 steps to lock down both Linksys wireless access points and wireless routers.

Step 1 : Change The Password

It is very important to change the device’s default password. Login to your router and enter the default password. The version of the firmware or the router that you are using will determine where the Change Password button is located. Make sure you find it. This is the single most important step. Change the default password and choose a password that contains both numbers and letters. This will reduce the possibility of your password being guessed or hacked.

Step 2 : Change Your SSID

Step 3 : Disable SSID Broadcasting

In order to keep your Linksys product from broadcasting the SSID to hackers or wireless clients, change the Wireless SSID Broadcast to Disabled.

Step 4 : Enable Encryption

The Linksys WAPs and wireless routers all come with a wireless security option that uses encryption. To prevent hackers and outside users from accessing your network choose between several forms of encryption: WEP (64 or 128 bit) or WPA-PSK (on some devices). Once you choose the security encryption type, you will input a passphrase (or have the system generate one for you). This same passphrase needs to be entered on each client that uses a wireless network card to connect to the access point.

On Windows XP you can access the properties by going to Network Connections in the Control Panel (or right-click My Network Places). Next, right-click on Wireless Network Connection and choose Properties. Click on the Wireless Networks tab and choose properties of your wireless connection. Enter the appropriate encryption type and passphrase.

Step 5 : Update Latest Firmware

On a regular basis, visit the Linksys web site to make sure you have the latest version of firmware for your Linksys product.

Step 6 : Enable MAC Filtering

There is a Wireless Network Access MAC Filter that you should enable to only allow specific MAC addresses. Some Linksys products have a Select MAC Address from Networked Computers button that will allow you to select the computers on your network that need access. You can run an ipconfig /all (from the Windows command line) on each computer to obtain the MAC address. It is listed as the “Physical Address” and will have a format that looks like this: 00-D0-09-EE-A5-C1

Step 7 : Limit DHCP

Configure your DHCP settings with only the number of computers that need Internet access. For example if you have 3 computers, only configure DHCP to issue out 3 addresses.

Step 8 : Block WAN Requests

Enable this feature to block intruders from attacking you over the Internet. This setting hides your IP address from the outside world.

Step 9 : Use Desktop Firewalls

Don’t rely on the Linksys router as your only means of defense. Install a desktop firewall on each PC that’s connected to the Internet through the Linksys router as an additional layer of defense. A free and effective desktop firewall is Zone Alarm. Furthermore, it is important to keep the desktop firewall up to date with the latest version in order to remain secure in the future.

Step 10: Examine Wireless Network

Download NetStumbler. Use it with a laptop or PDA to examine your wireless network. Then, if you are curious, walk around your neighborhood. You may look like a geek but you would be surprised how many people broadcast their SSID and do not set MAC filtering or encryption. If you know of any the neighbors that have wide open access points you shouldn’t be shy about sharing this document with them.