Securing Netgear WPN824V3 Wireless G Router

The Netgear WPN824V3 is an excellent wireless router and has tons of features to ensure safe wireless access. It also boasts an enhanced range radio so your wireless signal can be accessed from the farthest points of your home.

The recommendations below summarize the steps that you should take to protect the security of data on your wireless network. The key idea is to use Defense in Depth so you make it harder for a potential hacker to compromise your network.

1. Disable SSID (Service Set Identifier) broadcast

By default, your router constantly broadcasts its SSID to ALL wireless devices in range. SSID’s are alphanumeric characters (max 32 chars). The first measure that you can take to improve network security is to disable this. Click on the ‘Wireless Settings’ option and uncheck the ‘Enable SSID Broadcast’ option.

image

2. Setup a wireless access list

Every wireless device has a  unique identifier called a MAC (Media Access Control) address. The idea is to restrict the router to allow connections ONLY from devices you recognize. Note that this is just one more barrier in our ‘Defense in Depth’ technique to protect the wireless network and can be broken by a hacker.

Under Wireless Settings, click on ‘Setup Access List’ (figure above) to reveal the wireless access list. Check the ‘Turn Access Control On’ option to enable the filter. Note that when you add subsequent devices to your home network, you will need to get back to this page and add the MAC addresses.

image

3. Restrict (Or turn off) DHCP

The DHCP service (Dynamic Host Configuration Protocol) running on your router is responsible for assigning valid IP addresses to devices. By default, an IP address is assigned to each device. You can restrict this to the number of devices that you know you will connect (or better yet assign static addresses to your devices and disable this service altogether)

image

Click on the ‘LAN Setup’ option and change the ‘Ending IP Address’ field. The above setting allows for a maximum of 5 devices.

4. Turn on Encryption

Without encryption, all data in your home wireless network is transmitted in clear text. Anyone with a laptop and network detection software (Ex. Kismet)  can view all data transmitted!

The WPN824V3 supports the strongest encryption system available today – WPA2. Note that ALL your wireless devices that connect to the router should have drivers capable of WPA2 encryption feature in order for this to work (Win XP users may need to download an update to make this happen)

Please be aware that earlier encryption methods -WEP (Wired Equivalent Privacy) and WPA (Wi FI Protected Access) have been cracked using simple tools.

There is an overhead associated with encryption but modern WI FI devices have dedicated hardware that handle the encryption and decryption.. The slight overhead is therefore a very minor tradeoff for the security offered.

image

The WPN824V3 has a combination setting that allows clients using either WPA-PSK [TKIP] or WPA2-PSK [AES]. This is a backwards-compatible mode to allow devices that dont support WPA2 – An excellent feature. Key in the passphrase and hit the ‘Apply’ button (You will need to enter both the SSID and the shared passphrase in your wireless devices).

In case you are using linux on your wireless devices, check out my post on WICD.. Works great for me!

5. Change the default password on your router

Last but not the least, be sure to change the router’s default password to a very secure password!

The default userid (admin) and the default password (password) is general knowledge and available in the user manual. If your router is compromised, all the above settings are useless and your network can be modified at will by the hacker.

Click on the ‘Set Password’ menu item to change the default password.

image

Advertisements

One thought on “Securing Netgear WPN824V3 Wireless G Router

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s