Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Your Router's Security Stinks: Here's How to Fix It


  • Please log in to reply
23 replies to this topic

#1 midimusicman79

midimusicman79

  • Members
  • 765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:05:32 PM

Posted 04 August 2018 - 07:04 AM

Hi all!
 
I found an interesting article on how to make one's router more secure with a lot of recommendations on easy fixes, moderately difficult methods and advanced tips for more tech-savvy users.
 
https://www.tomsguide.com/us/home-router-security,news-19245.html
 
Please discuss!
 
Thank you very much in advance!
 
Regards,
midimusicman79

Edited by midimusicman79, 05 August 2018 - 06:44 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#2 Juliet

Juliet

  • Malware Response Team
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:32 AM

Posted 04 August 2018 - 08:05 AM

That was a very interesting read, really didn't think I would read over all of it but I did, thank you
it led me to another link --> https://www.tomsguide.com/us/identity-theft-what-to-do,news-18696.html
I'm going to share this, with your permission of course.


MS - MVP Consumer Security 2009 - 2016, rMS-MVP 2017
Microsoft Windows Insider MVP 2016-2017

#3 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:05:32 PM

Posted 04 August 2018 - 08:40 AM

Hi, Juliet!

 

Thank you for the prompt reply, and you are welcome! :)

 

Yes, of course, you have my permission to share the link(s), please do so. :thumbup2:

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#4 Juliet

Juliet

  • Malware Response Team
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:32 AM

Posted 04 August 2018 - 08:56 AM

thank you


MS - MVP Consumer Security 2009 - 2016, rMS-MVP 2017
Microsoft Windows Insider MVP 2016-2017

#5 pcpunk

pcpunk

  • Members
  • 6,109 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 04 August 2018 - 10:03 AM

Interesting that I cannot find "Universal Plug and Play" on my Router, and have tried many times.  Xfinity XB3, don't have the Exact Model handy atm.

 

Just did the https://www.grc.com/shieldsup test and came out clean for any "Universal Plug and Play" issues!


Edited by pcpunk, 04 August 2018 - 10:20 AM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#6 Replicator

Replicator

  • Members
  • 279 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dark Basement
  • Local time:02:32 AM

Posted 04 August 2018 - 10:19 AM

Interesting that I cannot find "Universal Plug and Play" on my Router, and have tried many times.  Xfinity XB3, don't have the Exact Model handy atm.

 

Should be listed under Advanced>Device Discovery in the browser interface?


The quieter you become, the more you are able to hear!
CEH, CISSP @ WhiteHat Computers Pty Ltd

 


#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,011 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:11:32 AM

Posted 04 August 2018 - 10:22 AM

Often UPnP, rather than spelled out, too.

 

It's generally turned off on every router I've dealt with for a very long time now, but still exists on most of 'em.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#8 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,011 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:11:32 AM

Posted 04 August 2018 - 10:36 AM

One of the things that constantly gets me about these articles, which do give a lot of great advice, is the level of alarm about the possibility of someone connecting to your WiFi network after having had access to your home, e.g., the plumber example.

 

WiFi signals do not travel all that far, public WiFi is now virtually ubiquitous (virtually any Wendy's, McDonalds, Starbucks, many Wal-Marts, Lowes, and the list goes on and on and on) why one earth would anyone choose to expose themselves to the risks involved by having to quite literally park themselves outside your house (which for many of us would cause immediate notice) to get into your network.   There's just no reason to do this when you can get on to a very great many WiFi networks, and some of them with password protection but where the password is shared with the public and not changed (so traffic is encrypted), that are easily accessible in any community and on which it would be much more difficult to trace back use to any given individual.

 

Criminals, or at least the good ones, are not stupid.  The days of snagging your neighbor's WiFi signal (which I have done in times past) are well and truly dead.

 

One should check one's router or modem-router settings and lock down what you can.  A quick check with Shields Up! at Gibson Research to see what's open and vulnerable on your router and computer is an excellent place to start.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#9 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:05:32 PM

Posted 04 August 2018 - 11:40 AM

Hi, Juliet, pcpunk, Replicator & britechguy!

Thank you all for the prompt and insightful replies! :)

@ Juliet: You are welcome! :)

In addition, there is SpeedGuide Security Scan, which does the same as the above-mentioned tool: http://www.speedguide.net/scan.php

Regards,
midimusicman79

Edited by midimusicman79, 04 August 2018 - 11:42 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#10 r.a.d.

r.a.d.

  • Members
  • 711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:32 AM

Posted 04 August 2018 - 12:22 PM

midimusicman79, have always used Shields Up (always passed) but had never heard of SpeedGuide Security Scan, just tried it via iPad (85 ports scanned, 0 open, 24 closed and 61 filtered), and it's quick. Thanks.

Gibson's UPnP says 'good news' as equipment didn't respond to their probes. Router is an el-cheapo off the shelf Belkin ($29), but soon we'll upgrade to take better advantage of increased ISP speed.
Bleepin' desert rat retiree in climes yet to fry brains (knock on cactus).

Past climes/best friend:  photo-91.gif

#11 pcpunk

pcpunk

  • Members
  • 6,109 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 04 August 2018 - 12:26 PM

 

Interesting that I cannot find "Universal Plug and Play" on my Router, and have tried many times.  Xfinity XB3, don't have the Exact Model handy atm.

 

Should be listed under Advanced>Device Discovery in the browser interface?

 

Thanks Replicator, that was indeed it.  I looked at every entry like three times LOL and never seen that!  


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#12 pcpunk

pcpunk

  • Members
  • 6,109 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 04 August 2018 - 12:29 PM

Often UPnP, rather than spelled out, too.

 

It's generally turned off on every router I've dealt with for a very long time now, but still exists on most of 'em.

Yep, I did know that!  Though I've not found it turned OFF on any Routers, though I don't look at that very often either.  Mine was ON, so that may help others with the latest Xfinity Equipment, or relatively latest Xfinity Equipment.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#13 pcpunk

pcpunk

  • Members
  • 6,109 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 04 August 2018 - 12:40 PM

This is what my Default Setting looks like.  Arrrggg, is there no other way to post a pic then using another file sharing site?

 

Will someone explain some of these options to us, thanks?

 

qMsw8Tm.png

 

 


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#14 pcpunk

pcpunk

  • Members
  • 6,109 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:32 AM

Posted 04 August 2018 - 12:42 PM

I guess it don't matter now, because when I clicked Disable UPnP and SAVE all the other stuff got greyed out.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#15 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,011 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:11:32 AM

Posted 04 August 2018 - 12:47 PM

Gibson's UPnP says 'good news' as equipment didn't respond to their probes. Router is an el-cheapo off the shelf Belkin ($29), but soon we'll upgrade to take better advantage of increased ISP speed.

 

 

Just be aware that, in most cases, your router (including cheap ones) will be far faster than the service you get for upload/download from the vast majority of ISPs.   Also, for any given machine on any given network your throughput will be only as fast as the slowest component through which it has to pass.   I find it amusing when I see some people going out and buying these super-duper ultra high speed gaming routers when they've got machines with Wireless G cards or single band N150 cards believing that they're going to get increased throughput.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users