Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

README.md

Router Security Checklist

A checklist to ensure you have the most secure router possible. Inspiration from RouterSecurity.org's Router Security Checklist.

Buying a Router

  • Buy a business-class router

"When you buy a consumer router you are buying the hardware. The software is provided as cheaply as possible. When you buy a business class router you are buying the software." - http://routersecurity.org/.

Router Administration

  • Change the Default Password! It is typically username/password: admin/admin, and accessed through a Standard IP Address. If a bad actor gets access to your router, they could login and change whatever.
  • Limit Access to Ethernet Only If your router supports it, having to plugin an ethernet cable to edit router configs is a huge security boost. This also includes any Smartphone Apps. Seriously, you should have to physically plug in an ethernet cable to edit access your router administration.
  • Require HTTPS The router administration console is accessed over HTTP/S. Most routers have the option of forcing HTTPS. Take advantage.
  • Check for Firmware Updates Every 3 Months If the router manufacturer offers a security/patch email list, sign up.
  • Ensure router does not have any unpatched vulnerabilities If it does, buy another router.

Disable Insecure Services

WiFi Configuration

  • Change the Default Password! Make it a strong password. Most routers allow unlimited password tries. A weak password + a determined bad actor = guaranteed access to your router. Update the strong password to another strong password every 3 months.
  • Use the Most Secure Password Encryption Available According to the following order from most secure to least:
    • WPA2
    • WPA/WPA2
    • WPA
    • WEP
    • No Encryption (Obviously, no)

Limit Access

About

A checklist to ensure you have the most secure router possible.

Resources

Releases

No releases published

Packages

No packages published