A comprehensive guide to
securing a wireless network
Linksys WRT610N
CSG 4208 Assignment 1
Jana Buvari – 1002 5826
10/4/2010
Contents
Part 1 ................................................................................................................................................... 3
Introduction .................................................................................................................................... 3
Problems with wireless networks ................................................................................................... 3
Just how is it unsafe? ...................................................................................................................... 3
Part 2 ................................................................................................................................................... 5
Available Security Measures ........................................................................................................... 5
Changing the username and password to the router ..................................................................... 5
Updating the Router ....................................................................................................................... 6
Changing the default SSID ............................................................................................................... 6
Encrypting the network .................................................................................................................. 6
Disabling the SSID broadcast .......................................................................................................... 7
Using MAC address filtering ............................................................................................................ 7
Using static IP addresses ................................................................................................................. 8
Using inbuilt router firewalls .......................................................................................................... 8
Correctly positioning the router ..................................................................................................... 9
Switch off the router ....................................................................................................................... 9
Part 3 ................................................................................................................................................. 10
Linksys WRT610N .................................................................................................................................. 10
Step one – securing access to the router ..................................................................................... 10
Step two – Updating to the newest firmware .............................................................................. 12
Step three – Changing the SSID and broadcast option ................................................................ 13
Step three – Setting up encryption .............................................................................................. 15
Step four – Filtering MAC addresses ............................................................................................ 16
Step five – Configuring Static IP addresses and disabling DHCP ................................................... 18
Step six – Enabling the router firewall .......................................................................................... 21
Step Seven – Positioning the Router well ..................................................................................... 21
Step Eight – switching off an unused router ................................................................................. 23
Glossary ............................................................................................................................................. 24
References .................................................................................................................................... 27
Part 1
1
Introduction
The problem with most internet users is their false sense of security. Believing a person is safe at
home with locked doors and a home security system is likely to be true however this doesn’t protect
a person on a computer within that protected household. If a person wanted another’s credit card
details but knew that, that person used the internet; rather than break into their home to steal the
cards it would be much easier and efficient to steal their details through the internet or the person’s
home network.
Unfortunately, many people are unaware of the dangers lurking within networking and are equally
unaware of how to protect themselves. Often, searching for help on the internet is just as dangerous
and can lead to even bigger and more harmful security threats so how does one make themself
safe?
Lynksys modems and routers are a successful brand created within the large networking company
CISCO.1 CISCO offer a great deal of support their products and is considered to be one of the best
brands of routers to use whether in the home or workplace. This document covers the secure setup
and implementation of a Lynksys WRT610N wireless router for use on a Windows operating system
in both the home and workplace.
Problems with wireless networks
Switching on a new router is a problem. When purchasing any new wireless modem or router, the
setup of that device immediately runs however it has been told to by default. The majority of default
setups have no security measures in place and are setup so that they can be implemented almost
immediately without any technical knowledge needed. This is great for someone who has very little
knowledge in computing however, whoever uses it will be unsecured from attacks and security
dangers. Even knowledgeable people in this area will find security flaws in their own devices that are
thought to be setup securely.
Just how is it unsafe?
Firstly, wireless routers are by default set up like a person yelling down a megaphone in public. If you
listen out, you would be able to find the person in a matter of minutes. The person using the
megaphone would be easily identifiable and unable to hide. Wireless routers work in the same way
by transmitting packets of data in the air that alert devices nearby that it has a network connection.
CISCO:
Anyone in the vicinity with a computer, mobile phone, laptop, etc. can identify this form of
2
3
4
5
6
7
advertising and try to connect to your network. If someone were to connect to your network, they
could have immediate access to not only the contents of your entire computer but also anything you
do on the internet whether it be emailing, internet banking, chatting and infinitely further
possibilities. They could also jeopardize your router and any settings you have put in place.
Wireless routers that do this are in what is known as ‘broadcast’ mode. Broadcasting is set on by
default on any router and can be seen by anyone. This document will help to secure broadcast
mode if the user still wishes to allow their router to broadcast however even a password-protected
wireless connection is not entirely safe.
Wireless networks that are protected by passwords and logins are definitely a lot safer however
even with password protection; a broadcasting router can have its login information identified.
Many people consider their passwords to be safe whether they are short, long, numbers or
characters. This is a common misconception as many passwords can be guessed by friends and
colleagues and can also be victim to dangerous attacks from unknown predators.
History can tell us of evolutionary ways that were developed in order to protect secret messages and
information. The Germans in World War II developed the Enigma machine; dedicated to translating
messages into code that people couldn’t understand.2 In order for people to read the information
they had to decrypt the code, which is also what happens when using wireless networking. If a user
sets their wireless network up without encryption; their information is sent in packets3 that are
readable as plain text4 however encrypting the connection makes it harder for people to decrypt and
analyse.
Using encryption however, does not ensure complete safety when using a network. Every day
hackers and crackers5 work towards breaking encryption methods whilst companies work towards
creating stronger systems of encryption. Some encryption methods used on modems and routers
are easy to crack whilst others are more difficult. A person could scan or sniff6 a network to identify
encrypted passwords and information and also easily gain access to the router itself.
A final consideration for the reason as to why wireless networks can be vulnerable is to do with how
up-to-date the router or modem itself is. Companies constantly develop updates for software and
programs; not only to make them better but to make them more secure. Every day, companies like
Microsoft discover security vulnerabilities in their software like Windows operating systems7. These
David Hamer. (2005). The Enigma Machine. Retrieved 8th April 2010 from
http://www.eclipse.net/~dhamer/Enigma1.htm.
Packets: Bits of data sent one by one with the information you have sent or are receiving.
Plain Text: Ordinary and readable words and sentences.
Hacker: An expert at using computers and programs who can create advanced computer software.
Cracker: A person who effectively breaks into people’s computers and networks to steal information.
Sniffing: A process involving a program that constantly scans any computer traffic to find sensitive
information like passwords, images and any network data.
Windows Operating Systems: The software your computer most likely uses to run.
vulnerabilities can enable attackers to sneak in to a person’s computer and sabotage it, which is why
8
9
updates are sent out to ensure computers are up-to-date and as safe as possible from attack.
Modems and routers also run a type of software commonly known as firmware.8 Occasionally, the
company who supports the device will release firmware updates that are often unknown of unless
the user searches for them. This is why many modems and routers are running out-of-date firmware
that can have security vulnerabilities. If exploited, these vulnerabilities could allow an attacker
access to your router, which from there would be able to change all of your settings and allow
complete access to all of your information. This sort of attack happens mostly to modems and
routers that are left switched on 24 hours a day.
Part 2
Available Security Measures
Due to most users’ lack of knowledge regarding networking safety, many believe the manual
of the router contains all needed to know in order to set up a safe network. Unfortunately
this is not the case, as most manuals aim to show the user what settings are available and
tend to avoid what settings should be used. So the user is left to their own resources and
are often too inexperienced to know which settings need to be changed and how.
Changing the username and password to the router
When accessing a router’s interface9 for the first time, the user is prompted to enter a default login
and password. This default is written in every manual that accompanies a new modem or router so
anyone can learn what it is. This is why the user needs to change this setting first in order to prevent
anyone from accessing the interface and making any changes to your network.
Firmware: A type of software that is installed on devices such as routers, mobile phones, portable game
systems (PSP, NintendoDS) that enables the user to input settings and have them saved to the firmware.
Interface: A program that allows users to interact with the system or in this case, modem.
Updating the Router
10
When new routers are purchased, many of them have sat on store shelves for months and are
probably using the original firmware. Updating the firmware should happen before any new settings
are put in place generally because sometimes settings can be reset back to factory default upon an
update. Updating the firmware can mean fixing security vulnerabilities as well as software issues and
faults.
Changing the default SSID
The Service Set Identifier (SSID) is like the letterbox in front of a house, it identifies what and where
the house is as well as potentially giving away who lives there. When the router beams out its
information in packets, it advertises its whereabouts by this SSID title. By default, the SSID will
always be the name and brand of the router for example Linksys610N, Netgear, Billion,etc. And this
SSID can be just as potentially dangerous to advertise as it can give away default passwords and
logins to the router. For example if a person drives by your house and your router is broadcasting a
Linksys610N wireless network, the person’s mobile could alert them of the connection. In only a
matter of minutes that person could have searched in www.google.com for the LinksysWRT610N
help manual and discover the default password so they can access your router’s interface. Unaware,
your network has become compromised.
Changing this SSID is just as simple as changing the default login and password to the router and can
be anything from a name to a description. This way there is no certainty of physically where the
router could be and gives away no hints as to what router is being used.
Encrypting the network
To prevent people from reading our emails, looking at our internet chats families and even from
watching people buying items off Ebay10, encryption is used. The encryption protects any
information sent by using highly sophisticated encryption methods that are difficult to decrypt. Any
wireless router can be set up with an encryption method however there is more than one to use.
The first encryption method is known as Wired Equivalent Privacy (WEP) and is one of the first
methods used to encrypt wireless networks. A WEP key is used to disguise any information being
sent to and from the router and without the key the message cannot be translated. However, WEP is
an older method which is very easy for crackers to break which is why wireless routers employ a
number of encryption options. The most powerful encryption method to date is Wi-Fi Protected
Access 2 (WPA2) and even tho it is important to understand that WPA2 can also be cracked; it is a
long process that is much more difficult.
Ebay: Buy and Sell online. Retrieved April 2010 from http://www.ebay.com
By selecting one of these encryption methods, the user will be prompted to create a password or
11
12
13
14
phrase with letters, numbers and symbols in order to create a strong encryption key.
Disabling the SSID broadcast
Regardless of password-protecting the network; part of the problem is wireless routers broadcasting
publicly. The SSID is broadcasted to any device in the area to alert other devices of a connection and
must be switched off. If the broadcasting option is not switched off, any person in the vicinity will
have access to reading the SSID and possibly scanning or sniffing the network for passwords to gain
access.11 The broadcast will also advertise which type of encryption is being used whether it is WEP,
WPA, WPA2, etc. If a person wanted to try entering a password to gain access; they could do so
either by guessing or using an attack known as brute force.12 This is why disabling broadcasts is very
important for any home or office network.
Using MAC address filtering
A house has an address and only one address; no other house should have the same address. The
Media Access Control (MAC)13 is a unique address given to a computer, mobile phone and even
laptop. Any device that will be used with the internet or a network will have a MAC address. 14
MAC address filtering is basically a setting in any router or modem that acts like a bouncer at a
nightclub. The bouncer is given strict rules to which decisions are made as to who can enter the club.
If MAC address filtering is enabled on the router, then only the MAC addresses entered will be
allowed in. Therefore, each computer to be permitted to access the wireless network will have to
have their MAC address entered into the router’s interface settings.
19 Tips for Wireless Home Security. Retrieved April 2010 from
http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm
Finding Wireless Networks. Retrieved April 2010 from http://www.ethicalhacker.net/content/view/16/24/
Brute Force Attacks: Using a program to forcefully enter all possibilities of a password one by one until
cracked. Retrieved April 2010 from http://www.computerhope.com/jargon/b/brutforc.htm
MAC Addresses. Retrieved April 2010 from
http://compnetworking.about.com/od/networkprotocolsip/l/aa062202a.htm
Using static IP addresses
15
16
17
18
19
Like a MAC address; every computer or device has its own Internet Protocol (IP)15 address to connect
to the internet. This works the same way that each mobile phone has a different phone number so
that when a person calls another person on their mobile; their address (mobile phone number) is
displayed. Every time the router receives information of a new IP address it adds it to a list of known
numbers, just like an address book. A technology called the Dynamic Host Configuration Protocol
(DHCP)16 acts like a large pool full of addresses that get assigned to computers when they turn on
and access the internet. By default, every device is set to use this pool which means every time you
connect to the internet; a new IP address is created.
If an attacker gains access to this DHCP pool then they can act as one of your very own computers.
The router would identify the attacker as someone in their address book and allow them to connect.
If each computer on your network had DHCP turned off and used Static IP addresses instead of
Dynamic IP addresses,17 then the DHCP pool wouldn’t need to have any addresses in it at all, making
the pool safe from being attacked.
This would mean that the router’s settings would be set to turn off DHCP, and only allow access to
certain IP addresses; much like MAC address filtering.
Using inbuilt router firewalls
Many new routers and modems have inbuilt firewall capabilities now that are worthwhile
employing. Security experts will always employ the use of more than one firewall; on the individual
computers and also on any hardware that’s linked to them. Firewalls keep people and malicious
software from entering the network and can also prevent harmless scans and sniffing as mentioned
earlier.18 Wireless router firewalls will manage and protect the traffic that will be travelling to and
from any computer connecting to it wirelessly and also allow each of the connected computer to
communicate with each other effortlessly.19
IP: The internet protocol address that is assigned to computers and similar devices in order to allow them to
connect to a network. They are commonly numbered similar to this: 192.168.1.100 or 10.0.0.1, etc.
DHCP: The protocol that assigns IP addresses to computers and devices so that they may connect to
networks.
Static IP Addresses: Internet Protocol addresses that never change; each computer keeps its own address.
The address is signed manually by the user in the IP settings of the computer.
Dynamic IP Addresses: Computers and devices use the DHCP server to pick a new IP address each time the
computer connects to the network.
Anomaly, Inc. (2006). Router Firewall. Retrieved April 2010 from: http://www.free-firewall.org/routerfirewall.asp
Ibid.
Correctly positioning the router
20
21
22
Each router’s wireless signal is of a different strength; some can only project to the area of a
household block whereas others can be hundreds of metres strong. Because of this reason it is
incredibly important to consider exactly where the router should be in relation to adjacent housing,
offices and public areas.20
Placing the router for instance, in the front lounge room of a house could mean anyone passing by
on the road could easily receive signal of your router. At the same time, placing the router on the
side walls of a house could mean neighbours could gain access if they had the right knowledge of
how to. Carefully considering placement of routers can therefore help increase safety from the risk
of prying eyes.
Switch off the router
Unnecessarily leaving the router switched on during the night or when not being used is a security
risk in itself and can easily avoid attack by being switched off. A considerably smart idea is to have
the router and computer on an electric timer that plugs into the power socket on the wall. This
would turn the power off at certain times of the day, saving power and saving your network. Power-
cycling21 the router is an extremely good exercise regardless, as it can help restore memory22 and
resolve any short-term problems the router might be having.
Position the Router or Access Point Safely: Retrieved April 2010 from
http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm
Power-Cycling: Turning your router or modem off and on.
Memory: the hardware a computer, mobile phone, router or any device uses to store information and
remember it. Sometimes this memory simply doesn’t empty itself and can slow down the device.
Loading...