▷ How to protect your wifi completely step by step

In this article, we are going to learn how to make your wireless router as hack resistant as possible . Therefore we will teach you how to protect your WiFi completely and have our data / line as well protected as possible. Prepared? Let's start!

Index of contents

As the number of devices connected to the internet increases, so does the threat of hackers trying to steal valuable information or cause damage to other devices.

A common method of doing this would be through WiFi networks that almost every home has. WiFi is the technology that allows users to associate their mobile phones, computers and other devices with the internet anytime, anywhere within a range of possibilities, such as at home, in the office or even on the street.

Since there is no physical connection that needs to be made to connect to the WiFi network, this form of internet connection can lead to security vulnerabilities if not properly managed.

For those who are concerned about the security of their WiFi, as well as their personal data that could fall into the hands of networked hackers, there are certain measures that can be taken to protect you against neighbors and hackers.

For the less tech-savvy, protecting a router can be a daunting task, requiring technical knowledge and becoming somewhat confusing.

But with just a few seconds, the router manual, and some knowledge of what you're looking for, setting up router security can be pretty easy, and can save users from issues like identity theft and an unfortunate visit from the authorities on your country.

Your wireless router is a prime target for hackers who want to infiltrate your network or download files for free from your WiFi connection.

Many people are now aware and take good measures for their online security, but the protection of the WiFi router remains low on the priority list of most.

The reasons can range from lack of knowledge to carelessness, but the security of your home router is as important as that of your front door, because it is the main target of hackers trying to invade your system.

We are going to use an ASUS AC88U Router, which is the one we have in our office for all our internal tests, although we will soon renew it.

Enable WiFi network encryption

The WiFi encryption option has been specifically designed to protect the network against those who try to access without permission, being the main method of WEP encryption, although there are also other encryption methods that include WPA and WPA2.

To encrypt the WiFi network, you must log in to the router or network and then go to security settings. Then select one of the encryption methods and enter a password to access the network.

If you are not using WiFi Protected Access (WPA2) encryption to protect your wireless network, then you could be leaving the front door open, because hackers can virtually enter your network.

If you're using outdated Wired Equivalent Privacy (WEP) security, which most hackers can easily crack in seconds, you should consider upgrading to WPA2. Older routers may need a firmware update to add WPA2 functionality. Consult your router manufacturer's manual to learn how to enable WPA2 wireless encryption on your router.

Change the name of your SSID network and make it invisible

You will also need to create a strong SSID (wireless network name). If you are using the default network name of your router (i.e. Linksys, Netgear, DLINK or other), then you are making the task easier for hackers to hack your network.

Using a default or common SSID helps hackers in their quest to corrupt encryption, as they can use rainbow tables associated with common SSID names to corrupt wireless encryption.

Create a long, random SSID name, even if it's hard to remember. You should also use a strong password for your pre-shared key to further discourage hacking attempts.

Within the same configuration menus where the MAC settings are adjusted and the encryption key is activated, you can also establish if your WiFi network is detectable, which means that the router will not transmit your identification information (called SSID) over the air for other devices. Only devices that know how to find the router, such as those that you have already authorized to connect to it, will be able to use your connection.

Although renaming doesn't improve WiFi security, one option that is extremely powerful in preventing unwanted users from connecting is to make the network invisible.

When the network is invisible, hackers looking for a WiFi connection to access will not be able to find it. It is important to note that if the network is invisible, to connect new devices, users must manually enter the SSID and password instead of the device automatically identifying the WiFi name.

In general, you will find the possibility to alter the detection capacity in the security tab of the router configuration browser window.

There is a reason why you see so many networks called “Linksys” or “D-Link”, and that is that these are routers that have manufacturer defaults turned on, and suggest to hackers that passwords are also default.

Either way, it's easier for someone to enter your network when they have more information, and a manufacturer's SSID doesn't help. Change it and then make it invisible. Just remember: you don't want your network to be recognizable and you don't want your router to broadcast your SSID. Turn off those things.

Activate the firewall of your wireless router

If you have not already done so, you should consider enabling the built-in firewall of the wireless router. Enabling the firewall can help make your network less visible to hackers searching for targets on the internet.

Many router firewalls have a "stealth mode" that can be enabled to help reduce network visibility. You'll also want to test your firewall to make sure you've configured it correctly.

It is anti-hacking software that makes a network more difficult to access from the outside, and activating it is generally very easy. It is also a good idea to protect your computers and devices with firewall software (Windows has one built in, but it is not a bad idea to invest in better ones) that you can buy commercially to protect your data even more.

Use a VPN service at the router level

VPNs used to be a luxury that only large corporations could afford. Now you can buy your own personal VPN service for a small monthly fee.

A VPN is one of the biggest obstacles that can be put to a hacker. A personal VPN has the ability to anonymize your true location with a proxy IP address, and it can also put a strong encryption wall to protect your network traffic.

You can buy the VPN service from providers like StrongVPN, WiTopia, and others for as little as $ 10 a month or less.

If your router supports the VPN service at the router level, this would be the best way to implement a VPN, since it allows you to encrypt all the traffic that enters and leaves your network without the hassle of configuring the VPN client software on your devices.

Using the VPN service at the router level also removes the burden of the encryption process from client computers and other devices. If you want to use a VPN at the router level, check if your router supports VPN. Buffalo Technologies has multiple routers with this capability just like other router manufacturers.

A personalized VPN service for your router is the way to go if you are willing to spend a few dollars for your important data. A VPN works by giving your location anonymity on the server, and even creates its own firewall to protect your network traffic.

Disable the "Admin Via Wireless" function on your router

Another way to prevent hackers from messing with your wireless router is to disable the "admin via wireless" setting. When you disable the “admin via wireless” function of your router, you do it so that only someone who is physically connected to your router through an Ethernet cable can access the management functions of your wireless router.

This helps prevent someone from passing through your home and accessing your router's administrative functions if they have compromised Wi-Fi encryption.

Given enough time and resources, a hacker might be able to hack your network, but by taking the above steps, you will make your network a more difficult target, which will hopefully frustrate a hacker and cause them to move to a target. easier.

Use a password or strong phrase

When talking about security, you cannot ignore the issue of strong passwords. Do you know that if you increase the length of your password to one more character, the chances of the hacker breaking your code are significantly reduced?

Adding some kind of password to your network is a way to immediately discourage 99% of people who could connect to your WiFi connection remotely, and it really is the easiest thing you can do to protect yourself.

In most wireless networks, this can be done by entering the router and then setting the password. All you need is the Ethernet cable that comes with a router when you take it out of the box or installed by a cable company, and the manual that comes with the router.

Using the cable to connect directly to the router, a computer can access the router's internal settings through an internet browser.

The address (usually in the form of what is called an IP address, usually 192.168.1.1.1 or something similar) introduces you to the internal workings of the router, but you need the cable to access it, so it cannot be altered remotely.

The router manufacturer's password is also included in the manual (usually “admin” or “password”), and you should also change it from the configuration menu for greater internal security.

From there, it is usually as simple as going to the router's security settings and activating an encrypted password called the WEP or WPA key. This comes in the form of a long string of letters and numbers that the router can generate for you. Users can change the password to a strong and easy to remember password to improve security.

The good thing about setting up a complicated password is that it offers more security, while connected devices can access the network automatically without having to enter the password each time.

You can specify your own password, but the key generated by the router is much stronger encryption than someone could guess using a password.

Most modern computers will save passwords when connecting to your home WiFi network, so you shouldn't have to re-enter the network password when logging on to the internet, unless you reset something.

Disable the UpnP protocol

The Universal Plug and Play (UPnP) protocol, which aims to establish an easy connection with nearby devices, can make your router vulnerable and a potential target for hackers (the results could be DoS attacks too).

Not all routers are susceptible to UPnP exploitation, but why take the risk. Therefore, disable this option.

Enable the registration function

The registration function on the router keeps a list of the attempts to register all IP addresses and provides you with all the details of the connection attempt. This could help you monitor any suspicious activity in progress.

Activate the MAC address filter

While using a password or encryption key is absolutely essential to keep your WiFi network secure, there are other easy steps to further protect it.

Each computer that uses your network has a specific number attached called "MAC (Media Access Control) Address" which is a physical number assigned to the hardware of the WiFi adapter on your computer or mobile device. From the internal configuration of your router, you can determine the MAC addresses of the computers that will be able to access the network and specify them on the router. Any device that does not have the correct MAC address will be denied access.

To configure the MAC addresses, you will need to have connected the devices you want to use in your network to be able to see their addresses in the “MAC Address” section of the router. There, you usually just have to click a button that activates the router's MAC limiting settings, and then select the addresses to which you will allow access to the network.

With this setting, any other device that has a completely different MAC address than that particular device cannot connect to the wireless network. Due to the fact that the MAC address is unique and assigned in specific hardware, some other PCs or mobile devices will not be able to connect to the wireless network using this form of security.

Unfortunately, it is possible to spoof a MAC address, but an attacker must first know one of the MAC addresses of the computers that are connected to your wireless network before he can attempt to spoof it.

You can find the MAC address of your computers by opening the command prompt and typing "ipconfig / all", which will display your MAC address next to the name "Physical Address".

In turn, you can find the MAC addresses of wireless mobile phones and other portable devices in the network settings, although this will vary for each device.

Reduces the range of WiFi signals

Currently, most wireless local area networks use 802.11, which consists of three distinctive frequency ranges. For example, the 2.4 GHz, 3.6 GHz, and 4.9 / 5.0 GHz groups have their own ranges. With the diversity in signal strength, adjustments can be applied to limit the range, so that those too far away cannot find or access the signal.

For example, with the 2.4 GHz frequency, the settings can be changed so that 802.11b or 802.11n can be selected instead of 802.11g in the router settings. In this way, this will help reduce the range of signal strength so that only people close to the router can access the network.

Alternatively, a simpler way to limit the WiFi signal would be to place the router in a closed room or in a closed space to smother the signal strength, although this may decrease WiFi speeds for those who are intended to access it.

If your wireless router has a high range but you are in a small studio, you can consider reducing the signal range by changing the mode of your router to 802.11g (instead of 802.11n or 802.11b) or using a different wireless channel.

You can also try placing the router under the bed, inside a shoe box, or wrapping foil around the router's antennas to slightly restrict the direction of the signals.

Researchers have developed a special WiFi blocking paint that can help you prevent neighbors from accessing your home network without having to configure encryption at the router level. The paint contains chemicals that block radio signals by absorbing them. Covering an entire room, WiFi signals cannot enter and, more importantly, they cannot exit.

Assign IP addresses to your devices

This gets a bit technical, but like MAC address filtering, it's not as complex as it first appears. Every device that connects to the internet does so using what is called an IP address.

Most networks use a system called "dynamic IP addresses, " which means that every time you connect to the network, the system assigns a temporary IP address to your system.

That's easy, but it also means that anyone connecting to your network can get a temporary address as easily as you do.

Just like MAC filtering, you should be able to see the addresses of your devices right now; Write them down or specify a series of numbers on the router when prompted. These look complex (they're usually long, like address 192.168.1.1.1), but that doesn't mean they have to be complicated.

Actually, you can set addresses with the same numbers on the front, but alter the numbers at the end to keep them consistent and easy for you to remember, but more difficult for intruder access.

Once you have configured the static IP addresses, you will have to use the numbers that you wrote on your computers when trying to connect to the network. In network settings, you can specify the IP address of a device to always use the same number, and then you can tell the router to only allow the device to use the specified addresses to connect.

Update the firmware of your router

Occasionally, you should check the manufacturer's site to make sure your router is running the latest firmware. You can find your router's existing firmware version using the router's control panel at 192.168. *.

Asus AiProtection Trend Micro, the best defense for your network

Network security is a top priority for router manufacturers like Asus, the Taiwanese firm implements advanced security features like AiProtection Trend Micro in some of its major models. Let's see everything or what this technology is capable of offering to improve user safety.

Although hackers are continually developing different techniques and software to infiltrate networks, using the combination of these different settings can ensure that WiFi is highly protected.

Although no physical connection is required to access a network, hackers at close range can easily compromise private and confidential information, even without proper credentials or permissions.

As a result, the default options are no longer a sufficient means of network security, as hackers can remotely access internet connections if left unsafe, especially with the increasing number of home wireless connections.

These are simple steps you can take to protect your network, your data, and your privacy, forgetting about the technical aspect that often scares people who are not familiar with internet hardware.