Hello
I hope the link I am providing works. I set up my router by bridging the Comcast gateway then enabling WPA2, AES, N etc. and installing a password to enter the router and a key to protect it. I keep the SSID broadcasting. I know there are a lot of sophisticated options for professionals, but for the average user is there any thing else I should do, within reason, that will make my router more secure? I have a Belkin N 300 and I understand the N is an important part of security.
The link reads as though the average user should be a professional but I did not know if I should extract any of the information from it.
Re: How to Secure a Wireless Router - Page 4 - Comcast Help and Support blog
Hi.
I'm not sure I fully understand the "bridging the Comcast gateway" part, but, based on the article you link:
1. Change the router's administration password.
yes - always!
2. Disable the ability to get to the router's web setup pages from a wireless system.
Good - but could be an annoyance if you need to access your router from your wireless laptop/tablet.
3. Disable the ability to control to the router from the Internet.
Yes, unless you have a reason to need that access.
4. Disable UPnP.
Okay. Just remember, if you install a program that needs internet access and doesn't get it, you will have to manually grant it access from within the router.
6. Change the default SSID (or Service Set Identifier) to something unique.
Yes.
7. Enable Wireless MAC filtering.
This could be an annoyance, if you have people coming over and wanting to connect to your wifi; you'd have to add their device MAC to your router's filter table.
8. Turn on wireless encryption.
YES! and WPA2-AES is best (not sure what you mean by "N" for security)
A Belkin N 300 is simply a router which provides wireless n (as well as b/g). If your wireless devices have a network adapter that doesn't connect to n, the router should default to b/g (whatever they have) *if you have it set up that way*. For instance, I have one laptop which only has a wireless b/g card in it, and cannot connect to n. So, my router must be set to b/g/n and not n only, or my laptop can't connect. The b/g/n/ac designation has to do with speed, frequency and range.
From the router standpoint, everything looks good security-wise, if you have followed the instructions in that link you provided. Now, backup the settings once you have them completed. You might also want to check and see if there is a firmware update available, which in many cases will be plugging security holes.
As for the bridging issue, after reading this, it seems that there will be security features needed for that as well? Personally, I would have the router connected to it using an ethernet cable, and turn off the wireless feature on the gateway completely.
Edit: Oh yes, disable WPS if it is an option on your router.
If this is your gateway, then you need to read the instruction manual to determine how to turn off that wireless signal, or secure it as well.
On a little bit different topic, I like to run inssider to see what WiFi channels are being used and set my router to a free channel:
inSSIDer 3.1.2.1 Download - TechSpot
That won't affect security, but will affect performance.
oh yes, excellent idea.
I forgot to mention I am using Win 10 x 64 so I did not download insider as it covered operating systems up to 8.1.
Other than that, all you suggest has been done. I entered the gateway and there was a button to bridge the gateway that disables Wi-Fi.
I selected bgn also.
I get speedy connectivity throughout my living space so I guess I am good to go. Shields Up indicated I have good protection
TY all for your help.
Yes, you never know who is sniffing around. I'm sure it wasn't this bad years ago......
Not sure I understand...(?)Excellent! So few people take these measures....ShieldsUp is a very good test. Steve Gibson is the king of security IMO.
You're very welcome! Please mark the thread as solved in the upper left of the page for others who search for this subject.
Enjoy!