How to secure my WiFi?

This gave me horrors! - https://www.ozbargain.com.au/node/146414

I use a basic TP-Link TD-W8960N. How do I secure my WiFi? Note that I have basic knowledge on these IT stuff. And can't change the modem!

Comments

  • -2

    Turn it off?

  • +3

    How did that give you horrors? This is basic common shit, happens to everyone.

    Few simple steps, not all will apply to every modem, so see which apply to you.

    1. Set to WPA2-PSK wireless security
      It's wayyy too much trouble to every try and crack, its the best in consumer devices. So set it to that.

    2. Limit transmit power to 40%.
      Else, whatever you need to reach your devices. Doesnt matter if speed drops, chances are you're only using 20mbps or so. Your internet will be the bottleneck, not the wireless.

    3. Turn off 'Broadcast SSID'.
      This will stop about 75% of people 'seeing' your wifi at all. All this means for you, is when you connect something, you have to hit 'advanced' and give the wireless name (ssid) and password, instead of just password. No drama there.

    4. Turn off WPS.
      Its the 'button on this device, button on that device' automatic setup. Its not secure, and its likely how that other dude 'got in'.

    And a few that arent worth explaining if you're not IT savvy, buy I'll throw them out if you wanna google:
    Turn off uPnP, set up MAC filtering, Turn off DHCP and use static, use uncommon IP range, Limit max connected clients, turn off admin over wifi.

    But really, that story is pretty common. Most IT people have done it to their neighbors one time or another.
    Notice how he isnt totally mad in that thread? Just a little annoyed? Yep. Its common. Dude was probably watching\leeching his videos and nothing more.

    Dont worry your little head :)
    Hell, WPA2 alone is usually enough to make any would be hacker go 'nope, dont have a month to sit here….' and move on. It takes forever to break. (WPS however has holes, so disable it).

    • Horrific because, what if someone tries to set one up with CP or something like that?!

      Thanks for your tips, I'll Google the terms you have written.

      • BTW, WPS was my attack vector

      • Quite simply? They wont.

        Illegal trade of images and substances is done on the 'deep web', its not smart to try and do it on a residential wifi; for starters it gives cops a 'starting location' to search from.

        These people have to be smart, because one slip up lands them in jail.

        They'll go somewhere like maccas, with freewifi, and a $50 2nd hand computer from gumtree; and throw it in a river when they're done.

        People who hack your wifi are after bandwith (say, torrents, which will slap your wrist, but not much else yet), or your personal files (dont share things you dont need to).

        In the other threads case, I'd say the neighbor knew he had DLNA running, and wanted to watch some movies. Either that or was just up for the challenge.

        Ive worked in computer security, desktop admin, and networking for near on 13 years. There's TONS of 'OMG WHAT IF!?!?' scenarios, but the chances are almost non existent.

        Even kids that break into school networks simply 'show off' on youtube videos. Its about the challenge to them, not about the crime.

  • type in 192.168.1.1 into your internet browser

    login & password both admin

    set to WPA2-PSK in wireless settings

    make sure you have a secure wifi password with numbers and letters eg S965A42DGX

    • Did that, I know that much! ;)

  • MAC filtering is a decent option. If you can find locate MAC address (usually easily found) of any normal device that will connect to your wifi, block everything and add the exception for those items only.

Login or Join to leave a comment