Skip to content ↓ | Skip to navigation ↓

It may seem obvious, but the first step towards securing your home network is to determine what make and model of wireless router you have and how to access it. Even if you are not sure about this, it should be relatively painless to start by physically locating the wireless router in your home or home office.

Routers leased from Internet service providers will typically be integrated with whatever DSL or cable modem provides the service. Alternatively, many homes make use of separate modem and routers to reduce costs and possibly improve service quality. In this case, the modem will likely have two wires (in addition to a power cable).

One of these wires will connect to a phone or cable line and the other connects to a wireless router. Most wireless routers have antennae which make them easily recognizable. Once the router has been located, examine the box for model/brand markings as well as other information such as default settings including, in many cases, a default password. Record this information for future use.

Once the router has been physically identified, it is also necessary to locate the device on the network.  With very few exceptions, wireless routers are typically configured by browsing to an embedded web page using an address which is frequently printed on the bottom of the router along with a default password.

If the device still has default settings applied, you can attempt to login by entering the web address printed on the bottom of the device providing a username/password as prompted. If the address doesn’t work or is not listed on the router itself, there are a few other ways to identify the address.

For example, some routers will advertise themselves on a network such that PCs running Windows make it possible to see the devices  by choosing ‘Network’ from  the Windows menu.

If this does not work, the most effective option is to check the address your computer is using as its default gateway. Checking the gateway address of a computer will vary depending on what software is running on the computer so I find that the use of a command shell is the easiest process.

For computers using the Windows operating system, you can click Start->Run (or press WIN+R) and then enter ‘cmd’ (no quotes) and click OK. You will then be greeted with a Windows command shell where you can issue the command ‘ipconfig’ to review network settings as shown in this example screen:

pic.jpg

The screenshot above has had some sensitive information removed but the pertinent piece of information is what follows on the ‘Default Gateway’ line. This will be an internet address written in dotted-decimal notation in which four numbers (0-255) are separated by periods — an example for a commonly used gateway address is ‘192.168.1.1’.

For a Macintosh computer, similar information is available by launching a command terminal and entering ‘netstat –rn’. One of the first lines should say ‘default’ followed by an Internet address as described above.

Now that the make, model, and network address are hopefully known, it is necessary to find any configuration web page it serves.  Using 192.168.1.1 as an example again, it is very likely that the interface will be accessible from a web browser using the address ‘http://192.168.1.1’ or ‘https://192.168.1.1’ .

In cases where these addresses do not work, it is worth trying ‘http://192.168.1.1:8080’ and ‘https://192.168.1.1:8443’. If none of these addresses work, it will be necessary to Google for information about configuring the router based on its make and model.

This process can also be used to locate a default password if none is printed on the device.  Once access is achieved to the management interface you can begin taking vendor specific steps to secure the configuration.

Tripwire’s Vulnerability and Exposures Research Team (VERT) is compiling a series of tutorial style guides intended to help novice users improve the security of their home network.

Security Configuration Links for NETGEAR Routers

  1. How to Update Firmware
  2. How to Change LAN IP Settings (CSRF mitigation)
  3. How to change the Administrative password
  4. How to Disable WPS
  5. How to Configuring Remote Management [i]
  6. How to  Configure a Strong Wireless Password

Security Configuration Links for ASUS Routers

  1. How to Update Firmware
  2. How to Change LAN IP Settings (CSRF mitigation)
  3. How to Change the Administrative Password [ii]
  4. How to Disable WPS
  5. How to Configuring Remote Management
  6. How to  Configure a Strong Wireless Password

Security Configuration Links for Linksys Routers

  1.  How to Update Firmware
  2. How to Change LAN IP Settings (CSRF mitigation)
  3. How to Change the Administrative Password
  4. How to Disable WPS[iii]
  5. How to Configuring Remote Management
  6. How to  Configure a Strong Wireless Password

Security Configuration Links for D-Link Routers[iv]

  1. How to Update Firmware
  2. How to Change LAN IP Settings (CSRF mitigation)
  3. How to Change the Administrative Password
  4. How to Disable WPS
  5. How to Configuring Remote Management
  6. How to  Configure a Strong Wireless Password

Security Configuration Links for TP-Link Routers

  1. How to Update Firmware
  2. How to Change LAN IP Settings (CSRF mitigation)
  3. How to Change the Administrative Password
  4. How to Disable WPS
  5. How to Configuring Remote Management
  6. How to  Configure a Strong Wireless Password

 

Related Articles:

 

Resources:

picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service  for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management – a widely recognized security best practice among large corporations – easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology.

 

picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

 

picDefinitive Guide to Attack Surface Analytics

Also: Pre-register today for a complimentary hardcopy or e-copy of the forthcoming Definitive Guide™ to Attack Surface Analytics. You will also gain access to exclusive, unpublished content as it becomes available.

 

Title image courtesy of ShutterStock