How to Hack-proof Your Wireless Router

OK, so I know there is no such thing as "hack-proof" or "hacker-proof", just like there is nothing out there that is completely "water-proof", let's just say that in this article we're going to learn how to make your wireless router as "hacker-resistant" as possible. Now that we've got that out of the way, let's get down to business.

Your wireless router is a prime target for hackers wanting to infiltrate your network or freeload off your Wi-Fi connection. Here are some things you can do to make your wireless router harder to hack:

Enable WPA2 Wireless Encryption and Create a Strong SSID Network Name and Strong Pre-shared Key

 

If you aren't using Wi-Fi Protected Access (WPA2) encryption to protect your wireless network then you might as well leave your front door wide open because hackers can virtually walk right into your network. If you're using outdated Wired Equivalent Privacy (WEP) security, which is easily cracked in seconds by most hackers, you should consider upgrading to WPA2. Older routers may need a firmware upgrade to add WPA2 functionality. Check your router manufacturer's manual to learn how to enable WPA2 wireless encryption on your router.

You will also need to make a strong SSID (wireless network name). If you are using your router's default network name (i.e. Linksys, Netgear, DLINK, etc) then you are making it easier for hackers to hack your network. Using a default SSID or one that is on the Top 1000 Most Common SSID names helps hackers in their quest to crack your encryption because they can use pre-built rainbow tables associated with common SSID names to crack your wireless encryption.

Create a lengthy and random SSID name even though it might be hard to remember. You should also use a strong password for your pre-shared key to further discourage hacking attempts.

Turn on Your Wireless Router's Firewall

If you haven't already done so, you should consider enabling your wireless router's built-in firewall. Enabling the firewall can help to make your network less visible to hackers looking for targets on the Internet. Many router-based firewalls have a "stealth mode" that you can enable to help reduce your network's visibility. You will also want to test your firewall to ensure that you have configured it correctly.

Use an encrypted personal VPN service at the router level

Virtual Private Networks used to be a luxury that could only be afforded by large corporations. Now you can buy your own personal VPN service for a small monthly fee. A personal VPN is one of the biggest roadblocks you can throw at a hacker. A personal VPN has the capability to anonymize your true location with a proxied IP address and can also put up a wall of strong encryption to protect your network traffic. You can purchase personal VPN service from vendors such as WiTopia, StrongVPN, and others for as little as $10 a month or less.

If your router supports personal VPN service at the router level then this would be the best way to implement a personal VPN as it allows you to encrypt all traffic entering and leaving your network without the hassle of setting up VPN client software on your computers. Using the personal VPN service at the router level also takes the encryption process burden off of your client PCs and other devices. If you want to use a personal VPN at the router level, check to see if your router is VPN-capable. Buffalo Technologies has several routers with this capability as do other router manufacturers.

Disable the "Admin Via Wireless" feature on your router

Another way to help prevent hackers from messing with your wireless router is to disable the "admin via wireless" setting. When you disable the "admin via wireless" feature on your router it makes it so that only someone who is physically connected to your router via an Ethernet cable can access the admin features of your wireless router. This helps to prevent someone from driving by your house and accessing the administrative functions of your router if they've compromised your Wi-Fi encryption.

Given enough time and resources a hacker might still be able to hack into your network, but taking the steps above will make your network a harder target which will hopefully frustrate a hacker and cause them to move on to an easier target.