Secure your Wi-Fi against hackers in 10 steps

Lock down your Wi-Fi network and find devices that are stealing your bandwidth – and, potentially, your data

6. Install alternative firmware

The more adventurous users may take the "update your firmware" message a step further and install totally new firmware from an alternative source. If you think of your router as being a mini-computer, it's akin to changing the OS on a laptop from the supplied Windows install to a Linux distro.

Advertisement - Article continues below

Why would you do this? To gain functionality missing from the original firmware, especially relating to security. And why wouldn't you? Your warranty will be invalidated, so it's best left to older routers. If you go ahead, you'll probably find yourself choosing between DD-WRT and Tomato, which is easier to use but at the cost of being less feature-rich.

7. Sniff out rogue devices

Now we've covered most of the major security precautions you could take, how might you discover who's actually using your Wi-Fi? You can do this from your router gateway, and it varies from router to router as to where the option will be.

With BT's Smart Hub, you should click on the My Devices tab, for example, whereas most Netgear routers will hide the attached devices list in a Maintenance menu. There are lots of tools out there to help you do the same, and they don't have to be as complex as something such as Nmap.

Advertisement - Article continues below

One of our favourites is Fing for Android or iOS. This app scans any IP range and shows what's connected and in plain English, where possible. So whereas the BT router will often only list a device's IP address, Fing usually spells out the device's manufacturer, making it easier to identify the dozens of devices we have connected these days.

If the numbers don't add up, it's a good idea to determine why. If you only have a laptop, a phone, an Android-powered TV set and a printer connected to your hub, why are there nine devices using your Wi-Fi? And how do you know how many people are using it and what those devices are?

See something you don't recognise and Fing will, at the touch of a button, reveal the information you need to block it from your router admin gateway. That you can do all of this from your smartphone, anywhere in the home or office, makes keeping tabs on who's using your Wi-Fi hassle-free.

8. Employ MAC filtering

The information that Fing reveals when you want to block something from using your Wi-Fi is our old friend the Media Access Code (MAC), which every device connecting to a network is allocated. It's a 48-bit digital identifier used by the device to tag network packets, to be precise.

Advertisement - Article continues below

By default, your router will connect to anything that wants access, provided it has the correct password. If you want to prevent a device from connecting, even if the user has the correct password, that's where MAC filtering comes in. Once you have a MAC address code, you can use an online specialist site such as What's My IP or MAC Vendor Lookup (macvendorlookup.com) to identify any piece of connected kit that you don't recognise. Fing does the MAC lookup for you in the background and then automatically displays the device maker on-screen as part of its auditing process.

When you've identified the culprit, head to the "access control" section of your router controls, which is MAC filtering by another name. Here you can either block all new devices, so before anything can join the network you'd have to whitelist the device's MAC address, or block individual devices by blacklisting their MAC.

Advertisement - Article continues below

It isn't foolproof: most devices allow their MAC to be changed in software, so a determined hacker could clone a device that you whitelist and gain access. Ultimately, if you don't want someone to use your Wi-Fi, don't give them the password. If they're already using it, then change the password to something more complex.

9. Use a virtual private network (VPN)

There's every chance that virtual private networks (VPNs) are supported on your router, whether you're using default firmware or have upgraded to an alternative. Although VPNs are more commonly associated with third-party software that re-routes your internet traffic through a proxy, operating your own VPN through your router may provide added security benefits.

Doing so means being able to access your home network in a secure way through an encrypted tunnel when you're not connected to your network. This also offers the same level of end-to-end encryption as a paid-for service, meaning you can securely browse the web from public spaces without fear of data leakage or interception. In order to do so smoothly, you'll probably need a Dynamic DNS (DDNS) service to resolve a domain name to your router as a home user, to skirt around the fact most ISPs don't offer a static IP address for your router. The free-to-use No-IP is as good as any for this. 

10. Set up a guest network

Passing the Wi-Fi password to everyone who visits your home, including your friends and family, means by definition you're diluting your home network security, and raising the chances that this password falls into the wrong hands. They might, after all, accidentally leak the password to somebody else, albeit without knowing.

Advertisement - Article continues below

One way of maintaining the integrity of your network is by changing the password each and every time you hand out the code - although this may prove incredibly inconvenient for not only your routine visitors but also for yourself and members of your household.

Alternatively, many routers allow users to set up guest networks for visitors. This means you can provide users with a key that gets them online on a virtual network, without exposing your connected devices. Should your router not support guest networks, we would recommend you update your firmware to double-check the feature hasn't been added at a later date. If not, we'd suggest upgrading to a newer model. 

Updating your router with the widely-used replacement router firmware Tomato may help, as this does support a guest mode.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now
Advertisement

Recommended

Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021
Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Best free malware removal tools 2021
Security

Best free malware removal tools 2021

5 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021