So, You Think Your Router is Safe and Secure? Think Again.

posted in: Blog | 0

So, you think because your WiFi router has WPA2-PSK security your computing that you do in your home, home office or small business office is secure and that's that? Guess again.

To a degree, these security protocols DO protect your computing and your network. However, as cyber criminals become more sophisticated, they can and have easily exploited flaws in this security protocol and still do harm to your computers, network interface, and inject malware and ransomware, among other unpleasantries.

Most computer users elect to have their browser - Chrome, Firefox, Microsoft Internet Explorer, Microsoft Edge, Safari - save passwords and login information to websites they visit frequently. Some people foolishly do banking online instead of on their tablet, iPad or smart phone.

If your router has been compromised, cyber criminals have all that good stuff of yours at their disposal. Plus all your contacts, documents and Lord knows what else. All waiting to wreak havoc on your life.

So what can you do to protect yourself, and your router security?

Most routers have a default login and password to the router control panel. It is, ridiculously enough, ADMIN, and PASSWORD. DUH.

First thing to do is change PASSWORD to something complex, a combination of letters, numbers and symbols and WRITE IT DOWN in a safe place.

DO NOT enable Remote Management. Ever. Unless you have a trusted tech support person working with you who needs it. Highly unlikely.

DO NOT enable UPnP (Universal Plug n Play).

Why?

A virus, Trojan horse, worm, or other malicious program that manages to infect a computer on your local network can use UPnP, just like legitimate programs can. While a router normally blocks incoming connections, preventing some malicious access, UPnP could allow a malicious program to bypass the firewall entirely. For example, a Trojan horse could install a remote control program on your computer and open a hole for it in your router’s firewall, allowing 24/7 access to your computer from the Internet. If UPnP were disabled, the program couldn’t open the port – although it could bypass the firewall in other ways and phone home.

Next, you should monitor your router logs every so often. Especially if you notice your WiFi network has been acting strangely, slowly, or dropping frequently.

You will be surprised what you see.

No need to panic. This is reality, folks. The bad guys are always doing their best to break in and do harm. 

The Service blocked: ICMP_echo_req has two schools of thought. Some experts feel it is simply noise, and router spam. Some experts feel it is more than that and should be monitored. I, being the cautious type, feel it should be somewhat monitored because it's nice to know where your bad guys are coming from.

We use www.iplocation.net to look up the IP addresses and find their geo locations. IP addresses are the source numbers shown above.

The DoS attacks, which are highlighted in yellow above, are actually flooding spam, except for Smurf, which actually presents a Trojan Horse danger. We will let our friends over at Kapersky Labs explain this one.

Actually, alarming as it is, seeing "Service Blocked" is a good thing. Yes, your router's firewall might be going into overdrive, but better blocked than the alternative. DoS attacks, on the other hand, can inject malware, redirects, and other messy stuff directly into  your computer or your entire network.

What else can you do to stay safe?

As much of a pain in the *** as it can be:

Microsoft Updates - keep these on auto pilot, let the updates happen when they are supposed to.

Clean your cache whenever you close your browser. We use CCleaner Professional. We have it set to clean our browsers upon closing them. That only cleans that specific browser. Run the program and clean thoroughly before shutting down your computer or hibernating / sleeping.

Run Windows Defender daily It is packaged with Windows 10. If you are running another version of Windows, let Defender run daily.

We recommend having a malware program, such as Malwarebytes. We use Premium. Run this daily, it can be scheduled to run in the background.

Do you need additional help? If you are local to Bergen, Morris or Sussex County New Jersey, call Maureen McCullough LLC at 201.880.4905.

We will be happy to come out and check out your situation and what is going on. We can help you clean your systems, and set you up so that your WiFi router will be safer and more secure, along with your computer and network.