Routers are easily targeted, so how can we defend against attacks?
If you ask why wireless routers are attacked, you have to start with IP addresses. Suppose a computer is a telephone, then an IP address is like a phone number. IP addresses are divided into public addresses and private addresses. Most IP addresses are on the public internet, but some IP addresses are reserved solely for use on internal networks.
This means anyone can use these IP addresses on their local area network, and they are intended for internal use only. These specific IP addresses are not allowed to be used on the public internet. However, when a router is used for communication over the internet, it also uses a different IP address, known as the public IP address.
The router administrator cannot control the public IP address; it is provided by the ISP that connects the router to the internet.
Thus, only if the public IP address can be found solely by computers on the internet, and the private IP address can be seen solely by computers on the local network, can a barrier be erected. Otherwise, hackers can log into the router, thereby compromising the devices on the entire local network.
Now that we understand why our routers are vulnerable to attacks, how should we protect them? Here, 5636 Internet Cafe Router offers the following suggestions:
1. Update the router operating system promptly: Just like network operating systems, router operating systems also need updates to correct programming errors, software flaws, and buffer overflow issues. Regularly check with your router manufacturer for current updates and operating system versions.
2. Modify the default password: According to the Computer Emergency Response Team at Carnegie Mellon University, 80% of security incidents are caused by weak or default passwords. Avoid using common passwords, and use a mix of uppercase and lowercase letters as a stronger password rule.
3. Disable HTTP configuration and SNMP (Simple Network Management Protocol): The HTTP configuration section of your router is very convenient for a busy network administrator. However, this is also a security issue for the router. If your router has a command-line configuration, disable the HTTP method and use this configuration method instead. If you are not using SNMP on your router, then you do not need to enable this function. Cisco routers have an SNMP security vulnerability that is susceptible to GRE tunnel attacks.
4. Block ICMP (Internet Control Message Protocol) ping requests: Ping and other ICMP functions are useful tools for both network administrators and hackers. Hackers can use the ICMP functions enabled on your router to discover information that can be used to attack your network.
5. Disable telnet commands from the internet: In most cases, you do not need active telnet sessions from the internet interface. Accessing your router settings from the internal network is safer.
6. Disable IP directed broadcasts: IP directed broadcasts can allow denial-of-service attacks to be carried out against your devices. A router’s memory and CPU cannot handle too many requests. This situation can lead to buffer overflow.
7. Disable IP routing and IP redirects: Redirects allow data packets to come in through one interface and go out through another. You do not need carefully crafted data packets to be redirected to the