Router security setup: How to secure your router

The most basic steps on how to secure your router.

This Content Component encountered an error
This Content Component encountered an error

It's incomprehensible that many routers -- the most critical element of any network -- still lack the physical and logical controls to prevent miscreants from easily owning them. Yet, routers continue to use default access passwords, such as the device vendor's name or some other easily guessable code. Imagine buying a Ford Explorer and configuring the nifty keyless entry code to 3673. It's easy to remember, but it's also the first combination a car thief will try. Why? That numeric code maps to "F-O-R-D" on a telephone keypad.

The key to securing the core routing infrastructure is access control. At a minimum, the following controls should be deployed:

  • Limit physical access to routers to authorized personnel.
  • Use encrypted access, such as SSH, to communicate with routers.
  • If there's a reason to use unencrypted access, such as Telnet, limit the access to specific trusted hosts. If possible, authentication should be based on a one-time password scheme.
  • Have a generic login prompt with no information pertaining to system type or vendor name so a potential attacker won't easily be able to exploit a known vulnerability against a specific operating system or vendor.
  • Log all activity, such as configuration changes and image upgrades, to help detect illegal activity.
  • Disable HTTP and SNMP access if they aren't used.

This was first published in March 2004

Dig deeper on Network Firewalls, Routers and Switches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close