I read that disabling a wireless router's remote administration feature can prevent hackers from taking over the wireless network. However, my organization needs to use this feature to administer the router remotely (the admin is not always on-site). What other security measures should be put in place to ensure the safety of my wireless router's remote admin feature?
Criminal hackers can certainly access and manipulate any network service that's available via the Internet. While disabling remote administration is a worthwhile thing to do to lock down the corporate network, the thing that most people don't tell you when making this recommendation is that the remote administration traffic destined to a wireless router will most likely have to be forwarded through a firewall or, in the case of SOHO users, a DSL or cable modem.
Ask the Expert
Want to ask Kevin Beaver a question about network security? Submit your questions now via email (All questions are anonymous.)
So just because the remote administration service is enabled, it doesn't mean that it's automatically available to anyone on the network. Wireless routers often make this service available via a high port number such as 8080. Unless and until you or someone in your business forwards that traffic onto the wireless router via port forwarding, then it's a non-issue. Furthermore, it's not normally enabled by default. When it is enabled, you run the risk of someone on the internal network connecting to the router's administration port, but they'll likely have to log in to do anything.
Regardless of whether your wireless router is directly connected to the Internet, there are a few things enterprises can do to ensure its remote administration feature is secure:
- Change the default router password to a strong passphrase.
- Change the default remote administration port number to something random.
- Set strong passphrases for any additional user accounts that need remote administration capabilities.
- Ensure you keep your wireless router's firmware up to date to minimize the vulnerabilities and subsequent exposure.
Enterprises should also perform a firewall rule base analysis (manual or automated using a tool such as AlgoSec Firewall Analyzer or SolarWinds Firewall Security Manager) on your firewall to see just what's being allowed. This exercise may quickly identify simple rules changes that will thwart many of the common attacks against routers and router services.
Dig deeper on Network Firewalls, Routers and Switches
Related Q&A from Kevin Beaver, Network Security
The Wi-Fi personal mode may be easy to set up and use, but is it safe enough to use in an enterprise setting? Security expert Kevin Beaver discusses ...continue reading
TCP port 445 -- a traditional Microsoft networking port -- is a common attack vector. Network security expert Kevin Beaver explains how to detect and...continue reading
When an organization has a highly outsourced IT environment, it is critical to use a SIEM system to reduce security complexity and identify threats. ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.