I read that disabling a wireless router's remote administration feature can prevent hackers from taking over the...
wireless network. However, my organization needs to use this feature to administer the router remotely (the admin is not always on-site). What other security measures should be put in place to ensure the safety of my wireless router's remote admin feature?
Criminal hackers can certainly access and manipulate any network service that's available via the Internet. While disabling remote administration is a worthwhile thing to do to lock down the corporate network, the thing that most people don't tell you when making this recommendation is that the remote administration traffic destined to a wireless router will most likely have to be forwarded through a firewall or, in the case of SOHO users, a DSL or cable modem.
Ask the Expert
Want to ask Kevin Beaver a question about network security? Submit your questions now via email (All questions are anonymous.)
So just because the remote administration service is enabled, it doesn't mean that it's automatically available to anyone on the network. Wireless routers often make this service available via a high port number such as 8080. Unless and until you or someone in your business forwards that traffic onto the wireless router via port forwarding, then it's a non-issue. Furthermore, it's not normally enabled by default. When it is enabled, you run the risk of someone on the internal network connecting to the router's administration port, but they'll likely have to log in to do anything.
Regardless of whether your wireless router is directly connected to the Internet, there are a few things enterprises can do to ensure its remote administration feature is secure:
- Change the default router password to a strong passphrase.
- Change the default remote administration port number to something random.
- Set strong passphrases for any additional user accounts that need remote administration capabilities.
- Ensure you keep your wireless router's firmware up to date to minimize the vulnerabilities and subsequent exposure.
Enterprises should also perform a firewall rule base analysis (manual or automated using a tool such as AlgoSec Firewall Analyzer or SolarWinds Firewall Security Manager) on your firewall to see just what's being allowed. This exercise may quickly identify simple rules changes that will thwart many of the common attacks against routers and router services.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading