Why should you disable these 3 settings on your router?
1. WPS
Wi-Fi Protected Setup (WPS) sounds like a great idea in theory. It lets you authenticate wireless devices on your network by simply pressing the WPS button on your router. Then you go to your client device and press its WPS button. And voila, the device is connected without having to enter a Wi-Fi password.
The ease of use of WPS is what makes it appealing, especially if you're using one of your ISP's routers with long, complex default passwords. But after learning more about the actual steps to secure your network, you'll find that you should disable the feature in your router's admin panel.
Why is that? Bad guys can easily hijack WPS and break into your wireless network. That's because WPS:
- PIN code communication is vulnerable to attacks using .
- There are design flaws that are often not patched.
A better solution is the old-fashioned one: Require strong Wi-Fi passwords with WPA2 or WPA3 (if you have a new router). These protocols have encryption and security implementations that are harder to crack.
2. UPnP
Your router acts as the gatekeeper for your home network, protecting it from swarms of bots roaming around. But that protection can get annoying when you go overboard. In the past, multiplayer games would often fail to connect if you didn't open the right ports on your router. Bad!
Opening the right ports is never as simple as you might think. Does the software need a single port or a range? And should they be opened for TCP or UDP?
When Universal Plug and Play (UPnP) came out around 2000, it looked like a hero. Here's a simple explanation of how UPnP works:
- Your software requires permissions for the necessary ports.
- The router's UPnP feature will automatically open these ports.
However, UPnP is dangerous because a malicious program can take advantage of the protocol's rich feature set to open ports without your knowledge - effectively bypassing the protections of your router's firewall.
Fortunately, most applications today are programmed to work as expected, even with UPnP disabled. For some cases where this isn't the case—like accessing your Plex media server while away from home—it's safer to set up port forwarding rules just for what you need.
3. NAT-PMP
Network engineers at Apple recognized the security risks with UPnP and came up with an alternative for their applications called Network Address Transversal Port Mapping Protocol. NAT-PMP has the same goals as UPnP, except that NAT-PMP:
- It just focuses more narrowly on port mapping.
- There are tighter security implementations.
NAT-PMP was first introduced by Apple in 2005. After all this time, the protocol is still widely used only by Apple software and integrated into apps like FaceTime. That doesn't mean it's just Apple users who are affected: NAT-PMP is often enabled by default on many mainstream router brands like ASUS and NETGEAR.
So, has Apple succeeded in enhancing security with NAT-PMP? To some extent, yes, but not enough. So always disable NAT-PMP (sometimes listed as 'port triggering').
NAT-PMP also uses flawed logic to allow applications to control which ports are open on your router. This is fine when Apple AirPlay requires it, but not so fine when the App XYZ Trojan finds a way to spoof authentication to gain the same privileges.
NAT-PMP vulnerabilities have affected millions of devices. It's simply safer to turn this feature off. Mobile apps and Apple TV 4K still work fine with it turned off. For rare glitches, use port forwarding instead.
Growing into a security-minded mindset sometimes means giving up what's easiest. You may decide it's time to eliminate these three security risks.
You should read it
- Explain the rule 30-30-30 when resetting the router
- What is a router? Operating principle of Router
- Instructions to buy a Wi-Fi Router
- Set up a new router using IP address 192.168.1.1
- Instructions for choosing the right Wi-Fi router
- How to connect a Linksys router to another router
- The router is not as safe as you think
- What is a router? What does a router do on the network?
May be interested
- How to set up WEP, WPA, WPA2 for Linksys routerwireless connection is a necessity today and because of that, wireless security is essential to ensure safety in your local network.
- 5 settings you should change on Galaxy S9 / S9 +samsung's software on galaxy s9 and s9 + is powerful and full of features, but there are some settings that users find uncomfortable to use. so this article will give a list of 5 user settings that should be disabled immediately after using galaxy s9 or s9 +.
- Learn about mesh routersdoes your home have dead spots where wi-fi signals cannot reach, such as basements, attics or garages? in such cases, using a mesh router may be useful.
- Set up the Linksys router with a static IP addressa static ip address is a fixed ip address configured in the settings of your computer or router. some internet service providers (isp) require you to enter a static ip address on your computer or the tcp / ip settings of your router to be able to connect to the internet.
- How to Login to Netgear Routerlogging into your netgear router will allow you to change the router's default username and password, customize network settings, security layer strength, and enable features like parental controls. the default login information for all netgear brand routers is the same.
- Instructions for changing settings in Wi-Fi Routerwhether you have a wireless router or multiple access points (aps), there are a number of settings and features that you can use to improve your wi-fi network. and many of them help increase performance and security.
- How to Access a Routerin this article, tipsmake will show you how to access your router's settings online. to do that, you need a computer.
- How to Reset Router Passwordafter resetting your router password, you will be able to log in and make the necessary changes or customizations. the only way to reset the router password is to restore factory settings by pressing the reset button right on the device.
- How to use the backup and restore feature in the Linksys routerin the case when you need to reset the router to factory default settings, you will be able to restore the previous configuration with a backup configuration file. to backup and restore router configuration, follow the instructions below.
- Cisco Router Configuration Guide 1800 series (Cisco 1801, 1802, 1803, 1811, 1812)this article will show you how to configure cisco 1800 series routers (cisco 1801, 1802, 1803, 1811, 1812) details from global parameter settings, routing, interface protocols, and command line access.