Internode Blog

Customer Security – ADSL Router Security Basics

Wednesday, May 12th, 2010 by

Recently, we updated the functionality of our Network Firewall to increase the default protection provided to customers for their home and business networks.

Part of the reason behind making these changes, was to increase the security for customer ADSL routers. Even with this increased security, there are still some additional basic techniques that you can use to increase and maintain the security of your ADSL router and home or business network. Here’s some suggestions :

  1. Change the default ‘admin’ password – If someone wanted to break into your car, the first thing they would do is to check if the door was already unlocked.  Default passwords for ADSL routers are globally known and well documented on the Internet. Using the default password is the online equivalent to leaving your car door unlocked.  Change the password on your ADSL router, and breaking in just got a whole lot harder.
  2. Use a complex ‘admin’ password, document it and keep it in a safe and secure place in case you need it.  (Personal opinion on passwords:  sticky notes are evil – please don’t use them to write down your passwords to stick on your computer monitor!).
  3. Use a complex password for your Internode account as well.  Also document it and keep it in a safe and secure place in case you need it.  Best practice suggests using a different password to the one for your ADSL routers ‘admin’ account.
  4. Don’t allow remote admin from the Internet – Generally, your ADSL router won’t tell you that someone is trying to hack in to it through the use of ‘brute force’ password attacks. Hardware pre-configured by Internode will have this disabled by default – however, some retail stores do sell ADSL equipment with this enabled.
  5. If you use WiFi, use a complex SSID and WPA2-PSK encryption – that way, no one will piggy back on your  connection or attack your network by gaining access through your WiFi.
  6. Consider using MAC address restrictions on your WiFi network, as this restricts access to specific machines – this is an advanced step and not recommended for beginners.
  7. If you don’t use wireless networking, turn it off. All ADSL routers pre-configured by Internode have WiFi disabled by default.
  8. Don’t respond to email requests for your Internode username and password – EVER! This is called ‘Phishing’ and legitimate organisations never ask for sensitive authentication or financial information via email.  Never reply, not even to tell them that you are onto them. Ignore and delete.

These simple steps will help to improve your Internet experience and keep your information secure. They’ll also help to avoid the pain and toil of having to reset and change all of your settings if your ADSL router gets compromised.

One last thing, if your ADSL password does become compromised and we/you change it, please don’t reuse the compromised password.  The bad guys are on to that one and they will continually try compromised passwords over and over again – just in case…

Safe interwebs everyone.