Protected wi fi. Recommendations for protecting your router and Wi-Fi access point from hacking

All tips

Securing your private WiFi network is the most important aspect when creating a HomeGroup. The fact is that the access point has a fairly large range of action, which can be taken advantage of by attackers. What to do to prevent this? How to protect a private wireless network from attacks by unscrupulous people? This is exactly what this article will discuss.

How to protect your home WiFi networks

Before moving on to the question of how to protect your private home WiFi network, you should understand how it works. So, to organize a home wireless network, as a rule, a router is used, which acts as an access point. In order to become a member of the group you need to connect to it.

This suggests that to protect confidential information, it is necessary to deny access to the router to unauthorized people. How it's done? There are several points here:

A long and complex password to enter the router settings menu.
A strong password for connecting to a Wi-Fi network.
Selecting a secure encryption type.
Using a MAC filter.
Access settings in the operating system.

As you can see, there are quite a lot of security settings. This is necessary, since protecting the confidentiality of the Wi-Fi network depends on it. However, most of them are in the router settings.

So, let's look at all these points in order.

WiFi network protection: Video

Key to enter the router settings menu

Since almost all security settings are set in the router, we need to come up with a complex password to enter the settings system. In addition, a login is used here, which must also be original and complex. How to do it?

First of all, it is worth noting that each router has a different interface, but the principle of operation is almost the same for all. We will look at how to change the router login password using the D-LinkDIR-615 model as an example.

First, connect to the router wirelessly or via cable. After that, open a browser and enter the address of your router in the address bar. It is indicated on the bottom cover of the device, as well as in the instructions.

How to easily find out the IP address of a WiFi router: Video

In the overwhelming majority, this is the following address - 192.168.0.1 (the following addresses can also be used - 192.168.1.1 or 192.168.2.1).

After entering the address, the system will prompt you to enter your login and password. Initially specified as admin, admin respectively. It is these values that will now need to be changed, since the manufacturer uses an insecure login and key so that the user can easily enter the settings and change the data at his discretion.

After entering, press “Enter”. Here we are in the router settings menu. At the bottom of the screen you need to click “Advanced settings”. Several additional sections will appear, among which you need to find “System” and select “Administrator Password” in it. This is the very key that we need to change.

In the window that appears, you just need to enter a new password and confirm it. Next, just click “Apply”. This completes the process of changing the key, and now the security of your home wireless WiFi network has become higher.

How to find out the password for your WiFi connection in the router settings: Video

Please note that this router model does not allow you to change the administrator login. However, devices from other manufacturers or even just other models allow you to set any login to log into the system.

Wi-Fi network key

A very important parameter on which the protection of information in Wi-Fi networks depends is the network password. It prevents unauthorized attackers from connecting to the router via wireless communication. That is why the network key must be long and complex.

It is worth noting that initially the router does not have Wi-Fi connection protection at all. In other words, anyone within the coverage area can connect to the device without entering passwords.

To fix this, we need to go back to the router settings menu. Now we are interested in the “WiFi” section, in which we need to find and open the security settings. In the window that opens, we will need to select the encryption type (type of authentication). This is also an important parameter that affects network security.

So, select the encryption type WPA-PSKWPA2-PSKmixed. This is the recommended secure authentication type and provides the most security. A line will appear below in which you must enter the network key. Enter the invented values. It is recommended to use a mixture of Latin letters and numbers. Moreover, the number of characters must be at least 8-12.

Router MAC filter

Each device equipped with a network adapter, computer, laptop, smartphone, tablet, etc., has a unique MAC address. In order to increase network security, it is recommended to install a filter for such addresses. In other words, in the router settings you can allow connections only to trusted devices by specifying their addresses.

To do this, go to the router settings menu again. In the “WiFi” section we find the MAC filter and open it. The window that appears has two tabs:

Filter mode.
MAC addresses.

The first is the regime. Here you can choose one of three options:

Allow – the specified MAC addresses will be allowed access to the network. Everyone else will not be able to connect to the group.
Deny – denies network access to the specified addresses.
Disable – filter mode is disabled.

In the first tab, select the appropriate mode. And in the second we enter the required MAC addresses. If you select the “Allow” mode, you must enter the addresses of only trusted computers. If the “Deny” mode is set, then you only need to enter the addresses of third-party PCs.

How to set up a MAC filter in a router: Video

Setting up access in the OS

The operating system also has built-in data protection features. In order to increase security, we need to enter the Network and Sharing Center. This is done by right-clicking on the connection icon in the tray.

In the window that opens, you need to open the “Change sharing settings” item. A menu will open in which you can configure access, enable or disable PC detection on the network, and much more. First of all, you need to enable password protected access. In this case, the system will independently generate a complex password. Write it down, because if you later want to provide access to any files, you will need it.

In order to configure maximum system protection, you should disable access in all points. There is nothing complicated here, carefully read the prompts on the screen.

So, now you know how to protect your private WiFi network from intruders. Now no one else will be able to connect to your group and harm information or steal important data.

How to determine who is connected to the network

We've sorted out the security settings. Now we can move on to the question of how to determine who will connect to my home WiFi network. Everything is very simple. The router registers the MAC address of each group member. Therefore, we just have to go into the router settings and look at the statistics. We are again interested in the “WiFi” section, only now we select the “Station List” item. If you are using a TP-LINK router, then you need the “Statistics” section.

The station list displays the MAC addresses of everyone currently connected to the network. Here you can disconnect one or another connection. As we already know, every computer has a unique MAC address. Now you know how to check who is connected to my private WiFi network.

To find out the value that your computer is using, just go to the Network and Sharing Center. You will see your connection in the center of the screen that appears. In the right half you will see the “Connect or disconnect” section, and a little lower - the type of access and connection. Click on the connection type and select “Details” in the menu that appears. Here you will find the "Physical Address" line. This is the MAC address of your network adapter.

How to find out who is using my WiFi: Video

I have more than 10 years of experience in the IT field. I am engaged in designing and setting up commissioning works. We also have extensive experience in building networks, system administration and working with access control and video surveillance systems.
I work as a specialist at the Techno-Master company.

What could be more important in our time than protecting your home Wi-Fi network :) This is a very popular topic, on which more than one article has been written on this site alone. I decided to collect all the necessary information on this topic on one page. Now we will look in detail at the issue of protecting a Wi-Fi network. I’ll tell you and show you how to protect Wi-Fi with a password, how to do it correctly on routers from different manufacturers, which encryption method to choose, how to choose a password, and what you need to know if you are planning to change your wireless network password.

In this article we will talk exactly about protecting your home wireless network. And about password protection only. If we consider the security of some large networks in offices, then it is better to approach security there a little differently (at least a different authentication mode). If you think that one password is not enough to protect your Wi-Fi network, then I would advise you not to bother. Set a good, complex password using these instructions and don't worry. It is unlikely that anyone will spend time and effort to hack your network. Yes, you can, for example, hide the network name (SSID) and set filtering by MAC addresses, but these are unnecessary hassles that in reality will only cause inconvenience when connecting and using a wireless network.

If you are thinking about protecting your Wi-Fi, or leaving the network open, then there can only be one solution - protect it. Yes, the Internet is unlimited, and almost everyone at home has their own router, but eventually someone will connect to your network. Why do we need this, because extra clients are an extra load on the router. And if it’s not expensive, then it simply won’t withstand this load. Also, if someone connects to your network, they will be able to access your files (if local network is configured), and access to your router settings (after all, you most likely did not change the standard admin password that protects the control panel).

Be sure to protect your Wi-Fi network with a good password with the correct (modern) encryption method. I recommend installing protection immediately when setting up the router. Also, it would be a good idea to change your password from time to time.

If you are worried that someone will hack your network, or has already done so, then simply change your password and live in peace. By the way, since you will still be logging into the control panel of your router, I would also recommend , which is used to enter the router settings.

Proper protection of your home Wi-Fi network: which encryption method to choose?

During the password setting process, you will need to select a Wi-Fi network encryption method (authentication method). I recommend installing only WPA2 - Personal, with encryption algorithm AES. For a home network, this is the best solution, currently the newest and most reliable. This is the kind of protection that router manufacturers recommend installing.

Only under one condition that you do not have old devices that you want to connect to Wi-Fi. If, after setting up, some of your old devices refuse to connect to the wireless network, you can install a protocol WPA (with TKIP encryption algorithm). I do not recommend installing the WEP protocol, as it is already outdated, not secure and can be easily hacked. Yes, and there may be problems connecting new devices.

Protocol combination WPA2 - Personal with AES encryption, this is the best option for a home network. The key itself (password) must be at least 8 characters. The password must consist of English letters, numbers and symbols. The password is case sensitive. That is, “111AA111” and “111aa111” are different passwords.

I don’t know what router you have, so I’ll prepare short instructions for the most popular manufacturers.

If after changing or setting a password you have problems connecting devices to the wireless network, then see the recommendations at the end of this article.

I advise you to immediately write down the password that you will set. If you forget it, you will have to install a new one, or .

Protecting Wi-Fi with a password on Tp-Link routers

Connecting to the router (via cable or Wi-Fi), launch any browser and open the address 192.168.1.1, or 192.168.0.1 (the address for your router, as well as the standard username and password are indicated on the sticker at the bottom of the device itself). Provide your username and password. By default, these are admin and admin. In , I described entering the settings in more detail.

In settings go to the tab Wireless(Wireless mode) - Wireless Security(Wireless Security). Check the box next to the protection method WPA/WPA2 - Personal(Recommended). In the drop down menu Version(version) select WPA2-PSK. On the menu Encryption(encryption) install AES. In field Wireless Password(PSK Password) Enter a password to protect your network.

In the settings we need to open the tab Wireless network, and make the following settings:

In the "Authentication Method" drop-down menu, select WPA2 - Personal.
"WPA encryption" - install AES.
In the "WPA Pre-Shared Key" field, write down the password for our network.

To save the settings, click the button Apply.

Connect your devices to the network with a new password.

Protecting your D-Link router's wireless network

Go to the settings of your D-Link router at 192.168.0.1. You can see detailed instructions. In settings, open the tab WiFi - Security Settings. Set the security type and password as in the screenshot below.

Setting a password on other routers

We also have detailed instructions for ZyXEL and Tenda routers. See the links:

If you haven’t found instructions for your router, then you can set up Wi-Fi network protection in the control panel of your router, in the settings section called: security settings, wireless network, Wi-Fi, Wireless, etc. I think I can find it it won't be difficult. And I think you already know what settings to set: WPA2 - Personal and AES encryption. Well, that's the key.

If you can't figure it out, ask in the comments.

What to do if devices do not connect after installation or password change?

Very often, after installation, and especially after changing the password, devices that were previously connected to your network do not want to connect to it. On computers, these are usually errors “The network settings saved on this computer do not meet the requirements of this network” and “Windows could not connect to...”. On tablets and smartphones (Android, iOS), errors such as “Could not connect to the network”, “Connected, protected”, etc. may also appear.

These problems can be solved by simply deleting the wireless network and reconnecting with a new password. I wrote how to delete a network in Windows 7. If you have Windows 10, then you need to “forget the network” using . On mobile devices, press and hold your network and select "Delete".

If connection problems occur on older devices, then set the WPA security protocol and TKIP encryption in the router settings.

Password and MAC address filtering should protect you from hacking. In fact, safety largely depends on your caution. Inappropriate security methods, uncomplicated passwords, and a careless attitude toward strangers on your home network provide attackers with additional attack opportunities. In this article, you will learn how to crack a WEP password, why you should abandon filters, and how to secure your wireless network from all sides.

Protection from uninvited guests

Your network is not secure, therefore, sooner or later, an outsider will connect to your wireless network - perhaps not even on purpose, since smartphones and tablets can automatically connect to unsecured networks. If he just opens several sites, then, most likely, nothing bad will happen except for the consumption of traffic. The situation will become more complicated if a guest starts downloading illegal content through your Internet connection.

If you have not yet taken any security measures, then go to the router interface through a browser and change your network access data. The router address usually looks like: http://192.168.1.1. If this is not the case, then you can find out the IP address of your network device through the command line. In the Windows 7 operating system, click on the “Start” button and enter the “cmd” command in the search bar. Call up the network settings with the “ipconfig” command and find the “Default gateway” line. The specified IP is the address of your router, which must be entered in the address bar of the browser. The location of your router's security settings varies by manufacturer. As a rule, they are located in a section with the name “WLAN | Safety".

If your wireless network uses an unsecured connection, you should be especially careful with content that is located in shared folders, since if it is not protected, it will be available to other users. At the same time, in the Windows XP Home operating system, the situation with shared access is simply catastrophic: by default, passwords cannot be set here at all - this function is present only in the professional version. Instead, all network requests are made through an unsecured guest account. You can secure your network in Windows XP using a small manipulation: launch the command line, enter “net user guest YourNewPassword” and confirm the operation by pressing the “Enter” key. After restarting Windows, you will be able to access network resources only if you have a password; however, finer tuning in this version of the OS, unfortunately, is not possible. Managing sharing settings is much more convenient in Windows 7. Here, to limit the number of users, just go to the “Network and Sharing Center” in the Control Panel and create a password-protected home group.

The lack of proper protection in a wireless network is a source of other dangers, since hackers can use special programs (sniffers) to identify all unprotected connections. This way, it will be easy for hackers to intercept your identification data from various services.

Hackers

As before, the two most popular security methods today are MAC address filtering and hiding the SSID (network name): these security measures will not keep you safe. In order to identify the network name, an attacker only needs a WLAN adapter, which switches to monitoring mode using a modified driver, and a sniffer - for example, Kismet. The attacker monitors the network until a user (client) connects to it. It then manipulates the data packets and thereby kicks the client off the network. When the user reconnects, the attacker sees the network name. It seems complicated, but in fact the whole process only takes a few minutes. Bypassing the MAC filter is also easy: the attacker determines the MAC address and assigns it to his device. Thus, the connection of an outsider remains unnoticed by the network owner.

If your device only supports WEP encryption, take immediate action - such a password can be cracked even by non-professionals in a few minutes.

Particularly popular among cyber fraudsters is the Aircrack-ng software package, which, in addition to the sniffer, includes an application for downloading and modifying WLAN adapter drivers, and also allows you to recover the WEP key. Well-known hacking methods are PTW and FMS/KoreK attacks, in which traffic is intercepted and a WEP key is calculated based on its analysis. In this situation, you have only two options: first, you should look for the latest firmware for your device, which will support the latest encryption methods. If the manufacturer does not provide updates, it is better to refuse to use such a device, because in doing so you are jeopardizing the security of your home network.

The popular advice to reduce Wi-Fi range only gives the appearance of protection. Neighbors will still be able to connect to your network, but attackers often use Wi-Fi adapters with a longer range.

Public hotspots

Places with free Wi-Fi attract cyber fraudsters because huge amounts of information pass through them, and anyone can use hacking tools. Public hotspots can be found in cafes, hotels and other public places. But other users of the same networks can intercept your data and, for example, take control of your accounts on various web services.

Cookie Protection. Some attack methods are truly so simple that anyone can use them. The Firesheep extension for the Firefox browser automatically reads and lists the accounts of other users, including Amazon, Google, Facebook and Twitter. If a hacker clicks on one of the entries in the list, he will immediately have full access to the account and will be able to change the user's data at his discretion. Firesheep does not crack passwords, but only copies active, unencrypted cookies. To protect yourself from such interceptions, you should use the special HTTPS Everywhere add-on for Firefox. This extension forces online services to always use an encrypted connection via HTTPS if supported by the service provider's server.

Android protection. In the recent past, widespread attention has been drawn to a flaw in the Android operating system, due to which scammers could gain access to your accounts in services such as Picasa and Google Calendar, as well as read your contacts. Google fixed this vulnerability in Android 2.3.4, but most devices previously purchased by users have older versions of the system installed. To protect them, you can use the SyncGuard application.

WPA 2

The best protection is provided by WPA2 technology, which has been used by computer equipment manufacturers since 2004. Most devices support this type of encryption. But, like other technologies, WPA2 also has its weak point: using a dictionary attack or the bruteforce method, hackers can crack passwords - however, only if they are unreliable. Dictionaries simply go through the keys stored in their databases - as a rule, all possible combinations of numbers and names. Passwords like “1234” or “Ivanov” are guessed so quickly that the hacker’s computer doesn’t even have time to warm up.

The bruteforce method does not involve using a ready-made database, but, on the contrary, selecting a password by listing all possible combinations of characters. In this way, an attacker can calculate any key - the only question is how long it will take him. NASA, in its security guidelines, recommends a password of at least eight characters, and preferably sixteen. First of all, it is important that it consists of lowercase and uppercase letters, numbers and special characters. It would take a hacker decades to crack such a password.

Your network is not yet fully protected, since all users within it have access to your router and can make changes to its settings. Some devices provide additional security features that you should also take advantage of.

First of all, disable the ability to manipulate the router via Wi-Fi. Unfortunately, this feature is only available on certain devices, such as Linksys routers. All modern router models also have the ability to set a password for the management interface, which allows you to restrict access to settings.

Like any program, the router firmware is imperfect - small flaws or critical holes in the security system are not excluded. Usually information about this instantly spreads across the Internet. Check regularly for new firmware for your router (some models even have an automatic update feature). Another advantage of flashing firmware is that it can add new functions to the device.

Periodic analysis of network traffic helps to recognize the presence of uninvited guests. In the router management interface you can find information about which devices connected to your network and when. It is more difficult to find out how much data a particular user has downloaded.

Guest access - a means of protecting your home network

If you protect your router with a strong password using WPA2 encryption, you will no longer be in any danger. But only until you share your password with other users. Friends and acquaintances who, with their smartphones, tablets or laptops, want to access the Internet through your connection are a risk factor. For example, the possibility that their devices are infected with malware cannot be ruled out. However, you won't have to refuse your friends because of this, since top-end router models, such as the Belkin N or Netgear WNDR3700, provide guest access specifically for such cases. The advantage of this mode is that the router creates a separate network with its own password, and the home one is not used.

Security Key Reliability

WEP (WIRED EQUIVALENT PRIVACY). Uses a pseudo-random number generator (RC4 algorithm) to obtain the key, as well as initialization vectors. Since the latter component is not encrypted, it is possible for third parties to intervene and recreate the WEP key.

WPA (WI-FI PROTECTED ACCESS) Based on the WEP mechanism, but offers a dynamic key for extended security. Keys generated using the TKIP algorithm can be cracked using the Bek-Tevs or Ohigashi-Moriya attack. To do this, individual packets are decrypted, manipulated, and sent back to the network.

WPA2 (WI-FI PROTECTED ACCESS 2) Uses the reliable AES (Advanced Encryption Standard) algorithm for encryption. Along with TKIP, the CCMP protocol (Counter-Mode/CBC-MAC Protocol) has been added, which is also based on the AES algorithm. Until now, a network protected by this technology could not be hacked. The only option for hackers is a dictionary attack or “brute force method”, where the key is guessed by guessing, but with a complex password it is impossible to guess it.

Is the most important electronic device in their life. It connects most other devices to the outside world and that is why it is of maximum interest to hackers.

Unfortunately, many home and small business routers come with insecure default configurations, have undocumented management accounts, use outdated services, and run on old firmware versions that are easy to hack using well-known tricks. Unfortunately, users themselves will not be able to fix some of these problems, but nevertheless, a number of actions can be taken to protect these devices, at a minimum, from large-scale automated attacks.

Basic steps

Avoid using routers provided by ISPs. Firstly, they are often more expensive. But this is not the biggest problem. Such routers, as a rule, are less secure than those models that manufacturers sell in stores. Very often they contain hard-coded remote support credentials that users cannot change. Updates for modified firmware versions often lag behind releases for commercial routers.

Change the default administrator password. Many routers come with generic admin passwords (admin/admin), and attackers constantly try to log into devices using these well-known credentials. After connecting to your router's management interface via a browser for the first time - its IP address is usually found on a sticker on the underside or in the user manual - the first thing you need to do is change the password.

Additionally, the management router's web interface should not be accessible from the Internet. For most users, there is simply no need to manage the router from outside the local network. However, if you still have a need for remote control, consider using a VPN to create a secure connection to your local network before accessing the router interface.

Even within a local network, it is worth limiting the range of IP addresses from which you can control the router. If this option is available on your model, it is best to allow access from a single IP address that is not part of the pool of IP addresses assigned by the router via DHCP (Dynamic Host Configuration Protocol). For example, you can configure the router's DHCP server to assign IP addresses from 192.168.0.1 to 192.168.0.50, and then configure the web interface to only accept the administrator from 192.168.0.53. The computer must be manually configured to use this address only when it is necessary to administer the router.

Enable access to the router interface via the https protocol if a secure connection is supported, and always log out, closing the session when configuration is complete. Use your browser in incognito or private mode to prevent Cookies from being saved automatically, and never allow your browser to save your router interface username and password.

If possible, change the router's IP address. Most often, routers are assigned the first address in a predefined range, for example, 192.168.0.1. If this option is available, change it to 192.168.0.99 or some other address that is easy to remember and that is not part of the DHCP pool. By the way, the entire range of addresses used by the router can also be changed. This helps protect against cross-site request forgery (CSRF), where an attack occurs through users' browsers and using the generic IP address typically assigned to such devices.

Create a complex Wi-Fi password and choose reliable protocol protection. WPA2 (Wi-Fi Protected Access 2) is an improvement over older WPA and WEP, which are more vulnerable to attacks. If your router provides this option, create a guest wireless network, also protecting it with WPA2 and a complex password. Let visitors or friends use this isolated segment of the guest network rather than your main network. They may not have malicious intent, but their devices may be hacked or infected with malicious software.

Disable the WPS function. This rarely used feature is designed to help users set up Wi-Fi using the PIN code printed on the router's sticker. However, several years ago, a serious vulnerability was found in many implementations of WPS versions provided by various vendors that allows hackers to break into networks. And since it will be difficult to determine which specific router models and firmware versions are vulnerable, it is better to simply disable this function on the router, if it allows you to do so. Instead, you can connect to the router via a wired connection and through the web management interface, for example setting up Wi-Fi with WPA2 and a custom password (no WPS at all).

The fewer services on your router that are exposed to the Internet, the better. This is especially true in cases where you didn't enable them and perhaps don't even know what they do. Services such as Telnet, UPnP (Universal Plug and Play), SSH (Secure Shell) and HNAP (Home Network Administration Protocol) should not be enabled on an external network at all, as they have potential security risks. However, they should also be turned off on the local network if you are not using them. Online services like Shields UP from Gibson Research Corporation (GRC) can simply scan your router's public IP address for open ports. By the way, Shields Up is capable of conducting separate scanning specifically for UPnP.

Make sure your router firmware is up to date. Some routers allow you to check for firmware updates directly from the interface, while others even have an automatic update feature. But sometimes these checks may not occur correctly due to changes in the manufacturer's servers, for example, after several years. Therefore, it is worth regularly checking the manufacturer’s website manually to see if there is a firmware update available for your router model.

More complex actions

You can use network segmentation to isolate it from the risky device. Some consumer routers provide the ability to create VLANs (virtual local area networks) within a larger private network. Such virtual networks can be used to isolate devices from the Internet of Things (IoT) category, which can be full of vulnerabilities, as researchers have repeatedly proven (Bird Kiwi discussed this problem in the previous issue of PC World - editor's note). Many IoT devices can be controlled using a smartphone through external cloud services. And since they have access to the Internet, such devices, after initial setup, do not have to interact directly with smartphones over the local network. IoT devices often use insecure administrative protocols for the local network, so an attacker could easily hack such a device using an infected computer if they are both on the same network.

With MAC address filtering, you can keep dangerous devices out of your Wi-Fi network. Many routers allow you to limit the list of devices that are allowed to enter a Wi-Fi network by their MAC address - a unique identifier of a physical network card. Enabling this feature will not allow an attacker to connect to the Wi-Fi network, even if he manages to steal or guess the password. The downside to this approach is that manually managing the list of allowed devices can quickly become an unnecessary administrative burden for large networks.

Port forwarding should only be used in combination with IP filtering. Services running on a computer behind the router will not be accessible from the Internet unless port forwarding rules are defined on the router. Many programs try to open router ports automatically via UPnP, which is not always safe. If you disable UPnP, these rules can be added manually. Moreover, some routers even allow you to specify an IP address or an entire block of addresses that can connect to a specific port in order to gain access to a particular service within the network. For example, if you want to access an FTP server on your home computer while at work, you can create a port 21 forwarding (FTP) rule in your router, but only allow connections from your company's block of IP addresses.

Custom firmware can be more secure than factory firmware. There are several Linux-based, community-supported firmware projects for a wide range of home routers. They tend to offer advanced features and settings over those found in stock firmware, and the community is quicker to fix their shortcomings than the router manufacturers themselves. Because these firmwares are marketed to enthusiasts, the number of devices that use them is much smaller than devices running OEM firmware. This significantly reduces the likelihood of extensive attacks on custom firmware. However, it is very important to keep in mind that downloading firmware to a router requires good technical knowledge. It is likely that you will void your warranty, and if there is an error, the device may be damaged. Keep this in mind, you were warned!

How to protect yourself

Check if the remote access feature is enabled on your router. It is often included in devices provided by communication providers. Providers need remote access for business purposes: this makes it easier for them to help users set up the network. However, providers may leave the default password in the web interface, making you an easy target for hacker programs.

If you can log into the web interface with the standard login and password admin / admin, be sure to change the password and write it down. When your provider configures your router remotely, simply say that you changed the password for security reasons and dictate it to the operator.

Instructions for protecting your router

Set a strong password for Wi-Fi.
Change the default administrator password.
If the router is not from your ISP, disable remote access.
If you don't know how to do all this, call a computer technician you trust.