We come to you!

How to Configure Your New Router

Presuming that you have already gotten the router installed and your computers are able to access it, it is time to make it secure since default settings are never secure. If you have doubts about this, think about it this way: all routers have a default password from the factory and all hackers and other undesirables know this. Thus, they can get into your router, change its configuration, and make themselves a part of your network. They can then make themselves right at home and steal any files on your computers, send out emails as you, and even (if you have a wireless router) use the bandwidth that you pay for (which could end up costing you dearly in overage charges if you have bandwidth limitations that are imposed by some ISPs). Not changing the password is akin to buying a new car, leaving it unlocked, and setting the keys in the driver's seat. Very unwise to say the least! Once you have configured a new password (or make any of the other changes below), be sure to click on the "Save Settings" button on the screen before proceeding to the next configuration change. If you forget to do so, then the change that you made will not be saved to the router.

So, what do you do? You find out what the default IP address for your router is and log into the router. Most routers have a default address of or Look at the "quick installation" sheet that came with your router to find out what the address is as well as find out the default administrative username and password. Once you are in the router, there are several things that I would recommend that you change. The one that you must change, though, is the password! Do not leave it at the default of PASSWORD or whatever it might be. That's just begging to be targeted.

Next, you should change the name of the router. Most start out with a default Host name of the manufacturer's name or the model of the router (such as Linksys or WRT54G). It is a bad idea to advertise what type of router it is since there is the chance, albeit limited, that a hacker will find a weakness that can be exploited if he knows what model it is. I generally configure the router host name to MINE or something less helpful to the hacker.

Now if you have a wireless router, you need to change the SSID (wireless ID) of the router and set up some form of wireless security (such as WEP, WPA, or WPA2). The most advisable currently is WPA2 as it is the most secure and does not have the security weaknesses of the other two standards about which some people are concerned. (However, in my professional experience, I have not seen the weaknesses of the other two standards exploited in regard to home users, so if you have only WEP, use it. It definitely is better than having no security at all.) Whatever method you choose, configure the appropriate key code in the router and then enter that same information into each workstation that is connected wirelessly with an appropriate adapter. (If the computers do not have the key code entered, they will not be able to access the Internet or the local network.) As for the SSID, change it to something you like but do not make it obvious such as your street address, last name, or the name of a pet. Some that I have seen in the past that are good are "WhoMe," "DontStealOurInternet," and "Routersaurus."

It is also advisable to change the IP address scheme of your router. All routers, by default, are configured to use the 192.168.x.x IP address range and hackers know this, so they will target that address range to try to find something that will respond. There are two other private IP address ranges defined that are less commonly used by home users. Those are 172.16.x.x and 10.x.x.x, with the latter being most commonly used by businesses and what I recommend for use by home users. The reason is that 10.x.x.x widens the spectrum of addresses the hackers need to test to nearly 17 million. With the other two address schemes, it is a mere 65,536. While that may not seem like much but, if you think about it for a moment and, for argument's sake, let's say a hacker tries five machines per second, he would be able to test all 65,000+ addresses in a matter of about 3 hours. The 10.x.x.x scheme would, by comparison, require over a month to do the same scan. He might be willing to sacrifice three hours but he definitely will not waste a month: he'll move on to an easier target.

Now, be aware that when you change the IP address scheme, you will also be changing the address of the router and your currently-assigned IP address will become invalid. Therefore, when you save the changes to the router, reboot your computer. This will make sure that you get a new assigned IP address from the router.

After the reboot, get back into your router with its new address and password and then find something that says "Block Internet Ping Requests" or something similar. If that is not turned on (which it often is not by default), make sure that you check its box. You want the router to block ping requests because that is how hackers most easily find your router and know to target you. Further, most often in the same area as the Ping option, there will be another that says something like "Allow Remote Administration." This selects whether you wish to allow people from the Internet to be able to use the configuration interface you are using at this time. With this option, you want to make sure to disallow remote configuration, so uncheck the box.

Once all this is done, the router is secure and you are done. If you do not feel comfortable doing all this yourself, hire a professional to do it for you. Any professional technician should be able to accomplish all these changes (barring any problems) in about fifteen minutes. At Best Deal Computers, we provide free installation and configuration services of routers sold by BDC to our local Douglas County (Kansas) clients. Give us a call and we'll make sure you have the safety and security you need.