Page 1 of 1
router protection
Posted: Mon Mar 02, 2020 7:07 pm
by ReadyMan
A friend of mine has a small business. He's got cable 1gb connection to the net.
He's got his cable modem connected to his wifi router, and he's concerned about
people hacking into his router.
Any recommendations for protection for a router?
I found this
https://www.trendmicro.com/en_us/forHom ... urity.html, but I didnt know where else to steer him.
He just needs something simple.
Thanks!
RM
Re: router protection
Posted: Tue Mar 03, 2020 7:01 am
by Krom
I would recommend getting a less common router that still gets regular security updates and is kept up to date such as an Ubiquity or other "small business class" unit. That Trend Micro device just plugs in to one of the ethernet ports of the router so it ultimately still depends on the routers firewall for protection and is not as good as getting a device that does the routing/firewall/intrusion detection/malware filtering itself.
I have gigabit internet and I'm using a full blown quad core i7 desktop computer with 16 GB of RAM and a SSD as my router running a branch of pfSense that does it all, but requires quite a bit of time put in to configuring everything (the defaults work as a router but don't have the more advanced security abilities configured). The reason it is such a powerful computer (beyond just being what I had sitting around extra) is because it is actually necessary in order to support all of the real-time security features without degrading the performance. My high end ASUS wifi router could also do a basic version of pretty much all the security and tracking options I have on my current router, but at the cost of limiting the throughput to less than 200 megabits.
Basically he is going to want to get away from consumer class devices which are generally the most targeted devices because they are also the most likely to have unpatched security vulnerabilities. That Trend Micro device doesn't do you much good if you plug it in to a common linksys/asus/dlink router a year or more behind on firmware updates that may have a glaring remote security vulnerability which allows attackers to gain complete control over it.
Also letting him know that one should never depend on the router/firewall for all the system protection. Windows defender is quite good these days and is included and enabled by default on all windows 10 machines and should be left running. Third party real-time antivirus/malware (such as Trend Micro) are getting to the point where they cause more problems than they solve, it shouldn't be hard to find articles documenting instances of hackers exploiting bugs in Symantec Anti-Virus to compromise systems so I would actually avoid them. Ultimately the less network facing software you are running on the end point computers themselves the better. Windows itself is amazingly hardened piece of software that people rarely give Microsoft credit for, but its defenses only go so far, keep browsers especially or anything else that talks to the network up to date (not particularly difficult in this era of chrome/firefox silently updating in the background). But ultimately security of a network depends the most on the users. Know what is visible from the internet, keep it locked down to just what it needs to do, and keep it up to date.