Posted by : Amber Marfatia
1. MAC filtering
2. Disable DHCP
3. Disable SSID
You need to enable WPA / WPA2 to protect network (don't use wep). I also recommend disabling Universal Plug and Play (UPnP) support. The UPnP protocol does not implement any authentication, so UPnP device implementations must implement their own authentication mechanisms, or implement the Device Security Service. Unfortunately, many UPnP device implementations lack authentication mechanisms, and by default assume local systems and their users are completely trustworthy. Most notably, Routers and firewalls running the UPnP IGD protocol are vulnerable to attack since the framers of the protocol omitted to add any standard authentication method.
1. Always use WPA / WPA2 with TKIP or AES encrypting with a strong paraphrase
2. Change paraphrase every month
3. Disable UPnP
4. Disable wireless router remote (public IP based) management and ssh / telnet port features. Only use your local PC for telnet / ssh or router management.
5. Turn on firewall, port scan and DoS protection (which is a default for many routers)
6. Turn on email notification when DoS or port scan attack detected
7. You may find our WPA / WPA2 Linux configuration guide useful
8. Enable MAC filter which allows only the specified devices to connect (which are part of MAC allowed access list)
Additional tips for Windows user - Use an anti virus, firewall / internet secruity suite. Most important don't use bloated Norton product. My personal recommendation is NOD32 or AVG. Both are extremely light on system resources and detecting viruses. Either is an excellent anti-virus solution. Keep your operating system and virus databases always up to date.