Most secure updating routing information
"Go to /HNAP1/, and, hopefully, you'll get no response back, if that's the only good thing.Frankly, if you get any response back, I would throw the router out." Worst of all is Wi-Fi Protected Setup (WPS), an ease-of-use feature that lets users bypass the network password and connect devices to a Wi-Fi network simply by entering an eight-digit PIN that's printed on the router itself."If WPS is active, you can get into the router," Horowitz said."You just need to make 11,000 guesses" — a trivial task for most modern computers and smartphones.Many consumer-grade home-gateway devices fail to notify users if and when firmware updates become available, even though those updates are essential to patch security holes, Horowitz noted.Some other devices will not accept passwords longer than 16 characters.Router: How They're Different and What They Do Next, Horowitz recommended that customers buy a low-end commercial-grade Wi-Fi/Ethernet router, such as the Pepwave Surf SOHO, which retails for about 0, rather than a consumer-friendly router that can cost as little as .
"UPn P was designed for LANs [local area networks], and as such, it has no security."If your router is given to you by your internet service provider [ISP], you don't want to use it either, because they give away millions of them, and that makes them a prime target both for spy agencies and bad guys." Horowitz recommended that security-conscious consumers instead upgrade to commercial routers intended for small businesses, or at least separate their modems and routers into two separate devices.(Many "gateway" units, often supplied by ISPs, act as both.) Failing either of those options, Horowitz gave a list of precautions users could take.Most gateway routers used by home customers are profoundly not secure, and some routers are so vulnerable to attack that they should be thrown out, a security expert said at the HOPE X hacker conference in New York.