Menu
What's new
By:
Filters Better Search

Where to start...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Dell Ray

Occasional Visitor
Hi, I have an AX58U(AX3000) that I'm using as a simple stand alone point of access router for a small home network; the router, my laptop, my mobile phone, a USB hard drive and my A/V components; a smart TV, A/V receiver, Blu-ray player, & streaming box.

I've had the router for a while and it has many settings that I don't use because I don't know enough about them and don't want to screw up my connectivity. However I've had what seems to be a couple of "near misses" as the saying goes (even though I disagree with the saying because isn't a near miss actually a hit?) and I would like to be able to confidently wrap my brain around the security features of this router.

I have the merlin wrt firmware and have for some time as well. It's actually the only thing I've done with it. I don't expect anyone to lay out a detailed map of what I should do because I know that's not what this is all about and everyone will have their own subjective opinion based on what works for them. But I could definitely use some guidance as to where I can get an outline geared toward the average person who does not have an IT background.

I'm basically looking for a starting point but also a where can I go from that because besides deciding on WPA 2 or WPA 3 and choosing login info, I really don't know much but I do know there are things I can do with my devices and this router to make things much more secure.

I don't have anything super sensitive but I do use both my laptop and phone for online shopping and mobile banking. I don't have a lot of money by any means but I don't need to have less than not a lot. Thank you in advance for any info into this.
 
The first thing is that you found these forums, just take everything you read with a pinch of salt - scepticism is a good thing!
You want to secure your local network, so use long complicated passwords for router login and WiFi, also turn off WPS (Wireless>WPS) and ICMP echo (Firewall>General), and don't allow access to the router login from WAN (Administration>System: Enable WEB access from WAN + Enable SSH(Lan Only)).
Remember this is a router, so keep it to doing router things - if you need a mini-server get a NAS, second-hand PC/capable thin client, or SBC.
Run Diversion or AdGuard Home on the router to block malicious sites, but if your ISP also blocks malicious sites by IP (Div or AGH blocking by DNS) you can still enable this.
If you are running any WEB facing servers then also enable Skynet, but if you need access from the internet just for yourself set up the router to act as a VPN server, but probably only make it available when you know you are going to need it!
Your router is going to be far happier if you keep what you are running on it to a minimum! But if you are on an xDSL (slow) connection, you might consider Conmon (Latency and see if connections are dropping), and SpdMerlin which you can use to set thresholds for QoS.
That should throw the cat amongst the pigeons, and get comments and suggestions started: There's no "right" solution, just an awful lot of opinions!
 

Router Security

Router Security Home Page
routersecurity.org routersecurity.org
At least: the SHORT list
For more advanced security: the FULL list
 
Dell Ray said:
But I could definitely use some guidance
Click to expand...

Keep it simple. Don't adopt someone else's ideas. Don't change settings you know little about. You don't really need any add-ons. You don't need to play with USB sticks. Plain Asuswrt-Merlin has plenty of options and works best. Just keep it updated as long as your router is supported.
 
Tech9 said:
Don't adopt someone else's ideas. Don't change settings you know little about.
Click to expand...
That's right, but the short list includes basics such as changing the default password, setting Wi-Fi encryption, turn off WPS, UPnP, port forwarding, IPv6, update firmware, etc.
 
There is no default password, port forwarding and IPv6 are disabled by default. Turning WPS and UPnP off may not be necessary and depends on the use case. IoT devices with one button use WPS. Games use UPnP. This was my 2nd advice to @Dell Ray - don't adopt someone else's ideas.
 
You must log in or register to reply here.

Similar threads

Q
USB WAN not recognized using Xiaomi 11 phone
Replies
2
Views
125
Qbcd
Q
Q
Weird issue with an GT-AX6000 when maxing out ISP provided speeds.
Replies
9
Views
403
Quetz
Q
B
Which OS, where to start
Replies
4
Views
663
bobs
B
K
Verizon FiOS and GT-AXE16000 - upload performance loss after updating firmware
Replies
5
Views
273
Kurai
K
D
When connected to my GT-AX6000 something is not allowing certain apps or functions to work on our phones and I need help how to troubleshoot
2
Replies
30
Views
2K
dyer4789
D
Similar threads
Thread starter Title Forum Replies Date
Spartan Where is the custom configuration field on the new ASUS routers? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 16
S Router insists it wants to start a new setup (RT-AX58U) when I try to log in? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 937 (members: 21, guests: 916)
Top