Subscribe via RSS
edmidor.com
Smart Home | From VoIP and Home Automation to Networking and Hi-End Audio

How to block IP address on wireless router?

in Home Network

Got an interesting question on wireless router security: how to block inbound IP address on a router? What happens is that user noticed there is a certain IP address that keeps trying to connect to his IP. The question is how to to block that IP, just in case. I monitor my connections when I’m in the research mood, and I’ve noticed almost always there’s few IP located somewhere in Asia trying to connect to my home router. Nobody knows why for sure, but it always better to be safe then sorry.

To be able to block IP address along with better access control, what you really need is modern well featured router. On your right you can see a list of the best wireless routers 2010.

D-Link DIR-655 Extreme-N Gigabit Wireless Router
D-Link DIR-655 Extreme-N Gigabit Wireless Router

Rating:
Read 1,959 customer reviews...

Nearly all consumer routers have basic home network security features, such as SPI firewall with some basic filters, SPI stands for stateful packet inspection, more on that later. Assuming that the router is pre-configured well enough, most users think they’re secure. Without going any deep into real network security, I’ll give one very simple scenario when off the shelf firewall won’t protect you from the “bad guys”.

Normally SPI firewall router won’t let strangers in without a reason. It’s simple, people usually have more then one device on their local network – laptop, iPhone, etc., so when someone from out there chimes in, the router has no idea to what device it should take the guest. It works the other way around – user should invite the guest, connect to him, then the router will keep it in memory for some time (until the connection expires), and when the other party replies, your router will be expecting the guest and let him in. Usually it’s more then enough for basic network security.

But what if you posted open invitation to a party at your house – anyone can come?

When you install P2P client of any kind, it usually opens enormous amount of connections all over the place (the internet). With default home router configuration, when your P2P application connects to the other party, it tells your router firewall: “I trust that guy, when he responds on my request, just let him in”. And it stays like that until the connection expires, which may happens after few hours. All this time you have a potential hole in your network security perimeter. The problem is that most users don’t think about it as a hole. To keep the long story short, it’s not a big deal to create a piece of software presenting itself as legitimate P2P server, accepting connections, and then attack against known exploits or network security flaws within your p2p client or operational system.

So if you see suspicious IP trying to connect to you, by blocking it altogether you at least make sure to give the attacker hard time to do the above or something similar.

What you can do to block inbound IP address to improve your home network security?

ASUS (RT-N16) Wireless-N 300 Maximum Performance single band Gaming Router: Fast Gigabit Ethernet, support USB-Hard Drive and Printer and Open source DDWRT
ASUS (RT-N16) Wireless-N 300 Maximum Performance single band Gaming Router: Fast Gigabit Ethernet, support USB-Hard Drive and Printer and Open source DDWRT

Rating:
Read 174 customer reviews...

First of all check filters settings on your router configuration page. Unfortunately not many consumer routers have such an option.

If your router is running one of the open source firmware, OpenWRT, Tomato, DD-WRT, you can always use command line, few iptables commands can instruct the router to drop incoming traffic by your criteria. If you have Linksys router, or be it DLink or Asus – it worth checking if it can run one of the 3rd party firmware. They are compatible with any WiFi adapter

If command line is not an option for you, there are still plenty of options.

Tomato firewall section has advanced filtering settings

Some suggest to port-forward the bad IP to nonexistent internal IP which supposedly should cause router to drop the packets; I wouldn’t recommend doing that. Essentially this way you let the traffic in.

Very interesting, but… is there an easy way to block inbound IP address?

Well, yeah! You want advanced settings the easy way? Get better router. Period. There are two well regarded open source router platforms running on any regular PC: m0n0wall, and pfSense, either one is an excellent Linux firewall. There you can have as many settings as you wish, with a neat GUI.

If you’d like something that you can set and forget, without tedious installation, configuration, and associated learning curve get Asus or Netgear. Don’t fall for anything like cable modem gateway, you’ll be much safer if you buy an inexpensive business router such as Mikrotik 450g. Very powerful yet inexpensive QoS router, it has GUI for every possible settings that otherwise would require messing up with command line interface.

All in all, for wireless router security blocking inbound IP address is by no means guarantee from an hacker attack, but it it one of the elements worth figuring out.



You Asked:
  • can a wireless router be able to block IP addresses
  • router blocking ip
  • how to block unwanted IP addresses from your router
  • how to block ip address on a router
  • how to block ip address linksys
  • how to block ip address from dlink router
  • how to block incoming router
  • how to block an ip address from router
  • dlink block ip
  • tomato not blocking inbound

More on the subject: