In How to Secure Your Computer: Maxim #2, I stressed the importance of having a NAT router between your PC and the Internet. While that is without question the first, most important security step, it alone is not enough. The router itself is a weak point unless you have it properly configured.

All routers come with a default username and password configured. These defaults are well known and published on the Web. Three of the more widely-used consumer routers, Linksys, D-Link, and Netgear, have recently been shown to be vulnerable to a JavaScript web page attack. Go to the wrong site and if your router has the default password, the attacker can change its settings to send you wherever they want you to go. You’ll think you’re looking at your bank’s login page, but it will be a fake look-alike that steals your account information as soon as you log in.

Always change the default username and password of any configurable device you put on your home network.

The Geek

 Note: If any of what I say in these Maxims is over your head, please find a friendly Geek to help you, or post a comment here asking for clarification.

Have a computer problem? A question about your latest gadget? Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a Microsoft Certified Systems Engineer with Connective Computing, Inc. providing network, desktop and info security support services to a wide range of clients.