How to Harden a Home Telstra Modem Router

Reading Time: 2 minutes

“Skinny Betty!” — From the movie Pearl Harbour.

“Skinny Betty” is a fun social way to say that you want to apply a “principle of least privilege”, by keeping things minimal.

In terms of a telstra router configuration, if you don’t need it, disable it.

Connect to your modem via ethernet or wifi.

Then visit the admin page via the URL in the manual.

The admin page should be http://192.168.0.1

Below are common settings that you should disable; –

WAN Services →UPnP

Management → Remote assistance

Content Sharing →File Server

Printer Sharing →Printer Sharing

Under WAN services your port forwarding table should be empty.

Below are tweaks you should adjust; –

Make your incoming firewall stealthy. Leaving it in normal mode will drop unknown incoming packets. Make sure you do not answer internet pings. You should test your firewall via https://dnschecker.org/port-scanner.php your results should yield no ports found.

Use an Ad blocking DNS provider.

Set a modem router admin password; –

Yet another login credential that nobody uses. Just make a short but strong password and write it down. Stick the password on your router. Record the password in your KeePass2 password manager so you do not get locked out.

Optionally you should; –

Add a mains electronic timer to the router so that your device restarts every day at 4am in the morning. Make sure to add at least 15min of off time. The benefit is that you will get a new DHCP public IP address from your ISP. You can verify that you ISP IP address changes by visiting https://dnschecker.org/ip-location.php before and after you power on/off cycle your modem.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *