- Enable the HTTPS admin console on your device and don’t forget to disable the HTTP console (if possible).
- Use a strong password for your router. Change the user name to something other than the factory default, if possible. If you worry about forgetting the new password, write it down and put it on the device itself.
- Disable access to your router’s admin console from any external network. This option is often accessible from the admin console.
- If you choose not to use the DNS servers automatically provided by your ISP, use another recursive resolver (with permission) or a resolver offered for public use such as OpenDNS. This will protect you from the published version of this attack code and the root servers will thank you.
- If possible, add a firewall rule preventing devices on your local network from sending packets to the block that your public IP address is a member of. This will prevent any IP addresses on your LAN from contacting the external IP address of your router. If your ISP changes the block used in your neighborhood, however, you will need to edit this rule. As an added benefit, this rule will prevent your systems from inadvertently broadcasting to your neighbors.
- Keep the firmware of your router and other network devices up-to-date.