How to enhance your WiFi security

The most common way to protect a WiFi network is to enable the WiFi router's built-in encryption options. Encryption means that the WiFi signal is scrambled so that unauthorised computers and devices are unable to understand the data being transmitted across your WiFi network. The computers and devices you want to be able to access your network are set up so that they can unscramble the WiFi signal – meaning that you can connect to the WiFi network without any problems.

There are several ways to encrypt your router’s signal – WPA2, WPA and WEP. We recommend using WPA2, and this is enabled by default on all Virgin Media Hubs.

WPA2 works on the latest WiFi equipment and operating systems but both WPA and WPA2, combined with a unique passphrase, make it almost impossible for anyone unauthorised to gain access to your WiFi network.

Most WiFi routers, and all Virgin Media Hubs, have a unique WiFi passphrase, to ensure that only you and those you give the passphrase can access your WiFi network.

To improve your security, we recommend you change this to a passphrase only you know. When choosing your new passphrase we recommend at least twelve characters with a mix of upper case, lower case and numbers. It should be unique: not something you use for anything else.

For more information on changing your Hub's WiFi passphrase, see changing your Virgin Media Hub's wireless password

(Wi-Fi Protected Access) WiFi networks secured with WPA encryption require the use of a network security key or 'passphrase' (password), made up of letters and numbers. Computers and other devices must use this passphrase in order to connect to the WiFi network.

As the owner of the WiFi network, you may choose your own passphrase when you set up the WiFi network. The more complex and lengthy your passphrase is, the less likely it is that someone unauthorised will be able to access your WiFi network.

When choosing your passphrase we recommend at least twelve characters with a mix of upper case, lower case and numbers. It should be unique: not something you use for anything else.

To use WPA on Windows, you need to use Windows XP Service Pack 2 or later.

WPA2 is an improved version of WPA, and is used by all recent connected devices, including our Broadband kit. Where possible you should always ensure that you’re using WPA2.

If some of your equipment is WPA-compatible and some is WPA2-compatible, your Hub can be set up to allow connections from both types of equipment. This support for WPA/WPA2 is sometimes called 'Dual Mode' or 'Mixed Mode'.

The threat posed to a customer, ourselves as an ISP and 3rd parties vary depending on the vulnerability. Most issues allow for a malicious 3rd party to exploit the vulnerability on the customer’s network to either steal personal information or to use the network to amplify malicious traffic – such as participating in a Denial of Service attack on other Internet users.

If these issues are not resolved immediately, then any personal information on devices using the vulnerable home network could be at risk and in cases where the vulnerability could be used to amplify malicious traffic, it could cause significant issues with Broadband performance and stability as the connection is essentially being flooded with traffic.

In most cases it is down to a misconfiguration on a firewall being used on the home network. If you’re unfamiliar with the concept of a firewall, think of it as a version of airport customs but for your home network – it will only let certain types of wanted traffic to pass in and out.

Unless you have a specific setup configured, your devices will be using the built-in firewall on our Hub 3 or Super Hub routers to filter out any unwanted traffic from entering or leaving your network.

Every communication we issue about a vulnerability will list steps that can be taken to resolve the issue. In most cases the steps require you to login to the Hub 3's or Super Hub’s configuration pages and remove any unneeded port forwarding or filtering rules as well as removing devices from the DMZ.

The DMZ standards for Demilitarised Zone, it’s a feature in most router firewalls, including the Virgin Media Hub 3's and Super Hubs. It allows for any devices placed in the DMZ to bypass all firewall settings. This should only be used in very specific circumstances, such as when a customer wishes to use a device that has its own software firewall configured. If there is a device in the DMZ that is using a service that should not be exposed to the Internet, or it has a flaw in a service it uses – then it can be misused by malicious third parties to commit abuse.

In most cases no, you will only encounter a problem if you need to access a service that you run on your home network via one of the ports that are blocked on our network.

If this doesn’t sound familiar then you’re very unlikely to be affected, as it is generally only specific to advanced home networks that have been manually configured.

The Internet Watch Foundation (IWF) is an independent body funded by the European Union and internet service providers such as Virgin Media. Their confidential hotline lets internet users report criminal online content such as child sexual abuse images. Then working with law enforcement, their mission is to eliminate the source of this content. The IWF also works with its internet service provider members (including Virgin Media) to remove access to it.

Working with the IWF not only protects children across the world, but also protects customers from accessing such content.

For more information on the work that IWF do, visit their site.

The use of the internet has changed dramatically over the last few years. Superfast broadband services mean more and more of us are enjoying catch up TV, listening to music or shopping online. Our network can deliver all of these services quickly and easily – but some websites may be acting unlawfully.

We pride ourselves on being a responsible internet service provider. So when we get a Court Order that compels us to block content that is breaking the law, we act on them. This happens when websites or servers offer access to copyright or trademark infringing material and Virgin Media (along with other ISPs in the UK) has to block this access by law.

Step 1. Enter 192.168.0.1 into your browser Step 2. Enter your admin name and password Step 3. Once signed in, go to Advanced settings > Wireless> Security Select the dropdown next to Security and change it to WPA2-PSK Step 4. Select Apply changes

Step 1. Connect a laptop to the Booster using an Ethernet cable.

Step 2. Using your browser, login to Virgin Media Powerline Booster's GUI page.

Step 3. Enter the Settings Password which is printed on the back of the Booster (not your WiFi password).

Step 4. Select Wireless settings then Security.

Step 5. Under 2.4Ghz Wireless security settings, check security. If security is not WPAC-PSK, then drop down and select WPA2-PSK.