Network
A router is an internet-facing computer that also happens to make Netflix work. Attackers use badly maintained home routers for botnets, proxy traffic and hiding infrastructure. Treat the box like infrastructure, not furniture.
Short version
Buy supported, keep it patched, turn off dangerous convenience features, and replace it when support dies. If it joins a botnet, the first person who suffers the abuse complaint, strange blocks or reputation damage may be you.
Source imagery
Swipe examples
Image 1/3
Image 2/3
Image 3/3
Router exposure map
A home router sits between random internet scanning and the devices people actually use. The goal is not a perfect lab network. It is fewer doors from the street, and less reach when a cheap device misbehaves.
There are still obvious things for scanners to try: old firmware, WPS or admin exposure.
IoT, laptops and work devices share one room. A compromised gadget gets more places to poke.
Explain the jargon
Tap a term for the plain-English version and the practical move. No fake mystique, just the bit that changes what you do at home.
Swipe the terms one at a time below desktop width. Glossary cards can get wordy, and squeezing three of them into a tablet row helps nobody.
The push-button or PIN pairing feature for Wi‑Fi. It was built for convenience, not for a world where routers sit online for years.
Do this: Turn it off after setup. Use the normal Wi‑Fi password for new devices.
A feature that lets devices ask the router to open ports automatically. Handy for games, risky when cameras, NAS boxes or malware ask for the same favour.
Do this: Review UPnP-created rules. If nobody needs it, disable it and add deliberate port forwards only when you understand the exposure.
Router management reachable from the internet. Attackers scan for these panels constantly because they are valuable chokepoints.
Do this: Keep admin access local unless there is a strong reason, then protect it with vendor-supported MFA/VPN and patching.
Read these as three short household checklists. They stay stacked below desktop width so the action text does not get squeezed.
Self-check questions
Use these quick checks to find the next practical fix. The useful answer is not perfect security; it is whether the safer path is obvious when someone is tired, embarrassed or in a hurry.
On phones, swipe one question at a time. Use the first uncomfortable answer as the next household fix, not as a lecture.
Who in the house can log in, check the firmware version and explain what happens if the router dies tonight?
Good sign: One person owns updates, the admin login is stored safely, and the model/support status is known.
Watch for: If nobody can log in, nobody owns the internet edge. That is how unsupported routers become permanent furniture.
Which settings let the outside world touch the home network: remote admin, port forwards, UPnP rules, old VPN servers or camera/NAS access?
Good sign: Each exposed path has a named reason, current firmware and a removal date or review habit.
Watch for: Mystery forwards and automatic UPnP openings are invitations nobody remembers sending.
Where do visitors, smart gadgets, picture frames, cameras and experimental devices connect?
Good sign: Guest or IoT Wi-Fi keeps cheap and temporary devices away from laptops, NAS boxes and work gear.
Watch for: A flat network lets a bargain gadget become an inside problem instead of a contained annoyance.
Full guidance
By the end, you should know what to check, what to switch off, why botnets want home routers, and when the answer is replacement rather than another Saturday of fiddling.
Swipe one guidance note at a time below desktop width. The receipt cards appear first; these notes are the deeper explanation, not a wall to skim in one go.
Note 01/05
Mirai made the point loudly: weak defaults and neglected internet-facing devices can become attack infrastructure. More recent advisories show home and small-office routers being abused by serious actors too, including state-linked operations. Your router has a clean residential IP, sits online all day, and is often ignored for years. That is exactly why it is useful to someone else.
Note 02/05
A hostile router can proxy other people's traffic, take part in DDoS activity, hide scanning, interfere with DNS, expose internal devices, or make your home IP look suspicious to banks, games, streaming services and work portals. You may not see malware on a laptop because the problem is upstream, quietly turning the internet edge into someone else's tool.
Note 03/05
Low-maintenance homes should prefer supported auto-updating ISP/eero/Nest-style gear. Moderate homes can run ASUS, Synology, Netgear or simple UniFi if somebody reads notices. Technical homes can run UniFi, OpenWrt, pfSense or OPNsense, but the owner must document rules and replacement triggers.
Note 04/05
Replace when the vendor no longer ships security fixes, the admin UI is unknown, firmware cannot be verified, or the device requires unsafe features to remain usable. Sentimentality is for photos, not unsupported internet edge devices.
Note 05/05
Guest Wi‑Fi for visitors and IoT is useful because it is simple. Fine-grained firewall artistry is only useful if a real person maintains it.
Scenario
Swipe one real-world mess at a time
Scenario 1/2
Nobody knows the admin password and UPnP is on.
Better response
Worse habit
Treating blinking LEDs as a support lifecycle.
Scenario 2/2
Banking, games or streaming services start challenging the home connection and nobody knows why.
Better response
Worse habit
Only blaming the website while the router keeps acting as someone else's exit point.