Most consumer wireless routers don't have security enabled out of the box, so your neighbors or wardrivers can easily use your network connection. Although you might feel generous enough to allow this, keep in mind that:
- they can spy on your Internet activity
- you'll be legally responsible for any crimes they commit on your network
- Change the router's administrator password. This prevents others from changing your network settings.
- Disable remote administration. You should only administer your router from your local network. If you must administer it remotely, be sure to use TLS/SSL.
- Enable WPA2 security with a strong passphrase (see my post GRC.com/passwords: Strong passwords for WPA and other uses). This keeps others from connecting to your network, and also encrypts the traffic between your computer and router.
- Disable Universal Plug and Play. Although Universal Plug and Play is a convenient way for software and network devices to let themselves through your firewall, the technology poses an obvious security vulnerability.
- Don't try to hide by turning off SSID broadcasting. Any decent networking software can still see the SSID since it has to broadcast for WiFi to work.
- Don't rely on MAC address filtering. MAC addresses are easily spoofed, so this provides no security.
- Don't use anything less than WPA2 unless your equipment won't support it. WEP and WPA have known flaws.