HolidayBuyer's Guide

Computer Help forum

General discussion

12/10/04 Stay out of my wireless network

by Lee Koo (ADMIN) CNET staff/forum admin / December 8, 2004 5:35 AM PST

Thanks to everyone who submitted your advice to Melanie's question. While many advice from our members do somewhat overlap, please don't undermine another person's advice because they are all great advice. So read through them all. And as always, if you have more questions to ask about wireless networking or have any additional opinions or suggestions, please by all means participate and add to this thread. The more we learn about securing our wireless network the more we could use it with increased confidence and really enjoy the life without being tied down with wires.

Thanks everyone! You guys are great!
-Lee Koo
CNET Community


Question:

I am in the process of setting up my wireless network at home. How can I be sure no one taps into it?

Submitted by: Melanie D., Cincinnati, Ohio


Answer:

A wireless network is a particularly good target because it can be accessed without actually invading the property: someone parked out on the street could use your Internet connection or even access shared resources on your computers. You are wise to secure it carefully. There are several steps unique to wireless, plus the usual steps that one should take with any computer that is networked or Internet connected.

Start with the network identification (usually SSID). Each device connected to the wireless network needs the ID, but the device should know the ID, rather than have to retrieve it from the wireless router. Change the default name, encrypt it if your router and wireless devices allow, and turn off the feature that broadcasts the ID.

Next, encrypt the traffic that flows between your computer and the wireless router. This prevents someone gaining access to private information such as accounts, passwords, credit card numbers and the like, simply by 'overhearing' your transmission. Choose a complicated, unguessable encryption string.

Finally, take advantage of log in restrictions if your router supports them. Every network device - not just wireless - is identified by a unique number known as the MAC address or physical address, usually 6 pairs of numerals and letters (actually hexadecimal numbers). Some routers can be set to allow connections only from devices whose MAC addresses are stored in their memory.

As a postscript, be sure when you connect you are connecting to your secured wireless network, not your neighbors which isn't secured. Also, ask the question again in six months because by then there may be new vulnerabilities known and new defenses against them. Don't forget the standard security techniques, virus and spyware protection, plus a firewall that monitors both in- and out-bound traffic.

Good question. Not enough people ask it.

Submitted by: Bob R. of Los Angeles

Discussion is locked
You are posting a reply to: 12/10/04 Stay out of my wireless network
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: 12/10/04 Stay out of my wireless network
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Honorable mentions
by Lee Koo (ADMIN) CNET staff/forum admin / December 8, 2004 5:36 AM PST

****** HONORABLE MENTIONS**********

Answer:

First, a shameless plug for C|Net... keep an eye on http://courses.help.com/index.jsp , every once in a while they have a course that includes a lesson that addresses this very question.

There are lots of resources on the Internet giving very good advice for this. Some of them are fairly technical, but there are others that should be simple enough. Here are some tips to get you started:

1. Change default settings on the WAP (Wireless Access Point, the
"base" of your network). For example, change the name of the unit from "Linksys" (if that's how the factory set it) to "my_name's WAP". Also, change the DHCP initial address to something like 192.168.26.1 (the third number, 26 in this case, would be the one to change).

2. Enable encryption. This cannot be stressed too much. If a
cracker is within range and finds your network, they'll have simple access if you don't have encryption. Use WEP if that's all that's available, but use WPA if you have it. Choose a good password/key to protect it (not something simple to guess like a family member's name).

3. Use firewalls. The WAP may have a firewall built in. If it does, use it. But don't stop there. Install and use a software firewall on all your computers (like ZoneAlarm).

4. For truly secure communication between machines on your network, don't use wireless. Remember, no matter how many precautions you take, a dedicated hacker will be able to break into a wireless network.

Submitted by: Michael B. of Taylorsville, UT

**********************************************************************************

Answer:

How can you be sure no one taps into your wireless network? The simple answer is "You can't." There are things you can do to say "Go away" and make it more challenging, but nothing currently commercially available is an absolute solution. You can limit what MAC addresses are allowed to connect, but they can be spoofed. You can use WEP, but the keys can be intercepted.

The answer is: Don't transmit you SSID, limit MAC addresses allowed to connect, use WEP, and then assume that someone could get on anyway.
This will keep average users and ethical war drivers from wasting your bandwidth, but will not ensure security.

My wireless is outside the firewall. I treat all wireless traffic as if it were from the public internet. Anyone wanting to use local network resources by wireless must use VPN.


Submitted by: Grant J.

**********************************************************************************

Answer:

There are several steps you can take to discourage unauthorized access to your wireless network
Change the default SSID (Network ID) and change it periodically afterward.
Disable SSID broadcasts.
Change the default password for your wireless routers? administrator account.

Enable WEP 128-bit encryption and change it periodically.
Typically WEP can be set to one of three states: OFF, 64bit encryption, 128-bit encryption.
Wired Equivalent Privacy provides security by encrypting data that is transmitted thru the air.
WEP incurs a slight performance cost and is by no means unbreakable.

Enable MAC address based access.
MAC addresses are tied to physical network adapters and although they can be spoofed
they will add an additional layer of security.

Finally you can run a VPN over your wireless connection.
You will incur a performance hit with a VPN also.

All of the above steps with the exception of a VPN can usually be configured by accessing
your wireless routers? administrator account.


Submitted by: John M.

**********************************************************************************

Answer:

Wireless by its very nature is more susceptible to attack than a wired network. Anyone with a wireless equipped notebook could possibly locate themselves near your home and associate or attach to your Access Point or a neighbor might be able to use your wireless access point as his access point. Some things that you can do to prevent this are:
1) Be aware of the fact that the useful distance of the home wireless signal is about 150 feet. This decreases dramatically with obstructions such as walls and the materials of which they are made. I tested this at home by first placing the AP (access point) on the ground floor or my home. My neighbor (and friend) across the street was able to connect to it. His signal was weaker and the data rate was lower than the computers in my home but he was able still able to connect. I then moved the AP into the basement of my house and there was no signal across the street. The signal from the AP's antenna is omni directional so the signal to the computers next to the AP and on the 2 floors above was still strong but the angle across the street was such that the signal had to pass through a lot or earth to reach the neighbors PC. Putting the AP in the attic would have the opposite effect. Remember too that glass is invisible to radio waves so do not place the AP in front of a window. Some experiment with placement may be necessary as the things that obstruct the signal to the outside might all cause interference or week signals in some locations of your house.
2) Use WEP (Wired Equivalency Privacy) that is available on all AP devices but is probably disabled by default. This is a basic form of authentication between a PC (client machine) and the AP. This does not encrypt or protect data but it does enforce that the PC authenticate to the AP using a system of shared keys. This is analogous to having a password or shared secret. The PC cannot attach to the AP without providing the password.
3) When initially configuring the AP you probably were asked for an SSID (Service Set Identifier) which is likely just the name of your network or a name you made up, and to choose a channel (1-6). The AP can be configured to only allow clients (PCs) with the same SSID to associate with the AP which prevents users that don't know the SSID from associating or attaching to the AP. However, Access Points broadcast this SSID (via beacons) to synchronize with the clients. This broadcast or advertisement can be intercepted and the SSID discovered using fairly accessible software programs. Some APs allow these advertisements of the SSID to be turned off. If your AP provides for this you probably want to turn off advertisements of SSID in the beacon.
4) If your home network is presently wired and you store very sensitive information you should not connect the wireless network directly to the wired network but separate them by placing them on separate subnets and placing a firewall between them.
Submitted by: Steve J. of Springfield, Massachusetts USA

**********************************************************************************

Answer:

Answer:
There are many things that need to be done:
1. Change the Wireless Access Point (WAP) default SSID and hide it (for improved traffic performance you should also change the default transmission channel and use another one that?s at least 5 channels away, i.e. if the default channel is 6, change it to either 1 or 11).
2. At a minimum turn WEP on (go with 256-bit encryption if your client PCs can support this level, scale down to 128-bit or 64-bit only if needed). Preferable encryption options would be WPA or 802.1x based approaches, if the rest of your system supports them.
3. Enable NAT and firewall options.
4. Change the WAP?s default SSID to something only you know, and hide it (don?t broadcast it)
5. Do not enable DHCP, use only static IP addresses, which are to be given, to the computers you know will be connecting to the Wireless access point
6. In addition, define the list of MAC addresses that are to be allowed to connect to the WAP (unique IDs for the network adapters used by the PCs that are to be connected to the WAP)
7. Block WAN-side pings and don?t allow WAN side access to the router management port/facilities.
8. Configure each client PC that is to connect to the router to use one of the static IP addresses defined in instruction 5 above
9. Configure each PC wireless card with the WAP SSID and WEP key

That should do it.


Submitted by: Carlos P. of -Nafarrate


**********************************************************************************

Answer:

There are three things you can do when setting up a wireless network that will give you better security. When you setup your wireless access point using the software that the manufacturer provides, set the following options up:

1. Turn off the SSID (network id) broadcast. This is what creates a hotspot and tells wireless users that your network is there. If they can see it and know its name, they are that much closer to accessing it.
2. Turn off DHCP. If your Access Point (AP) provides DHCP (most do), you are giving them an address to your network automatically. With this, they can become a member of your network pretty quickly. This will mean that you have to supply static addresses to all of the wireless systems you plan to use.
3. Turn on WEP (Wireless Equivalent Privacy/Wireless Encryption Protocol). After you turn it on, be sure to select 128-bit strength in the drop down list (usually set to 64-bit by default). You will then need to come up with a good seed value (aka passphrase) to create the key. Once you have a set of keys created, write down the value in Key 1 - this is the default key.
To connect a notebook to your wireless LAN, give it an IP Address in the range that your AP is setup on, provide the WEP key and SSID and you are set. Have fun!



Submitted by: Chris S. of Tucker, GA USA

**********************************************************************************

Answer:

There are 2 primary lines of defense for limiting access to home wireless networks, and I would recommend using BOTH. Your router (I am assuming that you have a router or a combination router/access point) software will have specific instructions for both steps.

1. The first method (and also the easiest to implement) is called restricting access via MAC address. You should limit access to your network to only allow specific PCs based on their MAC address. The MAC address is a unique identifier for each PC/network card combination. Any PC not on your list will not be able to connect to your network.
2. The second involves the use of an encrypted key for those PCs that are on your MAC address list. This is often called WEP (for Wireless Encryption Protection) and typically comes in three levels of encryption (none, 64 bit and 128 bit keys). With most routers, a passkey can be automatically generated. If your wireless cards are from the same manufacturer as your router, they should use the same scheme and you can use the same phrase to generate the passkey. Otherwise you will need to write down the passkey (letter case DOES matter) and enter it for each wireless card (separately, on each PC).
a. While a 128 bit is the preferred option, 64 bit should suffice, given that you have already implemented MAC address security.

Now, give yourself a pat on the back, your wireless network is now pretty secure. Most users do not implement ANY wi-fi security at all.

Make sure that you change the default password on your router and that you also use firewall software, anti-virus software, and one or more spyware removers. Zone Labs (www.zonelabs.com) makes good firewalls, one of them, Zone Alarm is free and provides basic protection; their flagship software, Zone Alarm Pro has more features but has an initial cost plus a yearly renewal fee. However, I still like it better than Norton Internet Security, which is pretty clumsy by comparison.

Cheers,
Submitted by: Tom M.

**********************************************************************************

Answer:

There are several ways to secure a wireless network. How to configure these options varies with the manufacturer, but the names are usually the same.

First and for all solutions, set a password for your router or access point.
The simplest protection is to use a network key, this is a 10 hexadecimal digit password required to connect to your wireless network. All computers connected to it will need this number, so you need a number that can be shared with other users of your network (not a personal password). I use my phone number. You can find more information
here: http://support.dlink.com/faq/view.asp?prod_id=1199

Second easiest way is to disable dynamic DHCP and use static DHCP instead. All computers in a network need a valid IP address to work, which is valid for the access point. Static DHCP means you will manually give an IP address for every computer in the network, tied to its MAC address (the MAC address is a UNIQUE number assigned to your network card or wireless adaptor, meaning no other network card or adaptor can have the same number as yours, its usually printed on a label on it).
More information on this procedure here:
http://support.dlink.com/faq/view.asp?prod_id=1443

Another way, which is not as secure, is to instruct your access point not to broadcast its SSID (the ID for your access point). This means that your access point will be invisible to anyone with wireless connectivity; you will have to manually type the ID in your computers wireless configuration.
You can use any of these methods, or all of them. Id suggest solution # one, but if you want to use more than one, do it one at a time, and making sure the new configuration works before moving on to implement the next one.

Submitted by: J. Santiago S. of Colonia Anzures, Mexico

Collapse -
Other recommendation from our members
by Lee Koo (ADMIN) CNET staff/forum admin / December 8, 2004 2:39 PM PST
Answer:

When using Wireless connections for home use always use the encription options. It might be a good idea as well to somewhat isolate the radio signal that is broadcast by locating the router or modem in the basement when possible. This should allow you full access within the house, but likely will disrupt the signal outside the building. Also always password protect any folders you are shareing to prevent prying eyes.
Surf safe and visit us at www.malwaresheriff.com
Warmly: Mark


Submitted by:

**********************************************************************************

Answer:

Several options are available:
1. Purchase a wi-fi router that has encryption. Motorola have several units that come with software that allow users to configure a password protection.
2. Purchase a router that has a built-in firewall - available from Cisco and Net gear 3. Install a personal firewall on all your computers. If running Win XP it is recommended to disable the OS firewall to prevent conflicts. Also, XP's firewall protects only the download and not the upload data stream.
4. Check CNET's download.com for private users shareware or even freeware.

Good luck!


Submitted by: Shai R.

**********************************************************************************

Answer:

You need to set up the encryption on your wireless router. I suggest Mac Address filtering, as it is by far the most secure. It is a little more time consuming setting this up, but the benefits far out weigh the time it takes to set this up. You will need to enter the PCI or PCMCIA card numbers for each computer that you want to have access to your network. Every card has it's own unique number on it, which makes it more difficult for anyone to hack. If someone tries to go into your network and they don't have the correct key (card number) no luck for them.
Of course there's always WEP (64,128) and WPA (256) encryption, if you don't want to set up Mac Address filtering. These are just not as secure as the Mac Address filtering, but will suffice. And always have a good firewall setup on your system.


Submitted by: Wanda R.

**********************************************************************************

Answer:

Hi Guys,
I'm in School right now taking Computer Networking. With what I've learned thus far,I feel that You can never be a 1000% sure. Even if your the United States Government and all Your Data is Encrypted there is still a certain percentage of volnerability. Anything thats Man made can be defeated it you know how it works. Fortuanately the people with the Smarts & Abilities to do yhis are few and far between. What I've personally been using at Home and in School is a program called "ZONE ALARM". I've only had it now for a few weeks but I like the results. Its very user friendly and easy to install. Your able to adjust the strength of protection amoung other attributes. It has a One Month FREE TRIAL to see how you like it which is really nice. I "HIGHLY RECOMMEND" givivg it a try. I Mean, What do your have to Lose?, Other than The Bad Guys..... Go to Zone Alarm.com and protect yourself. I hope you enjoy the program as much as I do.

"STAY PROTECTED"



Submitted by:RICH C.

**********************************************************************************

Answer:

am in the process of setting up my wireless network at home. How can I be sure no one taps into it?"

Make sure that your wireless connection to the Internet -- your cable or DSL modem (commonly called a gateway) -- comes with a firewall built in. Mine -- manufactured by Netgear -- is configurable so that I can actually block the wireless connection completely, and then allow connections only by specific devices based on their MAC address. For example, the laptop I carry on the road has a MAC address if 00:90:4b:92:44:c1, and I allow it to access my wireless network at home. By restricting access to only the devices in your home network, you effectively keep everyone else out.

If your gateway doesn't come with a firewall -- get one. I like Symantec's, but there are several that are pretty good.


Submitted by: Eric P.

**********************************************************************************

Answer:

Aside from the obvious actions, such as to turn on the security features of the equipment and use them
(Especially WPA, which is pretty good security and easy to set up), I?d advise using some if the antenna-hacks
Advice you can find (e.g. in the book wireless Hacks) to make the antenna?s a bit more directional, so they point INWARDS
and less signal goes out to public access areas. I?d then take a WLAN-capable notebook, and do a tour round the property to see
that public access areas get lousy signal. So, potential intruders will see lousy signal+security enabled network, and go elsewhere.
Finally, most home routers have management pages allowing to limit which computers can join, and tracking activity ? these are well
worth monitoring periodically.

Submitted by: Michael O.

**********************************************************************************

Answer:

use Trend Micro PC-Cillan 2005 - it has a wirelss detection facility apart from Anti Virus - Spyware & Spam [ all-in-one ]..

we have operated wireless on our premises for some time - & just recently installed PC-Cillan 2005 - & WOW !! up comes a message showing the various wireless connections !! detected - we checked them & sure enough " a stray one found " !!!

a neighbour bought a new notebook & found a default wireless connection !!

Good luck

Submitted by: Bobmac
Collapse -
Re: Other recommendation from our members
by Thajenius / December 9, 2004 10:40 PM PST

Mac address filtering can easily be broken by someone sniffing a cards macaddress that already has access to the wireless network, and spoofing it. Changing the SSID and turning off broadcast will help, but all someone has to do is capture network traffic from your laptop to the router to obtain it. And WEP is nice, but with enough captured packets it can be easily and quickly broken. Your best defense is to utilize strong VPN software or hardware over wireless. VPN can be broken but not as easy as the other measures mentioned above.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by jamesvictor2 / December 9, 2004 7:22 PM PST

I was happy to see the question and answer, as I have been thinking about wireless networking. For a novice, however, where do you find the information on how to make sure the device knows the ID and how do you encrypt information?

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Jay / December 9, 2004 10:52 PM PST

Both are dependent upon the make/model of your router. Normally you manage the router through a web browser interface and somewhere there will be a menu option to enable encryption/set keys and to add MAC addresses. On your wireless card you pull up the properties and there should be a tab for the wireless settings.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by iamanerd / December 10, 2004 1:35 AM PST

James hi,

One of the best place to find what you need to know is right on the internet from you Web Browser of choice. Simply go to Google, Yahoo or other search engine site and type in your topic, such as "Wireless networking" or "How do I get Connected with Wireless".

If you do not wish to learn how to do it yourself. There are numerous Techs out there for a few dollars can setup your network and secure it. At the same time they can give your PC a checkup and get all the spyware/adware off.

hope this helps

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Night Man / December 10, 2004 5:53 PM PST

HI James,
once you get an access point you enter it through web, and the way to access is in the Manual, and the SSID not ID and the encryption is also in the access point menu once you access it through web.
and you can know if two access points can access each other, if you were on the same subnet you can ping them both when one of them is on the connected to your pc by lan.
and just in case you could not get to set it up try reading the manual if it does not work e-mail me on tearfulsmile@hotmail.com or post a message here and i will be glad to help you.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by trigonum / December 13, 2004 12:51 PM PST

Hi James,
The Linksys router and most routers, come with an installation disk. Turn off the SSID because it may broadcast and leave you wide open. I also renamed my network, instead of the one the install disk came with. Basically, it closes the door. The install disk will come w/encryption or you can use your own. If you make up your own encryption, be sure to write it down or store it in a safe place. I'm laying in bed right now w/my laptop, online, wireless. It's great! I can go just about anywhere in the house and be online! You're gonna love it once you get your router. I'm cable connected, so it's even better. As a home user, I don't really have anything a hacker would want & they would have to be parked outside in the cold trying to what? tap into my home network? Norton firewall keeps a lot of junk out & Lavasoft AdAware hunts down spyware so, if you're up on your protection/maintenance, you'll be pretty safe. Of course, if someone really wanted to go all out, they could hack into any network anywhere in the world. Don't worry, be Happy!
Enjoy

Collapse -
Help, can't find signal now that I turned of SSID broadcast
by leannedao1 / December 14, 2004 10:24 AM PST

OK, I turned off the SSID broadcast.
I use WinXP Home and a USB wireless adapter. I usually click on the wireless networks icon, then slect the signal that is mine (there are 3 other neighbors signals avail)to get on the internet.

Now my signal does not show up. So how do I get on? Is there another way?

L.

Collapse -
Turning off SSID broadcast and turning on WEP
by rcpatel79 / February 22, 2005 11:49 AM PST

My laptop cannot find signal to my wireless router if i turn off SSID broadcast or turn on WEP. If I undo both, the connection is detected fine.

I am using Windows XP Professional with a Wireless PC card. My signal does show up on the list but when I select it, it says "Scanning" and the status says that no wireless network connection is available.

Does anyone have any suggestions/solutions to this???

Collapse -
Re: 12/10/04 Stay out of my wireless network
by ParMan60 / December 9, 2004 7:58 PM PST

Very good message. Its very important for someone to protect their wireless connection. Never know when someone will take advantage of the network.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by prmath / December 9, 2004 7:59 PM PST

Melanie, I work for Ma Bell as an ADSL Tech. Remember
these 3 words. SECURITY SECURITY SECURITY !!!!!
Many days as I ride around doing my job, I will notice
an alert ping when my laptop locks onto a stray
signal. If this signal IS NOT properly secured, guess
what? Yep, I CAN stop and surf on this stray signal.
I would never do anything except check weather alerts but this little hint should open your little eyes to
what the bad-guys CAN AND WILL do.
Take care and may GOD bless, PRM................Fla

Collapse -
Re: 12/10/04 Stay out of my wireless network
by sagrant / December 9, 2004 8:05 PM PST

The intent of the response is good, however, for those of us who are not familiar with the terminology used in this response...please enlighten us as to the following:

network identification (usually SSID) - Where do I obtain this ID.


encrypt the traffic - how do I do this?

Log in restrictions - is this somethin that is part of the software that comes with say a wireless router?

be sure when you connect you are connecting to your secured wireless network, not your neighbors which isn't secured - how do I check this?

Just curious as to how I can protect my information.

Thank you.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by MAUGER / December 9, 2004 8:45 PM PST

I work in Fredericton NB, Canada where there is a free, city-run wireless network called fred-ezone (www.fred-ezone.ca) . As I move arround the city, my laptop will sometimes jump from the zone onto someone elses network. Am I doing something wrong(not ethical) by surfing on another signal, or is it their problem for not setting up the router properly? Do I have to constantly check to see what network I am on?

Collapse -
Re: 12/10/04 Stay out of my wireless network
by FH / December 9, 2004 8:53 PM PST

A bit off topic, but in relation to not inadvertantly logging on to a neighbor's network, how do you set your laptop / pc to ignore a neighbor's network?

My pc sees both my network as well as the neighbor's, and even though I set my network as primary, it still trys to attach to the neighbor's. Additionally, the connection to my network has to be "repaired" quite often just to connect. I am guessing that this is due to a conflict on which network to connect to?

FH

Collapse -
Re: 12/10/04 Stay out of my wireless network
by WillRoberts / December 9, 2004 10:03 PM PST

Wow! What a lot of useful replies. So how do I find out what the MAC address is? I can't find anything in XP which will tell me.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by becreated / December 9, 2004 10:48 PM PST

If you want to find out the MAC address then run DOS PROMPT (click start -> run... -> cmd) and type the following: ipconfig /all
You will see the message shows:
Physical Address........: 00-08-74-xx-xx-xx
That is your MAC address.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by aubailey / December 9, 2004 10:51 PM PST

I guess the answer was appropriate, but as with so many computer chat areas the person giving the answer thinks everyone is a computer savvy as they are. What is wrong with a short step by step instruction as to how to perform all the items that they mention. For example how to find the SSID, how to change it, etc.

Thanks

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Silver Leaf / December 10, 2004 1:38 AM PST

Aubailey: You must have been reading my mind, Scary.This is probably one of the few forms I read a lot and find extremely useful help. But this one on wireless, I thought HUH! What did they say to do? Granted, if one doesn't understand what to do, they shouldn't be doing it. But it would be a great help, if those of you who know how to provide such direction to do so.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by ps4u / December 10, 2004 4:08 AM PST

Guys,
Please remember that each router, operating system, wireless device, and software firewall has different screens and kestrokes required. They would each require a different set of detailed step by step instructions. Way too much to expect from a forum. How about writing you equipment and software vendors and beat them up for not providing those easy instructions with their products.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Big_Owl55 / December 10, 2004 4:07 AM PST

Your question is valid. However, in the case of setting up routers and other wireless devices, the set up steps will be different for various brands and types of devices. I use a linksys router that has a user interface than a Motorola or brand of the same type of device.

So in tendering some very good advice, many of the people responding have had to give somewhat generic suggestions, especially since the original question didn't specify a particular brand or model of wireless access device. The information on setting up SSIDs, WEP (or WPA) and using MAC or IP addressing schemes is all valid and in many cases your device's documentation will tell you how to implement the suggested changes. I've maintained computers since 1975 and I always have my documentation at hand. (If all else fails - read the book) Most of the new goodies you buy now include user documentation on the installation CD.

I hope this addresses your concerns - the advice is good but you'll have to dig out the particulars for the specific products you are using. I've pulled some real good info from forums like this - you could always post a question with specifics on what equipment you're trying to configure and what you want to do with it. Remember that the Operating System and and hardware used will make a difference in the specific step-by-step instructions, so be sure to provide all the information, even if you're not sure if it matters.

Good luck,

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Foggy / December 10, 2004 1:27 AM PST

I didn't go through all of the other offers of advice so I don't know if someone has already mentioned something that was posted on CNET a couple of months ago. Most of us have an older pentium computer hanging around in a closet or in down in the basement and the idea present by CNET was to convert the old computer into a firewall between the outside and ones broadband wireless connection. After a special program was installed on the old computer's hard drive(from CNET) and two ethernet cards are installed, the in coming boardband cable is run into the old computer and then out to the modem and then into the wireless router.

So in addition to ones router and a firewall/antivirus, the old computer acts as an additional buffer to your internal wireless network. I haven't as of yet set up the system myself, but I'm in the process of trying to revive an old Pentium 133 with a 3.2 gig hard drive for that purpose otherwise I would have to use one of my old 233s that are still in use in my basement or my barn.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by pelletp / December 10, 2004 1:30 AM PST

In addition of MAC address filtering, it usually a good idea to hide the name of your network. In this way, tha kacker on the street won't even see your wireless network.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by virtualcharlie / December 10, 2004 2:22 AM PST

We have wireless at the house and noting is encrypted or blocked. I suppose that somebody could park outside and borrow some bandwidth but that wouldn't bother me. They would find it much easier to get a free wireless connection at about a half dozen coffee houses that are within a ten minute drive of my house.

We treat all connections to our personal computers as if they were from the world at large. Our computers are blocked from wireless and wired network attacks. About the most damaging thing a casual cracker could do is use up all the paper in my printer. A dedicated and resourceful cracker could do all sorts of damage. I'm not sure that wireless would make the job any easier.

Leaving things open is was personal decision. Folks stop by the house on a regular basis to collaborate on this and that. I've found it convenient to just let them connect instead of having to set up unique accounts.

By the way, when we lived in Copenhagen, we were next to the biggest park in that part of Europe. I rigged up a cantenna that gave myself and other park users Internet access. Never had a problem. http://www.turnpoint.net/wireless/cantennahowto.html

Collapse -
Re: 12/10/04 Stay out of my wireless network
by mszeliga / December 12, 2004 5:30 AM PST

Hmmm... I do not like this approch to the problem, this is how things should work in a perfect world. This world is however not perfect and criminals do use the Internet.
If someone misuses a wireless network (for hacking, spamming or up- or downloading child pornography) the owner of the wireless access point (WAP) will be the first (and main) suspect. The crime will be traced back at IP level to the Internet router of the owner of the wireless access point and it can't be traced to any particular computer behind the router unless the Internet router is managed by the ISP and worse yet the wap is (or at least may be) another router.

Do you need a visit from the FBI at 4 a.m. ?
I don't.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by AmberAA1 / December 10, 2004 3:55 AM PST

I recently went through the same questions in my head when I made my notebook wireless. One thing I am so glad I did was buy a Linksys router. It configured everything for me and encrypted it. I even borrowed a friends notebook and brought it into the house to see if I could invade my own connection. I couldn't even find it.

Collapse -
Re: 12/10/04 Stay out of my wireless network
by Myingan / December 13, 2004 3:22 AM PST

Did you encrypt yours from the start or can I go back & change those settings? I have a linksys also & am having troubles with it & my cable modem. I'm the only one who uses both computers (laptop, wireless, Desktop,cable internet) So do I still need to change my settings?

Collapse -
Re: 12/10/04 Stay out of my wireless network
by cardinal_33 / December 10, 2004 4:33 AM PST

Does the MicroSoft firewall monitor incoming and out going ??

Collapse -
Firewalls are not all equal...
by salish / December 21, 2004 11:46 PM PST

The short answer to your question is "no". Nor does Norton. I recently bagged Norton and went to Trend Micro's PC-Cillin after reading a CNet editor's review of available virus, etc protection packages. Regards, Don Dubay

Collapse -
Re: 12/10/04 Stay out of my wireless network
by terrysil / December 10, 2004 4:40 AM PST

good answer as far as it goes, but for us unsavy people our here, how exactly do you do everything that you describe in the answer. For example, how do I do this
"Start with the network identification (usually SSID). Each device connected to the wireless network needs the ID, but the device should know the ID, rather than have to retrieve it from the wireless router. Change the default name, encrypt it if your router and wireless devices allow, and turn off the feature that broadcasts the ID.


then how do i do this?

"Next, encrypt the traffic that flows between your computer and the wireless router. This prevents someone gaining access to private information such as accounts, passwords, credit card numbers and the like, simply by 'overhearing' your transmission. Choose a complicated, unguessable encryption string.

and finally, how do i do this?
"Finally, take advantage of log in restrictions if your router supports them. Every network device - not just wireless - is identified by a unique number known as the MAC address or physical address, usually 6 pairs of numerals and letters (actually hexadecimal numbers). Some routers can be set to allow connections only from devices whose MAC addresses are stored in their memory.?

your assistance is appreciated, as i have a home network that is unprotected.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

HOLIDAY GIFT GUIDE 2017

Cameras that make great holiday gifts

Let them start the new year with a step up in photo and video quality from a phone.