Home Wireless Network Question (WLAN)... Log Out | Lost Password? | Topics | Search
Contact | Register | My Profile | SO home | MOL home

M-SO Message Board » Technology & The Internet » Archive through February 17, 2006 » Home Wireless Network Question (WLAN) « Previous Next »

  Thread Originator Last Poster Posts Pages Last Post
  ClosedClosed: New threads not accepted on this page          

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Smarty Jones
Citizen
Username: Birdstone

Post Number: 283
Registered: 10-2005
Posted on Tuesday, January 31, 2006 - 12:07 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

We have a household wireless network, using Netgear equipment/card, and a Microsoft Windows software (allowing MS Windows to manage the connections).

It's unsecure, because we didn't think we'd need it. But I've noticed that my computer picks up 6 networks around us (4 secure, 2 unsecure) and now I'm starting to think otherwise. Also, on one of our laptops, AOL logs itself off every 20 minutes or so, saying something about "network not available"

Are these issues linked at all? Is securing our network important? Can somebody provide guidance on how to do so?

Thanks
Top of pagePrevious messageNext messageBottom of page Link to this message

Tom Reingold
Supporter
Username: Noglider

Post Number: 12224
Registered: 1-2003


Posted on Tuesday, January 31, 2006 - 12:19 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

They might be related, but I can't think of how, right off the bat.

It's probably worthwhile securing your network. Why provide your neighbors free access?

Read the manual for your router. The administrative interface is through your web browser.

Your router probably broadcasts its SSID. This is a name. Change the name, and stop broadcasting.

Your router can probably also control which computers can access it over wireless. I recommend using this feature. You need to find the MAC addresses of all your computers. MAC stands for Media Access Control. It's just a serial number embedded in the network interface. If you are running Windows, start a command prompt window and type "ipconfig /all" and notice the "physical address" of the wireless interface. Enter all the addresses into the list of allowed systems.

Change the administrative password for the router.

You may also want to enable encryption, as a belt-and-suspenders approach. That makes it even harder for a casual passer-by to use your network, but still not impossible. Write back if you want details on how to do it.

"This is the only thing my signature says."
Top of pagePrevious messageNext messageBottom of page Link to this message

Smarty Jones
Citizen
Username: Birdstone

Post Number: 285
Registered: 10-2005
Posted on Tuesday, January 31, 2006 - 12:22 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

So I can authorize the Hardware piece (what you are calling the router) that my DSL line plugs into, to be Named, and then also only to talk to the Laptops we authorize? Occasionaly family members visit with their Laptops, would they be precluded from accessing our network when they visit?

Thanks Tom
Top of pagePrevious messageNext messageBottom of page Link to this message

Tom Reingold
Supporter
Username: Noglider

Post Number: 12227
Registered: 1-2003


Posted on Tuesday, January 31, 2006 - 12:30 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Well, your router cannot distinguish between your relatives and your neighbors, so you have to let them all in or none. But when your relatives visit, you can ascertain their computers' MAC addresses and enter them into your router. You'll only have to do that on their first visit.

The answer to your first question is yes.

"This is the only thing my signature says."
Top of pagePrevious messageNext messageBottom of page Link to this message

argon_smythe
Citizen
Username: Argon_smythe

Post Number: 752
Registered: 5-2001
Posted on Tuesday, January 31, 2006 - 1:37 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Don't worry about how many other networks you can see. Worry about who can see your network. Change your SSID and then turn off SSID broadcasting on the router. Nobody will see your network pop up on their lists.

Check your wireless client connections every so often too. You will see a new, unknown entry if somebody has made a connection to your router.

I also suggest limiting connections to known MAC addresses as Tom suggests above.

WEP encryption is, in my opinion, a PITA to deal with and overkill for most suburban home applications.

Top of pagePrevious messageNext messageBottom of page Link to this message

Smarty Jones
Citizen
Username: Birdstone

Post Number: 288
Registered: 10-2005
Posted on Tuesday, January 31, 2006 - 2:20 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Ok...my router was a 2nd hand gift, so I have no instructions, manuals or understanding of how to do this. Am I better off buying a new one and starting from scratch? If so, any suggestions for light home use?

If not, is there an on-line resource that can walk me through this?
Top of pagePrevious messageNext messageBottom of page Link to this message

Eponymous
Citizen
Username: Eponymous

Post Number: 47
Registered: 6-2004
Posted on Tuesday, January 31, 2006 - 3:00 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

SJ,

Surely the router's manufacturer will have an on-line manual for the downloading. Most (all?) of them use a web interface, and you can probably google the appropriate address to access it too.

I'm with argon, go with MAC and forget WEP. The dedicated hacker can easily get through that anyway and the casual one will be stopped by the MAC requirement.

At least change the admin password on it.

OTOH, you probably wouldn't notice your neighbors using your connection, unless they're huge downloaders. Up to you of course. I once picked up three different signals parked in a spot in town. At least one was not locking guests out.
Top of pagePrevious messageNext messageBottom of page Link to this message

SOSully
Citizen
Username: Sullymw

Post Number: 1136
Registered: 5-2001


Posted on Thursday, February 2, 2006 - 10:23 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

send me make/model and I'll try to find you a link to the manual
Top of pagePrevious messageNext messageBottom of page Link to this message

monster
Supporter
Username: Monster

Post Number: 2005
Registered: 7-2002


Posted on Thursday, February 2, 2006 - 11:31 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

If you need the default admin user/password info, there are lists all over the internet
http://www.governmentsecurity.org/articles/DefaultLoginsandPasswordsforNetworked Devices.php
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro

Post Number: 2298
Registered: 5-2004


Posted on Friday, February 3, 2006 - 10:28 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

MAC filtering and WEP encryption accomplish two different things. MAC filtering prevents certain devices from actually using your network. But WEP encryption (and WPA) prevent someone from intercepting your connection and seeing what you do.

You should do both WPA (or WEP) and MAC filtering. That way no one can get onto your network to use it, and they can't "tap" your connection.
Top of pagePrevious messageNext messageBottom of page Link to this message

Eponymous
Citizen
Username: Eponymous

Post Number: 59
Registered: 6-2004
Posted on Friday, February 3, 2006 - 10:58 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Rastro,

WEP requires a password, so it also prevents users from using your network, just as MAC filtering does.

Breaking WPA and WEP are fairly easy to do for eavesdroppers. Just Google "hack wep" vel sim.

Since it imposes a cpu burden (to encrypt and decrypt), I usually don't recommend it. Serious hackers will just get around it no matter what anyway.
Top of pagePrevious messageNext messageBottom of page Link to this message

Rastro
Citizen
Username: Rastro

Post Number: 2300
Registered: 5-2004


Posted on Friday, February 3, 2006 - 11:59 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

MAC filering, however, does not precvent someone from eavesdeopping on your connection. All it does is prevent someone else from using your access point. It does not prevent them from intecepting the cleartext transmission between your laptop and the access point/router.

I know WEP is about as tough to crack as a peanut shell. But I have not heard of complex passphrases being cracked in WPA. Short ones? Yep. But not those with any complexity to them.

I do agree that WPA can accomplish (sort of) the same thing that MAC filtering can. To me, the downside of MAC filtering is that if you bring home a laptop from work, you need to log into the router to allow it. Same if a friend comes over with their computer. But I do it anyway.

I have not really noticed the overhead of WPA with a modern processor, but as always, YMMV.
Top of pagePrevious messageNext messageBottom of page Link to this message

SOSully
Citizen
Username: Sullymw

Post Number: 1147
Registered: 5-2001


Posted on Friday, February 3, 2006 - 12:11 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

yes, I gave up on MAC filtering because of what Rastro said above. In our quiet little neighborhoods do we really have more to fear than someone just hijacking our internet service for free? The risk is minimal, imo. I use 128-bit WEP and don't broadcast my SSID. That is going to be sufficient 99.9% of the time. Good enough odds for me.
Top of pagePrevious messageNext messageBottom of page Link to this message

Tom Reingold
Supporter
Username: Noglider

Post Number: 12303
Registered: 1-2003


Posted on Friday, February 3, 2006 - 12:47 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

I'm with you SOSully, but I gave up on WEP, not MAC filtering. I bought a couple of wireless adaptors that should be able to handle WEP but don't. Or I haven't figured out how. So I'm just using MAC filtering and have decided I feel safe enough.
Top of pagePrevious messageNext messageBottom of page Link to this message

Eponymous
Citizen
Username: Eponymous

Post Number: 61
Registered: 6-2004
Posted on Saturday, February 4, 2006 - 12:22 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

SOSully,

I don't understand the logic there. You're not worried about people stealing your internet service, but you are concerned that they're eavesdropping on it? I think you've got the relative risks backward. And again, I would suggest that anyone intent on eavesdropping is going to get the hacker software to break WEP. If that's your neighber, they'll have plenty of time to collect packets to do it with.

Rastro,
Sure, modern processors shouldn't really show much of a load, but every little bit sucks that much more life out of my battery, which means I have to get off the couch sooner.

I just don't think it's worth it.

Oh, another thing to try (and it's fun too) is to put a parabolic reflector on your router's antenna to direct the signal in one direction, thus cutting it out from the other. If you have the router on one side of your house, you could, for example, significantly decrease the signal strength going out your wall. If your router has two antennas, you can effectively point them both. I tried it with my brother's set-up, and we got much better reception at the other end of the house:

http://www.freeantennas.com/projects/template/

Some cardboard, glue and aluminum foil did it for us.
Top of pagePrevious messageNext messageBottom of page Link to this message

SOSully
Citizen
Username: Sullymw

Post Number: 1148
Registered: 5-2001


Posted on Sunday, February 5, 2006 - 12:47 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

no, I think you misunderstand what I said.
Top of pagePrevious messageNext messageBottom of page Link to this message

TarPit Coder
Citizen
Username: Tarpitcoder

Post Number: 23
Registered: 12-2004
Posted on Tuesday, February 7, 2006 - 9:12 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Wasn't the original weakness with WEP that the Initialization Vector sucked? I seem to recall that's what they fixed with WPA in it's most common incarnations - but the PSK bit sucks too...

I always used to leave my wireless (With WEP and MAC address locked down) turned off back in Boston unless I was using it.

Down here everyones so nice we leave it on (With 128 bit WEP) - and I can see about 10 other networks from here too - lots wide open with default SSID's!

I haven't thrown all the MAC addresses in yet - but I should.

I've always personally felt that the wireless stuff is best thought of as hanging your ethernet out the window for anyone to jump on. It's just too easy to find script-kiddie toys for cracking it unless you get serious and use 802.1x and a RADIUS box.

If your gonna go to that effort, you may as well just setup SSH and use SSH tunnels between everything like you would for the internet.

Just my $0.02 worth.
Top of pagePrevious messageNext messageBottom of page Link to this message

monster
Supporter
Username: Monster

Post Number: 2038
Registered: 7-2002


Posted on Tuesday, February 7, 2006 - 11:07 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

For the most part, I've always just let it all hang out, but I do keep a sniffer running to detect outside wireless, this way I can shut it down if I feel the need.
A couple of years ago my daughter was having an after school class at the high school, I used to set out on Academy street and leech off of someones wireless, I had a couple to choose from.
Driving down Parker Ave. once, I recorded quite a few wireless networks, many of which were wide open, some hadn't even changed the default admin access to the router, which is where that list above comes in handy (if one were so inclined), I just used it to check if it had been changed.
I took this adventure a bit further and drove around town, and I have to say that easy access is everywhere....
Top of pagePrevious messageNext messageBottom of page Link to this message

SOSully
Citizen
Username: Sullymw

Post Number: 1152
Registered: 5-2001


Posted on Tuesday, February 7, 2006 - 11:10 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

yes, the average users finds wireless security difficult to understand and set up.
Top of pagePrevious messageNext messageBottom of page Link to this message

Tom Reingold
Supporter
Username: Noglider

Post Number: 12353
Registered: 1-2003


Posted on Tuesday, February 7, 2006 - 11:11 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

The manufacturers should figure out a way to make it easy to set up while not leaving the router open to strangers.

monster, what sniffer do you use?
Top of pagePrevious messageNext messageBottom of page Link to this message

monster
Supporter
Username: Monster

Post Number: 2040
Registered: 7-2002


Posted on Tuesday, February 7, 2006 - 12:09 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Macstumbler & KisMac are what I generally run to detect wireless signals

You might want to look at ettercap
Ethereal for OS X
and then there is Snort for OS X, One could use HenWen for this,
Top of pagePrevious messageNext messageBottom of page Link to this message

Smarty Jones
Citizen
Username: Birdstone

Post Number: 342
Registered: 10-2005
Posted on Sunday, February 12, 2006 - 1:40 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

With the snowstorm, I finally am getting achangce to try and do this, and I've got a few basic questions....

Tom, in your earlier post you suggested I open a "Command Prompt and type "ipconfig /all". How do I open a command prompt in XP?

Is the router the box that the DSL comes into, or is the router the box that DSL plugs into, and rebroadcasts wireless signals?

Argon, how do I rename the SSID on my router? Is it a software I launch that should have come with the router?

I have a verizon provided Westin DSL router, that plugs into a Belkin wireless broadcasting antenna.
Top of pagePrevious messageNext messageBottom of page Link to this message

Bailey
Citizen
Username: Baileymac

Post Number: 168
Registered: 3-2005
Posted on Sunday, February 12, 2006 - 1:59 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

you can get to the command prompt window easily.
Click Start
Click Run
Type cmd or command
You'll have a Dos looking window open, then type ipconfig/all

DSL phone line goes into a modem, then you plug the router into the modem.
Top of pagePrevious messageNext messageBottom of page Link to this message

Case
Citizen
Username: Case

Post Number: 1118
Registered: 2-2005
Posted on Sunday, February 12, 2006 - 2:39 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

I'm bored, so I just sent you a private message with my phone number - we can discuss this.

If you don't get it, email me at divemaster@optonline.net
Top of pagePrevious messageNext messageBottom of page Link to this message

kevin
Citizen
Username: Eloso

Post Number: 85
Registered: 12-2004


Posted on Tuesday, February 14, 2006 - 10:06 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

SoSully,
When you get subpoenaed by the MPAA because your neighbors kid is hosting 1000 MP3s, you will wish you had set up MAC filtering.
P.S. normally I don't worry about setting up WEP because any information that I don't want people to sniff is encrypted by the browser in SSL.

Kevin
Top of pagePrevious messageNext messageBottom of page Link to this message

SOSully
Citizen
Username: Sullymw

Post Number: 1157
Registered: 5-2001


Posted on Tuesday, February 14, 2006 - 10:48 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

I stand by what I said. If I don't broadcast my SSID, the neighbor's kid is going to move in on the myriad of completely unprotected wireless networks in the area. There are plenty of those

Topics | Last Day | Last Week | Tree View | Search | User List | Help/Instructions | Credits Administration