View Single Post
Old 09-16-2004, 01:07 PM   #15 (permalink)
Mephisto2
Junkie
 
Quote:
Originally Posted by MahlerIsGod
I am sorry so please forgive my ignorance but I wouldn't have the first clue as how to access my router. Using a browser or otherwise.
Go to Start, Run, and type "CMD" in the window that appears.

Another black "command line" Window opens.

Type "IPCONFIG" and hit return

You should get something like the following:

Code:
Windows IP Configuration


Ethernet adapter Wireless Network:

        Connection-specific DNS Suffix  . : linksys
        IP Address. . . . . . . . . . . . : 192.168.1.101
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
This means that your Access Point has given your computer the IP address 192.168.1.101

The Default Gateway is the IP address of your Access Point in this case. In other words, the Access Point has the IP address of 192.168.1.1

Note, these are the default values. It is possible that the Default Gateway IP address you show may be different from that above (but not likely).

Anyway, the next step is to open a Web browser and connect to the Access Point.

Open a standard Internet Explorer window.

In the address bar, type in "168.192.1.1" and hit enter.

A window will appear asking you for a User name and a Password.

Type in "admin" for both values (username and password) and hit enter.

Next, your Internet Explorer window will change and show you the Access Point's web-page.

Voila!! You have now logged on to your router.


In the top right hand corner, you will see what version of code you are using. With any luck it will be version 1.5 or higher. Ideally, it should be 1.50.14. I can give you step by step instructions on how to upgrade this is you want.

There are some basic security settings you should change, if you haven't done so already.


Near the top of the window, you will see a list of words in white text. They will be something along the lines of SETUP - WIRELESS - SECURITY - ACCESS RESTRICTIONS - APPLICATIONS & GAMING - ADMINISTRATION -STATUS

Click on the WIRELESS link.
Now, a "sub menu" (just below the original list of links) appears. This should show some links along the lines of Basic Wireless Settings - Wireless Security - Wireless Network Access - Advanced Wireless Security

You can now change your wireless settings.

My recommendation is that you follow these Security settings:

1 - Enable WPA if at all possible
Background
WPA (WiFi Protected Access) greatly increases WLAN security. It introduces several new enhancements, including TKIP (Temporal Key Integrity Protocol) that mitigates against so-called AirSnort or Wardriving attacks, and MIC (Message Integrity Check) that protects against Man in the Middle attacks. It also increases the WEP Initialization Vector from 24bits to 48bits, which is a huge improvement, as this makes the statistical likelihood of a weak IV being captured much lower. Finally, WPA introduces a dynamic key management feature, which allows for regular and automatic regeneration of WEP keys.
Implementation
WPA for most home wireless kit will run in WPA-PSK mode. The PSK stands for Pre Shared Key. This is effectively a password that you enter in your Access Point and your client that is used to independently generate new WEP keys on a regular basis. Ensure your passphrase is at least 20 characters long!
Caveats
Not all Access Points support WPA. This is unfortunate, but is not the end of the world.



2 - Change default SSID
Background
SSID (Service Set Identifier) can be considered analogous to a network name. All Access Points come "out of the box" with a default SSID. Every hacker worth his salt will know the most common SSIDs. Common examples are "Linksys" (for Linksys kit), "Netgear" (for Netgear kit), "Tsunami" (for Cisco kit) etc.
Implementation
Change the SSID to something more appropriate to you. Your name, favourite band, pet... whatever. Just don't use the default.
Caveats
None. There is no reason this should not be done.



3 - Disable SSID Broadcast
Background
SSID (Service Set Identifier) can be considered analogous to a network name. Most Access Points "broadcast" this by default. That is, they advertise the SSID to any listening client devices. This is fine for enterprise networks or "hotspots", but there is no reason to advertise your network to your neighbours. You will know the SSID anyway (see above), so you don't need to broadcast it.
Implementation
Different for all manufactures, but it should be pretty obvious. Just look for "SSID Broadcast" and disable it.
Caveats
This should not be considered a security improvement, as it's still possible to ascertain the SSID of a network that is not broadcasting, but it IS best practice. Just do it.



4 - Enable MAC filtering
Background
All Ethernet devices, including WLAN interfaces, have a MAC address. This is a 6-byte hexadecimal address that a manufacturer assigns to the Ethernet controller for a port. MAC addresses are "lower level" that IP addresses and are used on the Data layer. You can setup your Access Point to only allow certain MAC addresses (ie, certain devices) use your WLAN. In other words, you configure it to only allow your computer (laptop, sister/brother's etc) to associate to the WLAN. This will prevent unwanted visitors from hitching a free ride...
Implementation
Search for MAC Filter in your Access Point config guide. You will have to go to each computer you will use on your WLAN and note down their MAC address. Make sure you note down the WIRELESS adaptor, and not the wired network card! It's a bit tedious (as a MAC address is a long sting of hex), but it's worth it.
Caveats
Not entirely foolproof, as experienced hackers can spoof MAC addresses. But it certainly adds greatly to security.



5 - Turn down transmit power
Background
Most Access Points can transmit at up to 100mW; some even more. Why bother covering more area that you need? There's no point is offering temptation to the people across the street, so you should turn down your transmit power to the lowest level that sufficiently covers your house/apartment.
Implementation
Different for every manufacturer. Check your user guide.
Caveats
You may need some tweaking to get it right. If you do, then congratulations. You just carried out what is called a "Site Survey" in the industry. Soon, you'll be doing this for a living!


IF YOU WANT STEP BY STEP INSTRUCTIONS FOR THESE, PLEASE ASK




Quote:
Next, who, then, do I began "broadcasting" in Wi-Fi?
Well, you don't broadcast WiFi. It's just a name. You're already WiFi.

Quote:
I have been using this device:
http://www.linksys.com/products/prod...id=36&prid=435

If I am Wi-Fi compliant can I simply attach this device to computer and proceed that way:
http://www.linksys.com/products/prod...id=36&prid=578
Well, you could but you would not get any faster speed. The 802.11g standard is compatible with 802.11b (which is what your Access Point is using), but you won't get the higher speeds that 802.11g introduces. This is because the 802.11g adaptors "drops down" to the 802.11b speed. Effectively, you can only go as fast as the slowest part of your network.


Quote:
Thanks again, everyone, for the help, info and suggestions. Much appreciated.
No problem. Please continue to post and I'll continue to help if I can.

Quote:
P.S. Why Wi-Fi? Wi-Fi greater speeds and greater range of reception. I am two floors away from the router and I get, at best, 250kbs download speed. I play a lot of online games (Galaxies, WoW, etc.) and think this would help out immensely. Thanks
Well, the wireless network is probably not your bottle-neck. 250kbs sounds about right for an ADSL broadband connection. What kind of broadband link do you have? Have you measured the speed when you connect your laptop [i]directly[/b] to the BEFW11S4?

Please also note that WiFi does NOT offer any higher speeds or throughput than "standard" 802.11b or 802.11g or 802.11a. It's just a marketing and inter-operability term.

Hope this is of some help. Feel free to ask more questions.


Mr Mephisto

Last edited by Mephisto2; 09-16-2004 at 01:18 PM..
Mephisto2 is offline  
 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360