How Do You Secure Your Network?

-> Dlink Pre-N router.
-> WPA-PSK with AES with unique password (number/letters/special chars).
-> Changed SSID name.
-> SSID broadcast enabled. (Some laptops in my house have issues connecting if not broadcasting)
-> Changed router admin password.
-> Enabled DHCP MAC filtering and only allowed 6 devices that have been configured for receiving an IP address. Anything else that tries to connect will never be able to, until I allow another IP to get assigned.
-> Separate s/w firewall running on all PC's with username/password login for Windows.
-> Beyond that, if anyone does the MAC cloning crap or whatever..they are very skilled and can have access to anything they want.

 

That's what I do. Wires still transmit faster and more reliably than wireless. Wireless is primarily a convenience. I don't want to drag a cable to the living room to hook up my Wii and my media center machine

 

I use WPA Personal with AES.

SSID broadcast and says no signal for the fun or it.

 

Interesting post.

I just use WEP which is the default on the BT Homehub that I've got.

 

Any more it can take between 1-5 minutes to crack a WEP key. Change it to WPA if you care about being secure

 

call me a noob, but all i have is a password that prevents strangers from connecting to my router

 

Ok, noob What do you mean a password? Because I have a password that will let people access my WPA protected network, but that makes it quite secure because it's a strong password. If you mean you just have a password to change settings on your router, anyone interested within 300' of you can watch every single thing you're doing with your connection Banks you use, all your instant messages, emails, anything.

 

Others have answered this in the interim; however, one other reason is that I sometimes have people visiting and do not want to have to micro-manage to that level to let them on my network.

 

What about lowering your broadcast signal so it doesn't go very far, would that help security wise? I live in on campus apartments, and right now I have MAC Filtering, WEP, and my SSID is broadcasted. After reading that WEP doesn't do much i'm thinking I should change but don't know if I want to go through the hassle, my router really only needs to reach 20ft max.

 

Unless you use an aftermarket firmware, you can't change the broadcast signal strength, and even then, it makes the signal weaker for your local use, which will result in dropped connections, etc. Plus, you'd have to drop the power of your laptop's transmissions as well, which will make it a pain to connect to other networks than your own.

Enable WPA. It's really your best option. And it's less of a hassle to use than WEP's keys and such, you just need a strong password.

 

What do you mean a strong password? Do I create my own with WPA?

 

Oh yea...Why is WPA so much better than WEP, what are the fundamental differences?

 

While traveling last Summer I attempted to secure the wireless of some relatives we stayed with. It was wide open. The wireless card in the laptop he used for work was unable to do WPA, so I had to back off to WEP. Still better than wide open.

 

Yes. You don't have to deal with cryptic hex key sets, you just have a password you put in.

WEP uses a weak encryption pattern that can be guessed easily, often in seconds any more. WPA uses a much better encryption pattern that hasn't been found to be breakable except through guessing the password so far. Hence needing a strong password.

The only downside of WPA is that it takes a little more processing power to compute the encryption, so if you have an older router, it may not work very well. It won't affect your computer in the slightest.

Basically, just go with WPA. You can research it with Google if you want more detailed info

 

wrt54gl+ddwrt
wpa
ssid broadcast disable
mac filtering

 

No problem. Sharing is a good thing.

 

WPA2Personal
SSID broadcast and no mac filtering....too many friendlies to bother keeping up with that.

Motorola surfboard modem>
Cisco PIX 501 Firewall(*router)>
Netgear Prosafe GS105 5 port gigabit switch>
Netgear Prosafe WG102 WAP

 

Pitabred,
I appreciate your input here. I am using WPA2 and a 26 character password with numbers, alpha, lower case, upper case, and special characters generated by a random password generator. Do I need to change it with some frequency? If so, how often would you do so? Thanks, h.

 

WPA-PSK with default password on bottom of router

Still broadcasts default name and no Mac filtering

Don't see the need I live in an apartment and every network is passworded. If someone can hack in, then good for them I say

 

WPA - Personal
SSID - broadcast off
MAC Filtering

I never thought about the DHCP range and limiting it to the amount of devices that will be connecting as mentioned in a previous post. I will make that change as soon as I can

 

you can also turn off DHCP all together and just give your devices static adresses.

 

My way to secure wireless network is listed here:

Wireless Network Security

 

I just changed my WPA2 key and changed the SSID of my network.

This key generator is awesome.

 

The only problem with that one is the key generated was not encrypted, so if some one was snooping they have it too. ANY good security starts with using a secure connection.

Use the one on www.grc.com they use a https:// connection.

 

Nah, don't believe so, I'd say that my network has never been broken into and anyways I trust speak easy I also hit the generated a new key few times.

 

Hey guys I need help. I have a linksys router. I ran the cd that came with it, but it didn't install because, according to this cd, the dsl modem and the router are not compatible equipment. I plugged the router anyway and it worked. Apparently, you don't need to install any software at all for your router to work. Next, I changed the admin log in and password. Then I tried to change the security setting from nothing to WPA personal. Suddenly, I have no internet access. There is a message that says something like "the setting on this computer are not compatible with the linksys router."

Now I did all this on my laptop (not the main computer where the modem is connected to). But I don't think this has anything to with it. Or does it? Anyway, I need to set the WPA thing without losing internet access. Thanks.

 

You need to do all settings with a wired connection directly to the router. The router does mini reboots that will bump you off if wireless. I never run any install setup disk, just more un-needed junk on the hd. You will need to enter you ppoe user id and pw manually into the router under the WAN port settings. If you have a modem that is also a router, you need to change it to Bridge mode.

 

Sorry for being clueless, but what is the ppoe user id? How do I know if my modem is also a router? Here is the way my setup is connected. DSL modem to Linksys router via Ethernet cable, then linksys router to computer via Ethernet cable. Now I can do the setup from this computer, right? Also, how do I setup a password only people who know this password can access my network? Thank you so much.

 

Your setup is correct modem to router to pc's.

If you access the admin page move to the WAN/Internet page, enter password when prompted. Look and see what your WAN IP address is, if its a public IP your modem is only a modem, Other wise it may be a combo unit. If so post mfg and model of the modem. If private you will not need to setup PPPoE in the router, use direct connect. But it does not hurt to clone your MAC address.

In the setup page for your WAN/Internet you should have several options, PPPoE, Direct connect ...... During your setup for dsl you normally get a user ID, and create a password. At the same time your mac address may be recorded for modem and pc, id you were directly connected to the modem. This info is loaded into the PPPoE connection info. I also recommend cloning your mac address from the PC used to setup the account into the router if it was not in place when you activated your account.

Now to secure the wireless. There should be a wireless tab. This will give you options for channel, SSID, b/g or G only, security.... Select G only if you have no hardware requiring 11b. I recommend changing the SSID to prevent duplications of SSID's if you connect to other networks. Now you will need a security key. I recommend going to www.grc.com and copy a couple of "All Printable Chr" and "letters and numbers", to a notepad doc, and save. Now select WPA(2) personal AES and copy and paste the security string that you saved on a notepad doc. Your wireless is now secure. Now bring up your NB wireless, it should see the new SSID you setup. Select connect, enter (copy & Paste, do not try to type it in) the security string and make sure the sec type is WPA(2) Personal or AES. Once you save it, it should connect. If all is good you can now hide the SSID if you like for added security, but not required since you have a strong security key. Note: Some routers do not like " (double quotes). If you failed connection, try removing the double quotes from the string (router and nb). If that does not work, try using a shorter length string, 20 chr. Most all will connect with 20 chr.

You need to keep this security string to add others or if your forced to reload firmware. You can restrict the range in which the DHCP server gives out. I always change the subnet to something else.