WIRELESS ROUTER/SECURE ACCSESS QUESTIONS

Discussion in 'other security issues & news' started by FireDancer, Dec 4, 2004.

Thread Status:
Not open for further replies.
  1. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Hello

    Been a while since I have logged here as I have been busy working on the catastrope team in Fl. My roommates and I are still working here and need to be on the internet to work but I dont like te fact that we have to be wireless.

    I got us a internet connect at our apartment but the wireless connection to the net is unsecured. What I want is to create a password for my roommates and I only to log onto the net so that not just anyone can use our wireless connection. My net connect here is broadband DHCP broadcast. What all do I need to do to secure this connect? is it as simple as secureing the router or do I need to go further with all the laptops involved? such as setting up a full blown network :(

    regards,
    FireDancer
     
  2. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    hmmm a thought just occured to me ... Should I use WEP or MAC addressing hmmm which is more secure?

    FireDancer
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi FireDancer, You can use WEP though WPA is more secure. Once set you should then disable Broadcast SSID so thet your router is not hunting for other devices.
    I also have my laptop authorised by it's MAC address so that only authorised Wireless PCs can connect to the Gateway.

    HTH Pilli
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Yeah, you can and should use both. WEP/WPA will encrypt the signal, MAC filtering will make sure that only computers you specify can join the network. It may take a little more effort to get set up, but you shouldn't have to worry about it much after that.
     
  5. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Pilli,

    Thanks for the responce, will I have to do this for all 3 machines..as they are all independent of each other. The only thing they have in common or share is the internet.


    Regards,
    FireDancer
     
  6. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    use both? hmmm ok im gonna strugle through this but thats what I should do huh. how does it work with wpa/wep , do i set the key and then the other 2 independent machines are allowed with the mac address to logg on automaticly?

    They wont need to put in a key will they?

    FireDancer
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I believe you should be able to just create a key and put it in all the computers that want to use the connection. As for MAC address filtering, that's separate. Just get the MAC address for each machine's network card and put it into the list in the router (yes, they will need to put in a key or passphrase)

    If you still need to find the MAC address, you can find it by going into Control Panel > Network Connections, double click your internet connection and switch to the 'support' tab, click 'details...", and the 'physical address' is your MAC address (the physical address of the network adapter itself, this never changes)

    Basically WEP/WPA is going to supply your password functionality and keep others from spying on what's being transmitted between your computers and the router.
    MAC filtering is just a list of the physical addresses of computers (actually network cards, but you get the point) that are allowed to connect.. anything else will be denied.

    And like Pilli said, you'll want to turn off the extra stuff.. he'll have to fill in those details, though.

    Let me know if you need more specific details here.
     
    Last edited: Dec 4, 2004
  8. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    All the farther I have gotten is setting the mac addressing for the 3 cpus, everytime I try to enable WEP/WPA I loose my internet connection and can not get back into settings of the router :( I have wireless SSID disabled too and so far all is fine but my wireless network is still unsecure

    o_O

    regards,
    FireDancer
     
    Last edited: Dec 4, 2004
  9. ^Ale

    ^Ale Registered Member

    Joined:
    Jul 6, 2004
    Posts:
    187
    Location:
    Italy
    Connect your PC to the router by a cable and not wireless, enable WEP/WPA on the router, disconnect cable and then you can enable WEP/WPA also on your PC.
     
  10. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    You could use a channel different than the default one to hide things a tiny bit. Using channel 10 or 11 instead of the default would be a good idea. If you are having trouble using WEP, you should make sure you have every computer that is trying to connect to your router using the WEP key. Also make sure you are using the same Authentication on your PCs as you are using on your router. If your router has any sort of firewall you should enable it. If you have a 100% static IP then turning off DHCP on your router and configuring the Static IP manually would also be a good idea.
     
  11. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    A John wrote:
    You must have been looking over my shoulder :)

    Regarding SSID, Personally I leave it switched on whilst setting up the wireless devices then when all the devices have the correct keys and their MAC addresses are stored in the router I then disable SSID, usually this is a tickbox in the general wireless configuration area.

    HTH Pilli
     
  12. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Goodmorning,

    Well heres where I am right now. Under wireless security I have wireless enabled, I have the SSID named, and SSID Broadcast is enabled.

    under wireless securty I have it set to WPA-pre shared key, TKIP. I gave it a key and set the group renewal to 600 seconds. Under admin I set a password for the router.

    I went to each pc after that and set the propertys and added the new wireless connection by its name and then went to propertys and set them to shared, but the funny thing is that niether mine or one other laptop here has a drop down for wpa-tkip it only gives me the option to set to shared,WEP

    One top here has the 4 differant settings to choose from and I am wondering if this is going to cause a problem. Do I need to upgrade the other 2 pc's?
    all pc's have win xp on them with service pack 2. Where am I going wrong?

    One last thing for now, none of these pc's are networked together to share anything, do I need to create a network in that sence?

    Thanks all for your help and advise
    FireDancer
     
  13. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    I have mine set to "WEP"
    Each computer is set to "Authentication: Auto"

    You do not have to network them for it to work.
    I am using LinkSys WRT54G, if you are also I can post Screen Shots for you.
     
  14. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Hello,

    Well here is what I came up with. I have set the router config to
    WEP and it gave me four differant keys I set it to the 4th and enterd that key into each puter. I also disabled SSIC Broadcast. I also set the mac addresses for each puter. On the puters I set the wireless network properties to open/WEP and authentication auto as well.I disabled smart card, for some reason when I enabled smart card it did not want to co-operate. Anyways I have a secured wireless network now and all are on line and happy as well as safe I belive LOL!!! Thanks for all your input, I could not have done it without you guys. Now if one of my room mates moves out on me I will just change the keys and re-enter te new into the remaining pc's :)

    Regards,
    FIREDANCER :D
     
    Last edited: Dec 6, 2004
  15. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Well done FireDancer :) Now make sure that all the machines have good defences such as a firewall for outbound protection as your router will stop only inbound connections.
    Also ensure that all your systems have the latest security patches and that they have up to date AV / AT and Anti-Spyware.

    As an afterthought :) Also make sure that your router has a good passphrase and not just "ADMIN" :D

    Pilli
     
  16. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Also, you might make sure to disable plug 'n' play support on your router as it can cause security issues.
     
    Last edited: Dec 6, 2004
  17. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Pilli, and Ajohn

    Thanks again I have XP Home on all 3 machines and all are useing registerd versions of NOD 32 TDS-3 and as well I have Kerio 2.1.5 up and running on all :) I feel secure now with the wireless network up and secure.

    I will go back into setup in my router and make sure Plug 'n' Play is disabled.

    Thanks again so much,
    FireDancer
     
  18. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Sounds good to me FireDancer, don't forget the Anti-Spyware :D
     
Loading...
Thread Status:
Not open for further replies.