Protecting my wireless connection

shop deals on amazon
Shop deals on ebay
Advertise with us
Ford SportTrac Forum

Help Support Ford SportTrac Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Curtis Farris

Curtis Farris

Member
Joined
Feb 1, 2005
Messages
48
Reaction score
0
Location
Meriden, KS
I am getting a wireless cable modem today and I wanted to know if anyone could tell me how to protect my wireless connection so others cannot use it. I dont care if it ask me for a password everytime I log on as long as I know its not getting used by anyone out there. The modem is a Motorola, and I purchased it from best buy. Can someone help me with this? I am sure it cannot be all that hard to do. I am also using windows xp...



Thanks for your help,

Birdy
 
IN the setup process it should ask you if you want an encryption code, say yes and setup your code. it's usually a 10 digit number so make sure you can remember it. That was the way my Linksys device worked. Hope this helps.
 
There is a website you can go to to set-up your wireless router, the specific site I'm not sure, shoudl be printed in the instructions. It is a direct access to YOUR router/modem, so you'll have to access it by a computer that is on the network of the router/modem.



At this site, you can set-up all kinds of options. One is SSID display, turn that off. With this turned on, anyone with a wireless card can see your network, with it turned off, you'll have to manually input the wireless transmission ID. Speaking of the SSID, change it from the default name to something specific to you, try your pets name or something.



Change the password from the default to something else. The password will need to be 29 or 58 hexadecimal digits for maximum (256-bit) security.



You can also choose to manually assign IP addresses to the devices that will access your network. By default, most modems/router will assign an IP address automatically, which means anyone who tries to connecto to your network will get thier own IP address. Turn this automatic IP addressing to off so someone would have to manually input an IP address (and other information) to gain access to your network. You may also be able to limit the maximum number of active IP addresses...set that number to whatever would be the maximum nuber of devices that you would use on the network at any given time.



Outside of that, make sure your computer has a good firewall. The router/modem will also have a built in firewall, be sure to use it and keep it updated.



With all this, your wireless SSID won't be visable, so no one can even see your network. Should they figure out the network ID, they won't be able to get on because a 256-bit password is near impossible to crack, and should they crack that, there isn't an open spot for them to leech of off. Sounds complicated, but it really isn't once you see the interface in front of you.
 
Tiger thanks a ton! I will feel much better knowing that there are 3 things they will have to get by to access my connection.



Thanks,

Birdy
 
The easiest, and often overlooked, things to do is change the SSID and password from the default.



It's almost scary how many people leave this at default, leaving thier connection wide open.
 
We have about 5 open wireless routers in the neighborhood, not counting the ad-hoc connections available.



I like the l33t style for passwords... That is, substitute vowels with numbers, for example, let say you want your key to be:

birdywirelessnetwork

use:

b1rdyw1r3l3ssn3tw0rk



If it gets complicated, jot it down and keep it on the top drawer on your desk...

If your router/modem and your clients (laptop, PC) can use WAP encryption, it might be enabled by default, otherwise, enable it, you should find how to do it on your documentation...



 
Tiger, that website you are thinking about is the IP address of the router and typically 192.168.1.1 (see link below for those with routers).



Also, I don't recommend turning of the DHCP service of the router and using static IP addresses as that's just a configuration hassle. If you do all the other things mentioned by Tiger, than you are save, sans the guy that cracks your WEP key. If you really are worried about that, then setup "Wireless mac address filtering". In that approach you enter the mac addresses of all PCs and laptops in your house. I prefer that approach to static IP addressing.



TJR
 
Last edited by a moderator:
I've written about this before here. Most of the things you guys have written here are so last year (well, more like 2003-04 now). Disabling SSID broadcast, static IP addresses, WEP encryption, and MAC filtering are all settings that will keep out only casual surfers. However, ALL of those so-called "security" settings can be discovered, cracked, bypassed, or spoofed in about 5-10 minutes by a wardriver with the right tools.



The real only strong security you have anymore is WAP (or the newer WAP2) encryption with a long RANDOM passphrase. The recommended method for generating and keeping this passphrase is to type a long string of 15 or more RANDOM characters into a text editor (like Notepad), and then do a copy-and-paste of that string into the WAP passphrase field. Save your passphrase file to the computer you use to access your access point because you're not going to want to type that in every time you need it (and for the guys who might wonder about this as a security breach - just think about it for a minute). It doesn't hurt to change your passphrase every once in a while either.



Don't believe me. Look up the names Steve Gibson or George Ou on the Internet and read what they have to say.
 
TJR-

Not for all routers...I can't access mine by typing in the IP address of the router...or at least I couldn't. Haven't tried on the new one.



kef-

If someone wants in bad enough, they'll crack any code you've got. You wont be able to stop the determined, no matter what.
 
if you open a run window (window key + r) and type cmd and hit enter.

at the prompt type ipconfig and hit enter

the listed default gateway is your router's IP address.



if you type that address in the address bar in internet explorer a login should open up.



standards are

192.168.1.1

192.168.11.1

192.168.2.1



you can actually set it to just about anything you want though.
 
Oh don't I know it, Tiger.



Never said that the WAP/WAP2 settings were impenetrable (especially if you don't use a strong passphrase). They are, however, the best option right NOW for your typical SOHO setup. If you stay informed, you're less likely to fool yourself that the other settings are going to do much in keeping intruders out.



 
Sorry I usually don't correct peoples mistakes but it's repeated itself several times...



WPA = Wi-Fi Protected Access

WEP = Wired Equivalent Privacy





(WAP has no application in what we are talking about)

WAP = a secure specification that allows users to access information instantly via handheld wireless devices such as mobile phones, pagers, two-way radios, smartphones and communicators.



 
Hell, at my house I can pick up 5 different wi fi signals from ALL my neighbors houses, including mine! They've all got their wireless routers turned all the way up so they can sit on their boat docks and use their laptops!
 
JD, WAP also is commonly used for Wireless Access Point. So you can use WPA on a WAP....



Kind of lost in all of this, and easily forgotten, is the easiest security measure of all. Change the default user/administrator ID and password. Wardrivers know each manufacturer's default settings - they're easy to find on the Web. If you don't change the defaults, and they can go in and undo any of the other security changes you make (including locking you out, but that's just mean-spirited and kind of self-defeating anyway).



If you want to get really fancy (for a home setup it's pretty high-level), separate your wireless network from your home LAN. Most consumer access points have routers for the LAN built in. If you separate the hardware and have an access point AND a router, you can setup encryption between the two.
 
MAC filtering is the way to go. You can leave it open and it pisses people off when they see an open network and can't connect to it. Everyonce in a while I take my roommates off the MAC list just to piss them off. Its kinda of fun. yes I know I am a geek. If you only have a set few people and random people won't come over to use it then MAC filtering is the way to go. But if a bunch of people would use it then do WPA
 

Latest posts

Top