Wireless Router Security

elwoodjbt

Registered
We have two computers - G4 and PC (XP Home) - and a Linksys wireless router. We've never needed security for our router because of where we lived, but now we have moved to a high-rise apartment and don't want others getting info or stealing our internet connection. How can I set a password on the router? IN the past, both computers just "see" the router and connect to it. I know absolutely nothing about this... Thanks.
 

cnk_coleman

Registered
One
Under security on the Linksys there are several options.

One is to password the system so that you will need a password to access the network. Passwords can be simple or very complex. If you choose hexadecimal and 128 bit expect to use a password with 26 digits. Even the 64 bit password is 13 characters. But once this is set up your system will remember it in the keychain if you let it.

The second thing you can do is to encrypt the data with WEP or WPA. Both increase the security of your system but a serious hacker will still be able to get in.

The third thing you can do is to only let in certain MAC address's. These are address's that identify the machine that is trying to get into the network. If there is no match in the MAC address then the machine will not have a chance even if they get the password right. Your MAC address is found in the system profile and looks like 6 sets of 3 digits seperated by colons. (00:00:30:8f:38:3g) or something like that.

The last thing you can do is to turn off the SSID beacon. This is the signal that the access point sends out to let everyone know you are there. If you turn in off then no one will know you are there unless you tell them.

Since there are so many different firmware options for the Linksys I can't tell you where each one of these items are. I don't have a normal firmware and can't remember where they all are.

But look under security and that is where you will find most of it.

Chuck
 

texanpenguin

Registered Penguin
Chuck's suggestions are all good, but a little caveat - malicious types have been known to spoof their MAC addresses quite easily, so if you're seriously worried about security, don't just expect MAC to do it.

For most people, WEP is adequate security, especially with the SSID broadcasting switched off.
 

elwoodjbt

Registered
Thanks a lot. I found several of these options when I connect to the router using the IP address. Is the broadcast function you're talking about "Allow 'Broadcast' SSID to associate?" I set that to "no"? As for the MAC addresses, under the Wireless tab, it can enable or disable "Station MAC Filter." It then has an "Edit MAC Filter" tab where I can enter MAC addresses and checkmark "filter" or not beside them. I put my MAC there and checked "filter" only to find that I could not then connect. I connected with a wire and unchecked it. So, if I just list my two computers' MACs there unchecked, will it only allow them to connect (barring spoofing mentioned by texanpenguin) or do I have to enter other MACs manually to block them? Finally, I have a couple of questions about Chuck's first two options--password and WEP encryption. I'm a little confused. I don't see anywhere to set a password, but I do have the option of WEP "key setting." Is that a password? When I go there, I can type a passphrase and it will generate four ten-digit keys for 64-bit or one long key for 128-bit. Which should I use and where do I then enter that key to gain access to my router? Any idea where I would also enter it in Windows XP? Thanks again for all your help
 

cnk_coleman

Registered
elwoodjbt said:
It then has an "Edit MAC Filter" tab where I can enter MAC addresses and checkmark "filter" or not beside them. I put my MAC there and checked "filter" only to find that I could not then connect. I connected with a wire and unchecked it. So, if I just list my two computers' MACs there unchecked, will it only allow them to connect (barring spoofing mentioned by texanpenguin) or do I have to enter other MACs manually to block them?
You can block any MAC address you want to but that is the long approach. Better to just allow the ones you want to. You will have to update the "allowed" MAC address's if you want to add another machine.

Finally, I have a couple of questions about Chuck's first two options--password and WEP encryption. I'm a little confused. I don't see anywhere to set a password, but I do have the option of WEP "key setting." Is that a password? When I go there, I can type a passphrase and it will generate four ten-digit keys for 64-bit or one long key for 128-bit. Which should I use and where do I then enter that key to gain access to my router? Any idea where I would also enter it in Windows XP? Thanks again for all your help
The key setting is the password. You type in a password and it will generate a hexadecimal code. That is the password. Copy it down and then when you log in you will have to type in that password. For ease of use select the first one on the list. I believe that is a check mark for which one it will accept. It's been a while since I have been on a D-link.

If you get locked out you will have to push the reset button and redo all the settings.

Chuck
 
Top