Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Wireless Security

Posted on 2004-09-01
23
Medium Priority
?
683 Views
Last Modified: 2010-04-11
HI guys,
  I have a wireless router and I am trying to figure out if there is a way i can have a splash screen prompting for a password to get on to the wireless network/ internet.  Basically to ensure that nobody is leeching off of my connection.  Also are there any other methods for securing my wireless G network?
0
Comment
Question by:Devario Johnson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
  • 4
  • +2
23 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957585
does the router have a WEP or WPA option?
0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11957600
yes it does...it is a lynksis
0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11957607
it has wep (wireless G)
0
Sign your company up to try the MB 660 headset now

Take control and stay focused in noisy open office environments with the MB 660. By reducing background noise, you can revitalize your office and improve concentration.

 
LVL 57

Expert Comment

by:Pete Long
ID: 11957649
tip top

same as mine :) click the link below

http://192.168.1.1

put in the password you set up (username is blank) it you didnt set one up its "admin"
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957665
click wireless change the name of the default SSID from linksys to something else (you will remember)
0
 

Expert Comment

by:dewman03
ID: 11957667
First off,

A login prompt with a username / password will only exist in a EAP 802.1x enviorment. This means that you need an authentication server. Some high end access points have the abality to run their own authentication server. If you dont have a high dollar Cisco Access Point or no authentication server, then I would suggest WP with WPA. WEP has been broken and is not very secure. It will however require all the clients who connect to know the WEP key, so thats kinda like a login. Also, WPA, WPA rides ontop of WEP and alos is KEY based. Again the KEY can be automatically distributed if you have an authentication server, if not, then you have WPA-PSK, which is WPA-PreSharedKey. That is, you give all the client you want to connect your Magic wpa key.

So those are your options for a sudo-password login enviorment. For further security, I would highly recommend MAC address filtering. This will allow you to deny access to everyone except the MAC address you determine acceptable. ALSO, note that if you Turn MAC filtering ON then Add your Ethernet MAC, or you wont be able to Access The Access Point over the Wire.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957675
click the wireless security tab

change the security mode to WEP
set default transmit key to 1
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957685
type in a word (anything) in the passphrase box and click the generate button

write down the FIRST key eg DCB42F63C9 (yours will be different)
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 300 total points
ID: 11957710
click save settings and exit the router

on the PC got to the proerties of the wireless card, or run the setup utility that came with the card

type in the SSID you created earlier, enable WEP and type in the key (64 bit) that you also wrote down earlier

and away you go

0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11957734
cool, I have a Voice over IP telephone appending from one of the ethernet ports in the back of the wireless router...will these setting interfere with that as there is no way for me to go adding information to the vonage box
0
 
LVL 6

Expert Comment

by:JRaster
ID: 11957789
One of these devices will do exactly what you want.  
http://www.dlink.com/products/?pid=173
Its not free though.  
If you want free, NoCat has a linux software you can run on a old box that can do that stuff.  
Basicly its turning your AP into a HotSpot.  
All the above info should be fine for locking down your AP for only you.  
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957798
iWEP applies to wireless only (wireless encryption protocol) your phone is hardwired it wont be affected :)
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 200 total points
ID: 11957818
The SSID isn't hard to get-- it's in clear text inside the wireless frames. So are the MAC addresses of allowed users, and anyone can spoof their MAC- it's right in the properties for the wireless card. So you won't stop someone with a wireless PC and some of the freeware tools out there for breaking into wireless networks. But you'll stop the casual neighbor.

WEP encrypts your data but it's not very secure and also easily broken by the same freeware tools. If you can do rotating WEP keys, do it- as many and as fast as it will let you. The only real security is 802.1x as mentioned by dewman03, which involves centralized authentication and strong encryption.
0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11957863
i wish i had known about all of this b4 i got the router but this is what I have now, I set it so that It only assigns 3 dhcp addresses...I have 3 clients...my pc my roomates laptop and the telephone....wouldnt that be secure ?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11957943
Well, anyone can give themselves a static IP address regardless of DHCP so that won't help. But listen, it's not like everyone is lining up outside your house with a wireless sniffer to abuse your connection. The point was just that you can't absolutely guarantee the security and you should be aware of that. The many suggestions above will help, do whatever you can. If you're doing sensitive stuff and you're still worried, use the wired connection if it's not too inconvenient.

There are people who drive around with a wireless laptop looking for wireless nets they can abuse. But people with the right equipment can listen in on your cell phone conversations too, even if it's digital. It's not likely though.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957950
>>It only assigns 3 dhcp addresses

it can lease up to 252 addresses

the router takes one
you cant use .0 or .255

My http://www.linksys.com/Products/product.asp?grid=33&scid=35&prid=601 is leasing over 30 addresses including this one www.petenetlive.com
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957965
on the setup page just up the setting that says "maximum number of DHCP users"
0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11958661
no when i said it only assigns 3 dhcp addresses I mean that Is what I set it at to ensure that no more than 3 are given out.  Say if someone has a laptop they borrowed from the school library and just noted that there was activity...this way there will be no activity becasue no more than 3 ip addresses will be issued once the 3 are already filled which they are by my 3 nodes.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11958745
It helps only if someone doesn't just guess that you're using 192.168.1.x or whatever. You still have 250 more addresses that will work- they just have to be statically configured by the user. Again, it won't help much with a hacker...
0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11958867
Under Status>local network>dhcp clients table you can see who all is onthe network is there a way I can see who all is logged on to my router be it dhcp or not?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11958899
If you can view your arp table then you can see all MAC addresses and IP addresses. DHCP doesn't show you who's on the network. It just tells you who has a lease on an IP address. They may not be on at that moment and statically configured IPs won't be there. You may also be able to configure your firewall config to log stuff, and then you could see what IPs are doing some things.

0
 
LVL 5

Author Comment

by:Devario Johnson
ID: 11959478
cool thanks for all the help guys.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11965095
ThanQ
0

Featured Post

Reclaim your office - Try the MB 660 headset now!

High level of background noise often makes it difficult for employees to concentrate fully on their jobs – or to communicate clearly on calls. The MB 660 headset helps you create a disruption free workspace.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question