Easy Belkin Wireless Router Question and use of Sony Vaio laptop...Wep versus MAC address.
I am trying to help a friend who has a new B/G Belkin Wireless Router (not sure if it is speedbooster model).
She hooked her cable modem into the Router and the Router hardwired via Ethernet to her Dell desktop PC. All is fine there of course.
She has a new Sony laptop with built-in wireless capabilities. Win XP-one user account.
She has that working fine as well at home.
She took it to a coffee shop (Starbucks) and it worked fine there as well.
**She wants a little more security on her wireless connection.
I am a newbie on this. If I put in a 10 position WEP key like 12345FFFFF (example only) on the Belkin router and on her built-in wireless unit in the Sony--things would work well ONLY in her house. I think it would not work at a wireless cafe'.
A. Someone told me I could set up two profiles but do not know how to do this. Need step by step instructions. Or perhaps just show her how to disable the key in her laptop only when she is outside her house in a cafe. Do not know which is better or easier???????
--OR--
B. Same person said I could avoid the WEP key and set up a MAC address so that her wireless router (for wireless purposes) will only recognize the Sony laptop. Not sure how to get IP address of wireless Sony and enter it in and if I need to hardwire the laptop for a portion of this or perhaps use the desktop (already hardwired) to enter the MAC into the router.
Also we need to make sure the hardwired Dell desktop is not affected at all and always is connected to the Internet. It is attached to the router via Ethernet.
Thanks so much.
Learning.........
Peter
'
She hooked her cable modem into the Router and the Router hardwired via Ethernet to her Dell desktop PC. All is fine there of course.
She has a new Sony laptop with built-in wireless capabilities. Win XP-one user account.
She has that working fine as well at home.
She took it to a coffee shop (Starbucks) and it worked fine there as well.
**She wants a little more security on her wireless connection.
I am a newbie on this. If I put in a 10 position WEP key like 12345FFFFF (example only) on the Belkin router and on her built-in wireless unit in the Sony--things would work well ONLY in her house. I think it would not work at a wireless cafe'.
A. Someone told me I could set up two profiles but do not know how to do this. Need step by step instructions. Or perhaps just show her how to disable the key in her laptop only when she is outside her house in a cafe. Do not know which is better or easier???????
--OR--
B. Same person said I could avoid the WEP key and set up a MAC address so that her wireless router (for wireless purposes) will only recognize the Sony laptop. Not sure how to get IP address of wireless Sony and enter it in and if I need to hardwire the laptop for a portion of this or perhaps use the desktop (already hardwired) to enter the MAC into the router.
Also we need to make sure the hardwired Dell desktop is not affected at all and always is connected to the Internet. It is attached to the router via Ethernet.
Thanks so much.
Learning.........
Peter
'
Hi peter
By setting a WEP key you will secure your network, some wireless routers allow you to setup say 4 diffrent WEP keys which allows you to easily change between them, this is for security. If someone is in range of your wireless and can capture 2GB+ of data they can find your WEP key.
So by changing your key from time to time will stop them.
As for locking an IP to the MAC address this is not needed and wont secure your network any more.
So basicly change your WEP key every few months, when you do this on your router the sony laptop will ask you to reenter the key before it will connect.
None of the wireless changes will have any affects on pc's connected via Ethernet.
Dave
The following link gives your detials on how to setup the WEP key and IP to MAC locking if you wanted to:
http://www.virtual-hideout.net/reviews/belkin_wireless_bb_router/index2.shtml
By setting a WEP key you will secure your network, some wireless routers allow you to setup say 4 diffrent WEP keys which allows you to easily change between them, this is for security. If someone is in range of your wireless and can capture 2GB+ of data they can find your WEP key.
So by changing your key from time to time will stop them.
As for locking an IP to the MAC address this is not needed and wont secure your network any more.
So basicly change your WEP key every few months, when you do this on your router the sony laptop will ask you to reenter the key before it will connect.
None of the wireless changes will have any affects on pc's connected via Ethernet.
Dave
The following link gives your detials on how to setup the WEP key and IP to MAC locking if you wanted to:
http://www.virtual-hideout.net/reviews/belkin_wireless_bb_router/index2.shtml
ASKER
Thanks Dave and Mike. Seems to be a differing of opinion between you both which is okay and good for discussion.
***WEP: Would it be better if we enabled WEP on the router and the Sony built-in laptop wireless component?---then when she goes to a cafe (which she will from time to time for meetings), that she disable WEP......
Would that solve the problem easily or does she actually need to put zeroes (ten zeroes I guess) in the WEP key field?
MAC LOCKDOWN: So are you saying the wireless router needs a MAC address entry from the wired desktop PC? How does one find the MAC address? I will read the article per your link. I tried to find one on my machine (no router and no wireless).
On MY standalone Ethernet connected Win 2k machine (cable modem), if I do an IPCONFIG /ALL, this is what I get below (slightly altered for security). I see nothing that says MAC address. Now I do not have a router in between, just a cable modem.
Windows 2000 IP Configuration
Ethernet adapter Local Area Connection:
C:\Documents and Settings\Administrator>ipc
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : xxxxxxxxxxxxxxxx
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxxxx.rr.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xxxxxx.rr.com
Description . . . . . . . . . . . : HP NC3121 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-0F-D2-3E-9F-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 24.92.64.157
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 21.91.83.0
DHCP Server . . . . . . . . . . . : 22.24.5.128
DNS Servers . . . . . . . . . . . : 24.91.63.68
24.91.67.65
24.91.64.64
NetBIOS over Tcpip. . . . . . . . : Disabled
Lease Obtained. . . . . . . . . . : Tuesday, November 16, 2004 8:31:
Lease Expires . . . . . . . . . . : PM
__________________________
******Sub note: To share a printer with Wireless, I guess I have to enable Shared printer on desktop DELL and enable NetBIOS over TCPIP there as well. Then I have to find the printer on the network. Correct? I could pose this as another question if I need to.
***WEP: Would it be better if we enabled WEP on the router and the Sony built-in laptop wireless component?---then when she goes to a cafe (which she will from time to time for meetings), that she disable WEP......
Would that solve the problem easily or does she actually need to put zeroes (ten zeroes I guess) in the WEP key field?
MAC LOCKDOWN: So are you saying the wireless router needs a MAC address entry from the wired desktop PC? How does one find the MAC address? I will read the article per your link. I tried to find one on my machine (no router and no wireless).
On MY standalone Ethernet connected Win 2k machine (cable modem), if I do an IPCONFIG /ALL, this is what I get below (slightly altered for security). I see nothing that says MAC address. Now I do not have a router in between, just a cable modem.
Windows 2000 IP Configuration
Ethernet adapter Local Area Connection:
C:\Documents and Settings\Administrator>ipc
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : xxxxxxxxxxxxxxxx
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxxxx.rr.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xxxxxx.rr.com
Description . . . . . . . . . . . : HP NC3121 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-0F-D2-3E-9F-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 24.92.64.157
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 21.91.83.0
DHCP Server . . . . . . . . . . . : 22.24.5.128
DNS Servers . . . . . . . . . . . : 24.91.63.68
24.91.67.65
24.91.64.64
NetBIOS over Tcpip. . . . . . . . : Disabled
Lease Obtained. . . . . . . . . . : Tuesday, November 16, 2004 8:31:
Lease Expires . . . . . . . . . . : PM
__________________________
******Sub note: To share a printer with Wireless, I guess I have to enable Shared printer on desktop DELL and enable NetBIOS over TCPIP there as well. Then I have to find the printer on the network. Correct? I could pose this as another question if I need to.
By setting the MAC address can only prevent others from connecting directly to your network. When you are online People can listen to the communication travelling between your PC and the AP and so they can easily get your data, as it is sent unencrypted that way. With WEP you encrypt that data and someone listening in will just get a useless jumble of bits and bytes. For him to be able to decrypt that jumble he will need the key you used to encrypt with. If that encryption is low, he should be able to easily crack it by running a program trying all possible combinations.
If you aren't having a network and are only using the wireless to connect to the internet this isn't as important, as when you are sending sensitive information you are usually in an encrypted mode, like when using wep. You still have to be carefull on the side of the PC, though. Disable file and printer sharing on a windows PC fot all those Network adapters connecting to the internet. Us a safe password for logging on to your system. Particularly be carefull about your administrators account.
If you aren't having a network and are only using the wireless to connect to the internet this isn't as important, as when you are sending sensitive information you are usually in an encrypted mode, like when using wep. You still have to be carefull on the side of the PC, though. Disable file and printer sharing on a windows PC fot all those Network adapters connecting to the internet. Us a safe password for logging on to your system. Particularly be carefull about your administrators account.
ASKER
Thanks but that does not answer if it is best to use WEP at home. Then when she is out with the laptop at a cafe or restaurant--can she disable it to get connectivity without losing the WEP key?
Also no one ever mentioned how to get the MAC address of a machine including my own per the above. Do I run a Ipconfig /all and then issue an ARP -a which listed two lines with a range of IP and the same "Physical address"-is that the MAC address?
Thanks, Peter
Also no one ever mentioned how to get the MAC address of a machine including my own per the above. Do I run a Ipconfig /all and then issue an ARP -a which listed two lines with a range of IP and the same "Physical address"-is that the MAC address?
Thanks, Peter
ASKER
I assume the physical address is the MAC address. I figured that out.
Now I just need an answer to the next to the last paragraph in above section.......
Peter
Now I just need an answer to the next to the last paragraph in above section.......
Peter
Peter,
Re: MAC address:
When you run "ipconfig /all" it should show you the MAC address of your network card - listed as "physical address." It's a 12 digit hex number, usually separated into 6 pairs (eg: F0-91-C3-EF-4E-74). You don't need arp -a, though that will show your your MAC address as well.
Re: Wireless printing:
It looks like you've described the process pretty completely.
Re: WEP vs MAC:
It really depends on how secure s/he wants their network. If it's a really sensitive network, don't use wireless. Whether you use a MAC address or a WEP key, it's breakable by a determined hacker in, at most, 4 hours. These are security measures that keep out the neighborhood kids and casual data thieves looking for an easy target. The MAC limitation is slightly easier to hack than the WEP key, so a moderately sensitive network might want to use both. For someone who really just wants to limit access to their own network connection to their household and not share with the neighborhood, a WEP key is better IMHO if you have a lot of teenagers around (lots of time and possible interest in hacking).
From the discussion and descriptions above, I'd say the MAC address limitation is probably a better solution here, because the laptop won't need to be modified frequently. On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example, one with and the other without security keys). If that's the case, the WEP key won't impose much of a burden for the slight additional protection.
Good luck!
MM
Re: MAC address:
When you run "ipconfig /all" it should show you the MAC address of your network card - listed as "physical address." It's a 12 digit hex number, usually separated into 6 pairs (eg: F0-91-C3-EF-4E-74). You don't need arp -a, though that will show your your MAC address as well.
Re: Wireless printing:
It looks like you've described the process pretty completely.
Re: WEP vs MAC:
It really depends on how secure s/he wants their network. If it's a really sensitive network, don't use wireless. Whether you use a MAC address or a WEP key, it's breakable by a determined hacker in, at most, 4 hours. These are security measures that keep out the neighborhood kids and casual data thieves looking for an easy target. The MAC limitation is slightly easier to hack than the WEP key, so a moderately sensitive network might want to use both. For someone who really just wants to limit access to their own network connection to their household and not share with the neighborhood, a WEP key is better IMHO if you have a lot of teenagers around (lots of time and possible interest in hacking).
From the discussion and descriptions above, I'd say the MAC address limitation is probably a better solution here, because the laptop won't need to be modified frequently. On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example, one with and the other without security keys). If that's the case, the WEP key won't impose much of a burden for the slight additional protection.
Good luck!
MM
ASKER
Thanks MM. So how would I create a separate profile or config based on your statement??
" On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example, one with and the other without security keys). If that's the case, the WEP key won't impose much of a burden for the slight additional protection."
I need a step by step here please. Sorry.
Also no one ever answered the question that if she were at Starbucks (just an example) and she entered the IP to get to her built in Sony laptop wireless router if she oculd disable WEP WITHOUT losing the key when she re-enables it........ I cannot test this as I do not have a wireless card currently. Sorry.
Thanks, Peter
" On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example, one with and the other without security keys). If that's the case, the WEP key won't impose much of a burden for the slight additional protection."
I need a step by step here please. Sorry.
Also no one ever answered the question that if she were at Starbucks (just an example) and she entered the IP to get to her built in Sony laptop wireless router if she oculd disable WEP WITHOUT losing the key when she re-enables it........ I cannot test this as I do not have a wireless card currently. Sorry.
Thanks, Peter
If you don't use any LAN functions (filesharing, printersharing between connected PCs) you don't need WEP. If you do it is essential to prefent "listeners" from acquiring data from your network traffic. Allowing unique MAC addresses to connect will only prevent outsiders from actually using your AP to connect to the internet. It won't add to the security of your Data if it is on or not.
ASKER
I am getting frustrated. Can someone just answer these 2 simeple questions:
1. How do I set up another profile for the laptop wireless network card. One for home and one away. One will have Wep on it?
2. If I disable WEP will it keep the WEP key and not wipe out the field. And when I enable it will it still keep the key nd not zreo it out?
I have asked this about 3 times but perhaps I was not clear enough. I was receiving too much theory on the potential of people breaking in. I am simply trying to answer a question a neighbor has. You have educated me quite a bit and I thank you all. I will not use a Mac address. She wants sime simple security, wants WEP and that be that. So the 2 questions above will help me if someone can answer them and provide me with details on #1. #2 is a YES or NO.
Now that person will be awarded the points.
Thank you. Sorry, I do not feel well, got a headache, etc...
Appreciate it. No offense.
Peter
1. How do I set up another profile for the laptop wireless network card. One for home and one away. One will have Wep on it?
2. If I disable WEP will it keep the WEP key and not wipe out the field. And when I enable it will it still keep the key nd not zreo it out?
I have asked this about 3 times but perhaps I was not clear enough. I was receiving too much theory on the potential of people breaking in. I am simply trying to answer a question a neighbor has. You have educated me quite a bit and I thank you all. I will not use a Mac address. She wants sime simple security, wants WEP and that be that. So the 2 questions above will help me if someone can answer them and provide me with details on #1. #2 is a YES or NO.
Now that person will be awarded the points.
Thank you. Sorry, I do not feel well, got a headache, etc...
Appreciate it. No offense.
Peter
ASKER
Sorry for being cranky. You get that way after 26 years in IT, laid off for the 3rd time, no job in 16 months, 2 degrees, 800 resumes sent out, 100 recruiters, put ad in newspaper with my qualifications and little hope these days except a little consulting here and there.
Peter
Peter
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Peter
Re: WEP key disabling:
Again, it depends on the card and driver. Most cards I've worked with will keep the WEP key in the field and not delete it when disabling/enabling WEP itself. Some have. Windows XP doesn't delete it, when it's handling the network configurations itself.
Re: Step by step:
I don't have a wireless right in front of me to reference, but if memory serves:
* Bring your laptop within range of a wireless network with your wireless card enabled
* In the lower right a balloon will appear notifying you of a new network available
* Click the balloon or the icon it's associated with to join that network
* If there's a WEP key enabled on the network, Windows will ask you to input the key before connecting you to the network
* Windows will save the configuration (by SSID) for future use when you come within range of that network again. Each network configuration will be saved separately, including associated WEP keys. Returns to a particular network should be automatic (and you can set WinXP to auto-connect if it isn't configured that way by default - network properties of the wireless card, wireless tab)
Hope this is clear enough to help. I may have missed a step or two, and of course, it might run through slightly differently on your machine, depending on which software is running the wireless card.
Good luck!
MM
Re: WEP key disabling:
Again, it depends on the card and driver. Most cards I've worked with will keep the WEP key in the field and not delete it when disabling/enabling WEP itself. Some have. Windows XP doesn't delete it, when it's handling the network configurations itself.
Re: Step by step:
I don't have a wireless right in front of me to reference, but if memory serves:
* Bring your laptop within range of a wireless network with your wireless card enabled
* In the lower right a balloon will appear notifying you of a new network available
* Click the balloon or the icon it's associated with to join that network
* If there's a WEP key enabled on the network, Windows will ask you to input the key before connecting you to the network
* Windows will save the configuration (by SSID) for future use when you come within range of that network again. Each network configuration will be saved separately, including associated WEP keys. Returns to a particular network should be automatic (and you can set WinXP to auto-connect if it isn't configured that way by default - network properties of the wireless card, wireless tab)
Hope this is clear enough to help. I may have missed a step or two, and of course, it might run through slightly differently on your machine, depending on which software is running the wireless card.
Good luck!
MM
ASKER
Thanks. I wish I had enough cash to get a wireless device and laptop to play with. But not at this time. And of course some cards and devices may differ somewhat.
I appreciate it.
Thanks all again.
Peter
I appreciate it.
Thanks all again.
Peter
The easiest way to setup additional "profiles" for roaming access using wi-fi is to "add a new connection" via the network connections page and when doing so, designate the wireless card as the hardaware and set the settings how you like (i.e. choose available networks and prioritize them).
You can have numerous "connections" listed on the connections page, all for a different setup (for example one connection for starbucks, a different connection for home). Each can use the same device, but arent active at the same time Keep the connection not in use set as disabled (right click, disable connection) and enable it when you get to an area whre that network is available.
Also, as far as the mac or WEP. MAC is always better. Its a cut and dry method of telling your router "I only accept connections from thse MAC addresses" aka devices or computers. WEP is a pain and i can crack a WEP 128 bit in 35 minutes tops.
Enable the routehr to use MAC filtering and then add the MAC addresses one by one.
You can have numerous "connections" listed on the connections page, all for a different setup (for example one connection for starbucks, a different connection for home). Each can use the same device, but arent active at the same time Keep the connection not in use set as disabled (right click, disable connection) and enable it when you get to an area whre that network is available.
Also, as far as the mac or WEP. MAC is always better. Its a cut and dry method of telling your router "I only accept connections from thse MAC addresses" aka devices or computers. WEP is a pain and i can crack a WEP 128 bit in 35 minutes tops.
Enable the routehr to use MAC filtering and then add the MAC addresses one by one.
The problem with WEP is it is still not hat secure, there are many programs out there that can be used to brute force 128bit encryption keys. My friend actually managed to to it to my network so I decided to changed to Mac Address identification. Each network card/Nic should have a unique Mac Address and under your router settings you should be able to list those out in a way that it rejects all connections bar the ones that exibit certain mac addresses. It is also a must to enter the Mac of the wired comp, because the access point and routers are not seperate units and so will no diferentiate from connections.
There is a way to set up multilpe profiles but I personally don't like it. But I can tell you if need be!
If you are convinced on using WEP you can just delete the KEY you use when in a cafe and retype it when you get home... however this could prove to be a hassle.
To find Mac Addresses simply open device manager and hit properties on the wireless NIC and the network card of the wired laptop. Should be easy from there.
Remember that security over the wireless connection at the cafe is not your problem and so there is not need to worry about it. If you are sending personal information like credit cards etc.. there is a risk of doing it over wireless for interception however the encryption of https is not more/less secure than over a hardwire.
Hope that all makes sense to you!
Cheers
Mike C
New Zealand