?
Solved

Easy Belkin Wireless Router Question and use of Sony Vaio laptop...Wep versus MAC address.

Posted on 2004-11-16
15
Medium Priority
?
4,518 Views
Last Modified: 2013-11-13
I am trying to help a friend who has a new B/G Belkin Wireless Router (not sure if it is speedbooster model).
She hooked her cable modem into the Router and the Router hardwired via Ethernet to her Dell desktop PC. All is fine there of course.

She has a new Sony laptop with built-in wireless capabilities. Win XP-one user account.
She has that working fine as well at home.

She took it to a coffee shop (Starbucks) and it worked fine there as well.

**She wants a little more security on her wireless connection.
I am a newbie on this. If I put in a 10 position WEP key like 12345FFFFF (example only) on the Belkin router and on her built-in wireless unit in the Sony--things would work well ONLY in her house. I think it would not work at a wireless cafe'.

A. Someone told me I could set up two profiles but do not know how to do this. Need step by step instructions. Or perhaps just show her how to disable the key in her laptop only when she is outside her house in a cafe. Do not know which is better or easier???????

--OR--

B. Same person said I could avoid the WEP key and set up a MAC address so that her wireless router (for wireless purposes) will only recognize the Sony laptop. Not sure how to get IP address of wireless Sony and enter it in and if I need to hardwire the laptop for a portion of this or perhaps use the desktop (already hardwired) to enter the MAC into the router.
Also we need to make sure the hardwired Dell desktop is not affected at all and always is connected to the Internet. It is attached to the router via Ethernet.


Thanks so much.
Learning.........

Peter

'
0
Comment
Question by:pacumming
  • 7
  • 3
  • 2
  • +3
15 Comments
 

Expert Comment

by:werdafucami
ID: 12600138
I agree, B is definatly your best option.
The problem with WEP is it is still not hat secure, there are many programs out there that can be used to brute force 128bit encryption keys. My friend actually managed to to it to my network so I decided to changed to Mac Address identification. Each network card/Nic should have a unique Mac Address and under your router settings you should be able to list those out in a way that it rejects all connections bar the ones that exibit certain mac addresses. It is also a must to enter the Mac of the wired comp, because the access point and routers are not seperate units and so will no diferentiate from connections.

There is a way to set up multilpe profiles but I personally don't like it. But I can tell you if need be!

If you are convinced on using WEP you can just delete the KEY you use when in a cafe and retype it when you get home... however this could prove to be a hassle.

To find Mac Addresses simply open device manager and hit properties on the wireless NIC and the network card of the wired laptop. Should be easy from there.

Remember that security over the wireless connection at the cafe is not your problem and so there is not need to worry about it. If you are sending personal information like credit cards etc.. there is a risk of doing it over wireless for interception however the encryption of https is not more/less secure than over a hardwire.

Hope that all makes sense to you!

Cheers

Mike C
New Zealand
0
 
LVL 1

Expert Comment

by:Ferg_y2k
ID: 12600156
Hi peter

By setting a WEP key you will secure your network, some wireless routers allow you to setup say 4 diffrent WEP keys which allows you to easily change between them, this is for security. If someone is in range of your wireless and can capture 2GB+ of data they can find your WEP key.
So by changing your key from time to time will stop them.

As for locking an IP to the MAC address this is not needed and wont secure your network any more.

So basicly change your WEP key every few months, when you do this on your router the sony laptop will ask you to reenter the key before it will connect.

None of the wireless changes will have any affects on pc's connected via Ethernet.

Dave


The following link gives your detials on how to setup the WEP key and IP to MAC locking if you wanted to:
http://www.virtual-hideout.net/reviews/belkin_wireless_bb_router/index2.shtml
0
 

Author Comment

by:pacumming
ID: 12600296
Thanks Dave and Mike. Seems to be a differing of opinion between you both which is okay and good for discussion.

***WEP: Would it be better if we enabled WEP on the router and the Sony  built-in laptop wireless component?---then when she goes to a cafe (which she will from time to time for meetings), that she disable WEP......

Would that solve the problem easily or does she actually need to put zeroes (ten zeroes I guess) in the WEP key field?

MAC LOCKDOWN: So are you saying the wireless router needs a MAC address entry from the wired desktop PC? How does one find the MAC address? I will read the article per your link. I tried to find one on my machine (no router and no wireless).

On MY standalone Ethernet connected Win 2k machine (cable modem), if I do an IPCONFIG /ALL, this is what I get below (slightly altered for security). I see nothing that says MAC address. Now I do not have a router in between, just a cable modem.

Windows 2000 IP Configuration
Ethernet adapter Local Area Connection:


C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

       Host Name . . . . . . . . . . . . : xxxxxxxxxxxxxxxx
       Primary DNS Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Broadcast
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : xxxxx.rr.com

Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : xxxxxx.rr.com
       Description . . . . . . . . . . . : HP NC3121 Fast Ethernet NIC
       Physical Address. . . . . . . . . : 00-0F-D2-3E-9F-DF
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IP Address. . . . . . . . . . . . : 24.92.64.157
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 21.91.83.0
       DHCP Server . . . . . . . . . . . : 22.24.5.128
       DNS Servers . . . . . . . . . . . : 24.91.63.68
                                                  24.91.67.65
                                                  24.91.64.64
       NetBIOS over Tcpip. . . . . . . . : Disabled
       Lease Obtained. . . . . . . . . . : Tuesday, November 16, 2004 8:31:
       Lease Expires . . . . . . . . . . :  PM

___________________________
******Sub note: To share a printer with Wireless, I guess I have to enable Shared printer on desktop DELL and enable NetBIOS over TCPIP there as well. Then I have to find the printer on the network. Correct? I could pose this as another question if I need to.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 88

Expert Comment

by:rindi
ID: 12600393
By setting the MAC address can only prevent others from connecting directly to your network. When you are online People can listen to the communication travelling between your PC and the AP and so they can easily get your data, as it is sent unencrypted that way. With WEP you encrypt that data and someone listening in will just get a useless jumble of bits and bytes. For him to be able to decrypt that jumble he will need the key you used to encrypt with. If that encryption is low, he should be able to easily crack it by running a program trying all possible combinations.

If you aren't having a network and are only using the wireless to connect to the internet this isn't as important, as when you are sending sensitive information you are usually in an encrypted mode, like when using wep. You still have to be carefull on the side of the PC, though. Disable file and printer sharing on a windows PC fot all those Network adapters connecting to the internet. Us a safe password for logging on to your system. Particularly be carefull about your administrators account.
0
 

Author Comment

by:pacumming
ID: 12600419
Thanks but that does not answer if it is best to use WEP at home. Then when she is out with the laptop at a cafe or restaurant--can she disable it to get connectivity without losing the WEP key?


Also no one ever mentioned how to get the MAC address of a machine including my own per the above. Do I run a Ipconfig /all and then issue an ARP -a which listed two lines with a range of IP and the same "Physical address"-is that the MAC address?

Thanks, Peter
0
 

Author Comment

by:pacumming
ID: 12600467
I assume the physical address is the MAC address. I figured that out.

Now I just need an answer to the next to the last paragraph in above section.......


Peter
0
 
LVL 1

Expert Comment

by:itgb
ID: 12600686
Peter,

Re: MAC address:
When you run "ipconfig /all" it should show you the MAC address of your network card - listed as "physical address."  It's a 12 digit hex number, usually separated into 6 pairs (eg: F0-91-C3-EF-4E-74).  You don't need arp -a, though that will show your your MAC address as well.

Re: Wireless printing:
It looks like you've described the process pretty completely.

Re: WEP vs MAC:
It really depends on how secure s/he wants their network.  If it's a really sensitive network, don't use wireless.  Whether you use a MAC address or a WEP key, it's breakable by a determined hacker in, at most, 4 hours.  These are security measures that keep out the neighborhood kids and casual data thieves looking for an easy target.  The MAC limitation is slightly easier to hack than the WEP key, so a moderately sensitive network might want to use both.  For someone who really just wants to limit access to their own network connection to their household and not share with the neighborhood, a WEP key is better IMHO if you have a lot of teenagers around (lots of time and possible interest in hacking).  

From the discussion and descriptions above, I'd say the MAC address limitation is probably a better solution here, because the laptop won't need to be modified frequently.  On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example,  one with and the other without security keys).  If that's the case, the WEP key won't impose much of a burden for the slight additional protection.

Good luck!

MM
0
 

Author Comment

by:pacumming
ID: 12600711
Thanks MM. So how would I create a separate profile or config based on your statement??
" On the other hand, most wireless cards I'm familiar with will allow you to have separated configurations for _each_ network you connect to (separate Starbucks and home networks, for example,  one with and the other without security keys).  If that's the case, the WEP key won't impose much of a burden for the slight additional protection."

I need a step by step here please. Sorry.


Also no one ever answered the question that if she were at Starbucks (just an example) and she entered the IP to get to her built in Sony laptop wireless router if she oculd disable WEP WITHOUT losing the key when she re-enables it........ I cannot test this as I do not have a wireless card currently. Sorry.


Thanks, Peter



0
 
LVL 88

Expert Comment

by:rindi
ID: 12600763
If you don't use any LAN functions (filesharing, printersharing between connected PCs) you don't need WEP. If you do it is essential to prefent "listeners" from acquiring data from your network traffic. Allowing unique MAC addresses to connect will only prevent outsiders from actually using your AP to connect to the internet. It won't add to the security of your Data if it is on or not.
0
 

Author Comment

by:pacumming
ID: 12600818
I am getting frustrated. Can someone just answer these 2 simeple questions:

1. How do I set up another profile for the laptop wireless network card. One for home and one away. One will have Wep on it?

2. If I disable WEP will it keep the WEP key and not wipe out the field. And when I enable it will it still keep the key nd not zreo it out?


I have asked this about 3 times but perhaps I was not clear enough. I was receiving too much theory on the potential of people breaking in. I am simply trying to answer a question a neighbor has. You have educated me quite a bit and I thank you all. I will not use a Mac address. She wants sime simple security, wants WEP and that be that. So the 2 questions above will help me if someone can answer them and provide me with details on #1. #2 is a YES or NO.


Now that person will be awarded the points.

Thank you. Sorry, I do not feel well, got a headache, etc...

Appreciate it. No offense.

Peter
0
 

Author Comment

by:pacumming
ID: 12600834
Sorry for being cranky. You get that way after 26 years in IT, laid off for the 3rd time, no job in 16 months, 2 degrees, 800 resumes sent out, 100 recruiters, put ad in newspaper with my qualifications and little hope these days except a little consulting here and there.

Peter
0
 
LVL 1

Accepted Solution

by:
itgb earned 2000 total points
ID: 12600847
Peter

Re: Multiple configs:
It depends on the card and it's driver software, but many allow you to configure them via the standard windows XP wireless interface.  When you arrive somewhere there is another wireless network running, a pop-up will appear by your system tray (where the clock is) notifying you that there is an available wireless network.  If you want to use it, you click the pop-up balloon (or the wireless card icon) and choose OK.  For each network, you'll have the option to configure a WEP key if one is enabled on the associated router/access-point.  On all the cards I've used, you don't loose the WEP key for one configuration when you move to or add another configuration (possible exception is if they both have the same name/SSID defined).  

Windows XP is actually pretty good about walking through this process with you, if you read the dialog boxes and have at least a little familiarity with configuring things (as you sound like you do).  If you have troubles with it when you start, post questions and we'll be here!

Re: Starbucks and changes:
I'm not sure I understand what you're asking.  Unless she uses a fixed ip address at home (I'd recommend dhcp, myself, for simplicity), she shouldn't need to do anything to the IP address to use the Starbucks wireless connection (unless they're really different than the local ones around here).  Could you lay out the scenario you're envisioning in more detail if the above hasn't addressed the question?  

Good luck!

MM
0
 
LVL 1

Expert Comment

by:itgb
ID: 12600930
Peter

Re: WEP key disabling:
Again, it depends on the card and driver.  Most cards I've worked with will keep the WEP key in the field and not delete it when disabling/enabling WEP itself.  Some have.  Windows XP doesn't delete it, when it's handling the network configurations itself.  

Re: Step by step:
I don't have a wireless right in front of me to reference, but if memory serves:
* Bring your laptop within range of a wireless network with your wireless card enabled
* In the lower right a balloon will appear notifying you of a new network available
* Click the balloon or the icon it's associated with to join that network
* If there's a WEP key enabled on the network, Windows will ask you to input the key before connecting you to the network
* Windows will save the configuration (by SSID) for future use when you come within range of that network again.  Each network configuration will be saved separately, including associated WEP keys.  Returns to a particular network should be automatic (and you can set WinXP to auto-connect if it isn't configured that way by default - network properties of the wireless card, wireless tab)

Hope this is clear enough to help.  I may have missed a step or two, and of course, it might run through slightly differently on your machine, depending on which software is running the wireless card.

Good luck!

MM
0
 

Author Comment

by:pacumming
ID: 12602034
Thanks. I wish I had enough cash to get a wireless device and laptop to play with. But not at this time. And of course some cards and devices may differ somewhat.
I appreciate it.

Thanks all again.
Peter
0
 

Expert Comment

by:detectivegreg
ID: 12729609
The easiest way to setup additional "profiles" for roaming access using wi-fi is to "add a new connection" via the network connections page and when doing so, designate the wireless card as the hardaware and set the settings how you like (i.e. choose available networks and prioritize them).

You can have numerous "connections" listed on the connections page, all for a different setup (for example one connection for starbucks, a different connection for home). Each can use the same device, but arent active at the same time Keep the connection not in use set as disabled (right click, disable connection) and enable it when you get to an area whre that network is available.

Also, as far as the mac or WEP. MAC is always better. Its a cut and dry method of telling your router "I only accept connections from thse MAC addresses" aka devices or computers. WEP is a pain and i can crack a WEP 128 bit in 35 minutes tops.

Enable the routehr to use MAC filtering and then add the MAC addresses one by one.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question