Solved

Novice needs help securing wireless network.

Posted on 2007-04-02
16
298 Views
Last Modified: 2013-11-09
I need to ask a wireless network question.  I have noticed that even when I am not online there have been huge amounts of data uploaded and downloaded via my ISP.  I believe that my wireless network maybe being used as it has no security configured.  Now I am a novice with such intricasies and would like some help in securing my default connection.
My setup is as follows - my ADSL router has 4 ports (Netcomm NB1300 plus 4) - one port is directly connected to my desktop computer (Ethernet connection).  A second port has my wireless access point plugged in (DLink DWL-2000AP+).  My laptop, which is the only computer on the wireless network has an adapter card (DLink DWL-G630).

If any expert can suggest a way in simple terms how to secure this setup from outside access I would be very appreciative or if you could suggest a better way to setup my network using the previously described equipment I would also be very grateful.
0
Comment
Question by:farniente
  • 5
  • 5
  • 3
16 Comments
 
LVL 54

Accepted Solution

by:
b0lsc0tt earned 125 total points
Comment Utility
I haven't looked up that specific model but almost all current wireless access points or routers support these features.  The names just may be a little different.

1.  Change the default SSID.  Make it unique.  At the same time turn off SSID broadcast so the access point will not "show" it is there.

2.  Implement wireless encryption.  The level you can use will depend on what the router and your laptop's wireless card will support.  At the very least you should be able to use WEP.  If both support WPA then that is even more secure and also easier to set up.

3.  Look for an option to enable MAC filtering.  This will allow you to specify a list of MAC addresses the access point can allow.  Make sure you choose the correct setting which will be something like "allow only" and that you have entered your laptop's MAC address (e.g. 00:AC:0F:12:98:00) in the list before you enable it.  You can often get the address at the bottom of the computer or by typing the command "ipconfig /all" (no quotes) at a DOS prompt.  That command will call the address a physical address.  It is a number associated with your network card and the "number" is hex decimal (A-F and 0-9).

Let me know if you have questions or need specifics on any step.  These simple, quick steps will make a very big difference in securing your AP.

bol
0
 
LVL 39

Expert Comment

by:PUNKY
Comment Utility
0
 

Author Comment

by:farniente
Comment Utility
People I thank you for your answers, but as I stated in my original question I am a NOVICE.  I have no idea where to access settings for routers and access points.
Please be "gentle" with me.
0
 
LVL 39

Assisted Solution

by:PUNKY
PUNKY earned 125 total points
Comment Utility
Use your desktop computer, and type 192.168.1.1 in address bar, it shoud bring up Setup or Configuration page of your network. There, select function and setup your wireless network based on comments listed below (or from Experts comment above):

1. Change the administrator password. All routers ship with default passwords for the management account, and these are common knowledge on the Internet. Your first step should always be to change the admin password to something unique.
2. Turn on encryption. No wireless encryption method is perfect, but some is better than none. Without encryption, anyone in the neighborhood can hop on your network, and you probably don't want that. If all the devices you own support WPA, use it (WPA-PSK is the type you want, if that's an option). Otherwise, use 128-bit WEP.
3. Change the name of your network. Many people never change the generic network names like "belkin" and "linksys," and not only will you have trouble identifying which network is yours, you're also telling the world your network may be in a default state and vulnerable to hacking.
4. Now we're getting into more advanced stuff. These are changes that only the security-paranoid need to consider. More casual users can stick with just those above.
5. Turn off SSID broadcasting. When you scan for networks in Windows, you get a nice list of networks because they are all broadcasting their SSID, a network ID code. If you don't want your network to show up in this list, turn off SSID broadcasting. The downside: You'll have to type in the network name manually when you first connect to it.
6. Turn on MAC filtering. A MAC is a unique code that every piece of network hardware has. You can set your router to only accept connections from devices with MACs that you allow. Just input the MAC address for your various PCs and other devices, and anything not on the guest list will be escorted to the door. Note that if you're not comfortable with hexadecimal and the inner workings of networking, this tip may be more trouble for you than it's worth.

0
 

Author Comment

by:farniente
Comment Utility
When trying to access the router I get a message like when explorer can't find a webpage.  Also this is securing the router how do I secure my wireless access point ??
0
 
LVL 39

Expert Comment

by:PUNKY
Comment Utility
Use manual of router see how to open the router setup page. The 192.168.1.1 is default of many routers out there, but it might not yours. Try that.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 54

Expert Comment

by:b0lsc0tt
Comment Utility
You can find the router's IP by doing the following on your computer:

1.  Click the Start button and choose Run.
2.  Type "cmd" (no quotes) and press OK.
3.  A command/DOS prompt should appear.  Does it?
4.  If so, type "ipconfig /all" (no quotes).
5.  Find the setting for Gateway.  That is the router's IP.

Let me know if you have a question or problem with a step.

bol

0
 

Author Comment

by:farniente
Comment Utility
OK guys I can access the router, but there isn't anything to do with the wireless network in there.  The access point is actually using one of the ports on the router.  One of the three remaining ports on the router is connected into the ethernet port on the desktop computer, while the laptop is sharing the internet connection with the desktop via the router.
What I would like to do is have security for the laptop as when displaying "View wireless networks in range" I see another locked networ anf my access speed on the internet slows - so I believe where ever the other network is it is sharing my connection.
What details do I need to give you to assist me ??
0
 
LVL 39

Expert Comment

by:PUNKY
Comment Utility
That is exactly what B0lsc0tt and myself try to explain to you. You must log in on the router page (192.168.1.1 or whatever in manual say to get in router setup page), there you will see all settings for wireless (SSID, security, DHCP, etc.). One you setup the router for network security, you access internat from you laptop thru router using usename and phrase-key created from setup above. Your wireless network is safe from there.

You dont care about messages appeared on your laptop, because laptop access thru router and router is setup security. If someone who able access your laptop, then nothing else you can do because they must be real hackers ... but real hacker will not wasting their time to hack your system or network though.
0
 
LVL 54

Expert Comment

by:b0lsc0tt
Comment Utility
>> OK guys I can access the router, but there isn't anything to do with the wireless network in there.  The access point is actually using one of the ports on the router. <<

Sorry for overlooking the fact the wireless device was just an AP (access point) not the router.  The advise to run ipconfig and use gateway will not work since the AP is not assigning the IP and the gateway.

The default IP DLink uses is probably 192.168.0.50.  However what is your computer's IP (one that is connected to the router with an ethernet cable).  You can try to type the default IP I listed above in your browser to see if you can access the AP.  However depending on your "network" configuration (i.e. the IPs the router assigns) you may have needed to change the AP's IP.

Let me know the results of trying the default IP and the computer's IP.  Also, look in the instructions for the AP to see about info on doing a "hard reset" to the AP.  If we can't figure out the IP then we may need to do that to get it back to the default.

Let me know if you have a question or need more info.

bol
0
 
LVL 54

Expert Comment

by:b0lsc0tt
Comment Utility
@Rindi -  I suggest a split between b0lsc0tt (myself){http:Q_22487930.html#a18840137} and
PUNKY {http:Q_22487930.html#a18855392}.  Even though the Asker still was working to implement what we suggested those 2 comments answer the main question.  My last comment might also be included since it was probably what he needed to modify the Access Point's settings but a 50-50 split is best.  I wouldn't mind if the Asker responded so we could help him/her complete this but if this has to be cleaned up then I suggest PAQ/split.  I hope this helps.  Let me know if anyone has a questions about this.  Thanks for your time cleaning up and keeping this site working great.

bol

0
 
LVL 39

Expert Comment

by:PUNKY
Comment Utility
Thank You B0lsc0tt :)

Note: it is little hard to type your nickname, do you know that?
0
 
LVL 54

Expert Comment

by:b0lsc0tt
Comment Utility
@Punky - Your welcome!  Do you mean my member name?  Yes, I know.  I very seldom type it, even as a signature. :)  I use bol instead (o for number 0) and you are welcome to do the same.  I don't know that you will remember that but I hope so.  Anyways I am sorry for aggravating the "repetitive strain injury". ;-)

bol
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now