Solved

Need Advice About Spliting a Home Network - Part WEP, Part WPA

Posted on 2007-11-29
5
602 Views
Last Modified: 2008-02-01
Dear Experts:

First, let me say that I am not very experienced with networking so please forgive me if I misuse terms.  I set my home network up a couple years ago, without much trouble, and have modified it a few times since then, but that's about all the experience I have.

Currently my home network setup consists of Cox 7 Mbps cable, Motorola SB5101 SURFboard modem, Linksys WRT54G wireless router, one CAT5-connected desktop running WinXP SP2, one CAT5-connected printer, two wireless laptops running WinXP SP2, and one TiVo Series 2 connected wirelessly using a Linksys WUSB11 adaptor.  Currently I am using WEP for the wireless connections because that's all the TiVo supports.  I have ZoneAlarm Pro on the desktop, and Norton Internet Security on the desktop and laptops.

What I've wanted to do for quite a while is "split" the network into a WEP side for the TiVo and a WPA side for the laptops.  Recently I was given a Linksys WAP54G access point and a BEFSR41 router so I think I might now have the necessary hardware, but not enough knowledge about how to set things up.

My questions:
1.  I know that using WPA on the laptops will help prevent eavesdroppers from decrypting transmissions to and from the laptops.  Will it do anything else for me?
2.  Can WPA in any way prevent someone from "getting into" my laptops or desktop?
3.  Is subnets the way to go, or is there another way?
4.  I currently use TiVo Desktop software on my desktop and one laptop.  If I split the network will I lose the ability for TiVo to communicate with the Desktop software?  (I use ZoneAlarm Pro on my desktop and it was hard enough to get TiVo Desktop to talk to the TiVo through ZoneAlarm.)
5.  Anything else I haven't thought of?

Please let me know if there's any other information needed to provide an answer.

Thank you for your help!

Bugwriter
0
Comment
Question by:bugwriter
  • 3
  • 2
5 Comments
 
LVL 27

Accepted Solution

by:
pseudocyber earned 125 total points
ID: 20379265
1.  I know that using WPA on the laptops will help prevent eavesdroppers from decrypting transmissions to and from the laptops.  Will it do anything else for me?

Wep can easily be cracked by anyone interested enough in learning how and downloading a couple of programs off the Internet.  If you're really interested in encrypting your wireless traffic, then use WPA.  That being said, the main advantage of using both is to keep "casual" people from borrowing your Internet connection.  I will go to a friends house with my laptop, and they don't have wireless, but I'll fire up my client, scan for an open network, and connect to it and use the Internet connection - it's pretty common.  I don't care about breaking into their computer, or seeing their traffic, I just want to use the connection.  Of course, there could be more malicious users - downloading copyrighted material, downloading porn, child porn, etc.  You wouldn't want to expose yourself and there might be some legal case to be made that if you know how to prevent it from happening and you don't do anything - depends where you live.

2.  Can WPA in any way prevent someone from "getting into" my laptops or desktop?

There is no absolutely foolproof security - there are only degrees of difficulty.  WPA would make it harder to "hack" your wireless network - certainly more so than WEP.

3.  Is subnets the way to go, or is there another way?

You can, but you don't have to.  You can connect the 2nd router with a crossover cable into the switched port - so you in effect turn it into a Wireless Bridge or an AP - turn off DHCP on it.  So, it'll just be a way to make a "physical" connection - your WPA devices will associate to it, auth to it, and get a connection.  Then they will be passed a dhcp address and info from the first router.

4.  I currently use TiVo Desktop software on my desktop and one laptop.  If I split the network will I lose the ability for TiVo to communicate with the Desktop software?  (I use ZoneAlarm Pro on my desktop and it was hard enough to get TiVo Desktop to talk to the TiVo through ZoneAlarm.)

It might.  It depends on the protocols the TiVo uses to communicate.  I don't know, so I can't say.  It's much easier not to route (split your network) and bridge instead, so then there aren't any problems.

5.  Anything else I haven't thought of?

No, I think you have it.  I like WPA - works well on my Netgear router - 11g.

Hope this helps.
0
 

Author Comment

by:bugwriter
ID: 20385835
pseudocyber,

Thank you very much for your answer.  I understand most of what you said but I'm not sure I understand the layout you're proposing in number 3.  

When you talk about my "2nd router", I assume you're talking about the new one that I was just given.  That one is just a wired router, not AP.  However, I was also given a separate AP, so if I plug that into the wired router are the two of them together the same as my wireless router?

You mentioned the "switched port" on the 2nd router.  Is that the one marked "Uplink"?

What I think you're saying is this:
cable ----> modem ----> wireless router (WRT54G) ----> wired router (BEFSR41) ----> AP
Desktop computer hardwired to port on wireless router, and WEP turned on for the TiVo.
AP using WPA for the wireless laptops.

Is this correct?  Is the 2nd router necessary or can the AP connect directly to the wireless router, and have the wireless router using WEP and the AP using WPA?

Thanks again for your help!

Bugwriter
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 20386142
AP connect directly to the wireless router, and have the wireless router using WEP and the AP using WPA?  

Yes.  You don't need the 2nd router - I thought it was a Wireless router/switch.
0
 

Author Comment

by:bugwriter
ID: 20386284
Thanks!

I'll try to implement that on Sunday evening and let you know how it goes.

Bugwriter
0
 

Author Comment

by:bugwriter
ID: 20431188
I got things up and running.  I didn't do it exactly the way you suggested, but pretty close, and it's all working fine.

Thanks for your help.

Bugwriter
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
This video discusses moving either the default database or any database to a new volume.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now