Just Set Up Wireless Network

[bob4432]

- changed password from to default to one that is alpha/numeric, 10 characters long
- changed the SSID from default
- disabled SSID broadcast
- using WPA2 personal(whatever the personal means?)
- TKIP/AES algorithms
- shared key again alpha/numeric and 10 characters long (not the same as the router login)
- enabled MAC address filtering to only allow my machines b/g cards MAC address

any other items i should look for?

i am using a linksys wrt54g v2.2 with the newest linksys firmware. i may have to go to a hacked firmware because i am out of port to foward for different items i need (http server, ftp server, teamspeak server, bf2 server, bt, emule, etc) but i am at the limit now, so i will wait a bit to make sure this is stable.

 

[isdex1]

You covered more than 99.9% of what all other people do. With WPA, you are pretty safe. I would recommend the hacked firmware for WRT54G. It's extremely stable, even with torrent.

 

[JackMDS]

May be this can Help.

Link to: Wireless Security.

Wireless Segregation: - http://www.ezlan.net/shield.html

:sun:

 

[orion23]

I don't think there is anything else that you could possibly add to your security!

I mean, you did it all!

 

[bob4432]

Originally posted by: isdex1
You covered more than 99.9% of what all other people do. With WPA, you are pretty safe. I would recommend the hacked firmware for WRT54G. It's extremely stable, even with torrent.

thanks for all the responses, which hacked firmware would you recommend?

is there any problem with having the SSID being broadcasted? when friends come over they are having problems finding it...

 

[JackMDS]

If you use WPA and takes some who know what he is doing few days to get in, it would take him 30 sec. to by pass you SSID Off thing.

http://www.ezlan.net/faq#ssid

:sun:

 

[bob4432]

Originally posted by: JackMDS
If you use WPA and takes some who know what he is doing few days to get in, it would take him 30 sec. to by pass you SSID Off thing.

http://www.ezlan.net/faq#ssid

:sun:

thanks, i guess i will leave ssid on and not worry about it but have wpa on. what is the difference between wpa2personal and enterprise?

 

[JackMDS]

The Personal version uses only a pre-shared key (PSK) password, which you put into your Client Card and Wireless Router/ Access Point.

The corporate, needs the use of Extensible Authentication Protocol (EAP) with a RADIUS server.

:sun:

 

[bob4432]

Originally posted by: JackMDS
The Personal version uses only a pre-shared key (PSK) password, which you put into your Client Card and Wireless Router/ Access Point.

The corporate, needs the use of Extensible Authentication Protocol (EAP) with a RADIUS server.

:sun:

thanks

 

[orion23]

Your friends also have problems finding it because you have MAC filtering enabled.

You really cannot have all those options enabled if you are going to have others connect on and off on a regular basis.

WPA 2 is the strongest security method out there, and not everything will support it. If you use regular WPA which is still pretty good, more people can join your network.

The SSID is needed so that they recognize your network. And the MAC filtering will lock them out until you add their MAC addresses to your trusted list.

 

[bob4432]

Originally posted by: orion23
Your friends also have problems finding it because you have MAC filtering enabled.

You really cannot have all those options enabled if you are going to have others connect on and off on a regular basis.

WPA 2 is the strongest security method out there, and not everything will support it. If you use regular WPA which is still pretty good, more people can join your network.

The SSID is needed so that they recognize your network. And the MAC filtering will lock them out until you add their MAC addresses to your trusted list.

thanks for the info, i will verify their compatiablility and add them to the MAC filter list.

 

[nealh]

if you use wpa..how important is MAC address filtering?

 

[bob4432]

Originally posted by: nealh
if you use wpa..how important is MAC address filtering?

if i read correctly, the wpa protects or encrypts the data between the laptop and router, but the mac address filter will only let the mac addresses that you allow or put into the filter area to connect to the router, so they are both important but in different ways.

please correct me if i am wrong.

 

[nealh]

thanks for the feedback and info

I have had a wirelss network for last 2yrs but live in a gated community so I really had no fear of my neighbors and there routers accessing my setup..they know little about this stuff and signal strength was so poor...

but when getting FIOS I needed to really play with my network to get my netgear to act as an wireless AP for the hardwired DI604

Well I decided to use WPA-PSK(was worried this would real screw with my X50v and laptop setup...guess no issues picked a key and boom)..then I was concerned on the MAC addresses..so today after seeing this I set my Netgear which as the wireless acess to turn on wirelss card access with MAC address and boom....smooth as silk

Only thing I reall need to do I guess is change the password to access the routers..but really see no need because my wife and son do not even know you can do this and in theory using WPA-PSK and MAC address filtering..only my laptop and X50v can access the wireless network....my hardwired computers as I said are no issue

Am I wrong???

 

[orion23]

It is very important that you change the defaut password on your router.

If someone gains access to any of your PC's (wired) they'll be able to login to your router and change any of your security settings.

You have to change it from its default password. I really don't understand why you would be able to enable WPA, then enable MAC filtering, but not even consider changing the log-in password!

 

[nealh]

well I agree it seems stupid..but the only people in my home are my 8yr old son, my wife and me....

but I agree I will change my passwords