Need Wireless Security Help

I just got a Linksys 54G Wireless Router (WRT54G). I set it up and have a wired desktop and wireless laptop connected. Everything is working fine, but I am unsure and uneducated about wireless security

I want to make sure that my neighbors and hackers cannot access my wireless connection.
I assume I need to set a password. If I set a password, does that mean that I need to type it in when accessing the internet (wired or wireless)?

When I go to configure my router, these are my security options:
WPA Pre Shared Key
WPA Radius
Radius
WEP

Which one of these options do I use?
Are there any other security measures I need to take?
Is there a built in firewall? Tell me about it...
Do I still need a software firewall?

I do not know much at all about wireless internet and its security features.
Any thing else you can tell me is also appreciated.

Thanks in advance!

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

You want to enable WEP, that will keep the curious out. When you connect, you'll enter the password once and the computer will store it so you don't have to re-enter every time. There are various levels of WEP, you can do whatever you like, more complex settings simply require a longer password, which is harder to hack.

As for firewall, I don't use one, maybe I should...Zonealarm offers one for free for your computers.

Editor in Chief http://www.bargainPDA.com and http://www.SPOTstop.com

 

Thanks.

When I enable WEP it asks for the following:

Default transmit key (1, 2, 3, or 4)
WEP Encryption (64 bits 10 hex digits OR 128 bits 26 hex digits
Passphrase (fill in the blank line, followed by "Generate" button
Key 1 (fill in the blank line)
Key 2 (fill in the blank line)
Key 3 (fill in the blank line)
Key 4 (fill in the blank line)

Can someone please explain these options to me?

Is there anything else I need to know?

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

Hi Run1track,
If the card in your notebook supports WPA, then use it not WEP. WEP is pretty weak with lots of holes, that why WPA was developed. I would be using it, but although my notebook wireless card supports it my router does not. Then for WPA select the shared key option.
At some point of the setup you will need to enter a passhrase like you mentioned in your 2nd post, just enter a password you can remember and it will generate a number from it, sometimes up to 4 keys will be made. On the notebook end you will need to enter the same passphrase or number made by the passphrase and use the same key #1-4 for both. You can also set it up to only use authorized MAC addresses, here you will enter all the MAC addresses of your network devices into the router. The MAC address is on the network card or on a sticker on the back of the notebook. You can also get it buy looking at the properties thru the OS. Here is a link on the subject which will help.
http://arstechnica.com/paedia/w/wireless-security-howto/home-802.11b-1.html

thanks again for the gmail account[ ]

Jack

The color of justice in america is green.
http://pbase.com/joneill

 

I did the MAC filtering thing.

As for the WPA shared key thing, it asks for the following:

WPS algorithms (TKIP OR AES)
WPA Shared Key (Fill in the blank)
Group Key Renewal (#### seconds)

Can someone explain these settings to me.

Thanks. Anything else?

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

Thanks.

What about:

WPS algorithms (TKIP OR AES)
Group Key Renewal (#### seconds)

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

For the algorithm, I would just pick one that both the router and notebook support and afterwards when you have time do a search on google to learn more about them. The other setting key renewal sounds like an option I read about where a new key is generated every so often( like changing the password every 10 minutes); like the others make sure it is supported by both before enabling and setting it. If you read the link I gave you you will see you can keep most people out by just setting a couple simple security options. This is because 2/3 or more wireless networks are not secured at all, so if someone wants intenet access they will go with the unsecure ones as no effort is required at all. On the other hand if someone really wants in your wireless network and they want to put some effort into it, they will get in it's not that hard to do.

Jack

The color of justice in america is green.
http://pbase.com/joneill

 

The Shared Key option is just the phrase you entered in your router, you would enter the same into your wireless NIC and it should connect.

-Vb-

 

When I disabled DHCP, the laptop could not access the internet. It said it was connected to the network, but the internet did not work. The wired PC still worked. After reenabling DHCP, the laptop was again able to access the internet. Any ideas?

I read somewhere that WEP/WPA slows down your network performance. True?

Is there a way to see if my wireless network is secure? Run a test, etc?

Anything else?

Thanks again!

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

I have WEP turned on. Could not get WPA to work.
Still have to have DHCP enabled. Anyway to get around this?

Thanks.

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************

 

1. Most current routers that have WPA support will work with the TKIP algorithm. Just enable this option in both your router and network card (if you don't have this in your notebook, you probably need to update your XP to support WPA).

2. If you disable DHCP on your router, you MUST setup the wireless network card on your notebook with an IP address, gateway, etc... in network properties before it will work. Best thing to do is to enable DHCP and limit the number of IP address to the number of systems you will have connected at one time.

3. Yes, WEP/WPA encryption or encryption of any kind will slow down the performance. I believe it needs to send out additional data per packet when encryption is on, therefore decreasing the amount of data per packet.

4. I don't think there's really a way to test if your network is secure other than getting someone to try to hack into your network.

IMO, the things you can do to make your wireless network a bit more secure is to do the following:

1. Disable SSID Broadcasting, some may say that doing this doesn't help, but I say why advertise that you have a wireless network with neon signs. If the hackers want to get in, they're gonna, but don't tell everyone that's not a hacker that you have a wireless network

2. Enable MAC Filtering, therefore decreasing the chance that someone can connect to your system with a different MAC address, generally applies to the general public, not hackers

3. Enable Encryption WEP/WPA or AES, this helps by making sure the data you send over the air is scrambled, the better the encryption the less possibilities it will be cracked, currently AES I believe is the best type of wireless encryption out, but not a lot of hardware supports it

4. Use difficult keys, don't use short keys or simple keys (eg. ABC, 123, etc...). With 128Bit WEP, it supports upto I believe 26 characters, make sure you use all 26

5. Change your encryption key regularly, by doing so will make it more difficult for a hacker to hack into your system. In the event they do get in, if you key is changed, they will have to crack the encryption again

With these general points, it should help make your wireless network more secure. I can't guarantee that it'll be bulletproof, but the items I mentioned will help.

-Vb-

 

Thanks a lot VB.

I have 128bit WEP turned on.
I will try to get WPA to work.
I have done everything else.
I do not know if I will get around to changing the encryption too often however.

Thanks again and let me know if you think of anything else.

***************************************************
Fujitsu S6210: 1.6Ghz PM ~ 768MB RAM ~ 60GB 7200RPM Hard Drive
***************************************************