How to secure my wireless network?

Hello.

I have a D-Link DIR-635 wireless Router and my setup is very simple i.e. I have broadband and have a Ethernet cable going from the cable modem to the router. The router is NOT connected to any PC/Server.

I can access the router and use the internet. However, I get a message that my network is unsecured and this concerns me even though I have firewall software installed on my 2 PC's (both of which can access the network with the setup explained above).

How can I "secure" my network? Can someone please help and guide me.

Thanks.

 

Right now you are probably set up to broadcast your wireless signal unsecured to all your neighbors. I typically do 2 to 3 things to secure my wireless from being abused.

http://support.dlink.com/products/view.asp?productid=DIR-635

Check out the section in your manuel related to wireless security. I took a look online...its on page 60. Set up encryption. The manual will explain how to do this and the differences between the three levels of encryption available.

You can probably get away with doing just this step, but...

I also turn off my SSID broadcast. Basically this function tells wireless devices that "I'm Here!!". If you turn it off, no one should be able to easily see your wireless signal unless they already know the name you gave it. See page 25-26 in your manuel.

If you turn off SSID broadcast you will need to manually (once) enter the information into your computer so that it can find your wireless signal. Anyone else that wants to use your wireless will also have to do the same.

The last thing you can do is to enter your computer's MAC address in the router. If you use this, it will only allow your specific computer to use it and no others (unless you enter more MAC addresses). Page 35 in your manual explains this. I don't believe this will do anything to make your wireless more secure, but it will certainly stop anyone from hijacking your signal for their own use.

Hope this is somewhat helpful

 

Hi WuJohn,

Thank you for the reply. Unfortunately I misplaced the manual

Nevertheless your post is just what I was looking for. So many thanks for that Can you kindly share the URL for the on-line manual?

Thanks.

 

lol...it's in the post above... When you get to the linked page, go to the left hand column and u will see "product manual." Best of luck to you.

 

Windows identifies the wireless network as unsecure whenever it is not encrypted. You should be able to setup encryption in the router. WPA2 is reportedly the best. Some or all routers also allow MAC address filtering, which would keep others from connecting. You'd need to get and input the MAC address off all your wireless adapters before you enable it. You can also disable logging into the routers config API via wireless and remotely. Ie, from the back end - internet side.

Use caution disabling SSID broadcast. XP or earlier will not connect to it. Some adaptor drivers include an applet that has a setting allowing you to connect to a specified network even if it is not broadcast. But, if you are using Windows XP alone to configure your wireless setting it won't do it.

All I do on mine is MAC filter and disable wireless and remote configuration. If the router works as advertised, so to speek, those setiings alone should keep anyone out. Encryption is implemented via the website wherever I'd be concerned. So running unencrypted means someone with the right software and hardware could watch and view most of what I do, but hey, if you're that bored, knock yourself out.

 

Ooppss Actually I realized that just after I had hit the post button

Hi Tranquility: Thank you for the reply. I'll certainly try it later but for now won't take my chances and then spend a whole day trying to undo things so I won't mess with disabling the SSID broadcast (as you have sugested). Wujohn, what would you recommend?

Two questions:

1. How do I find the MAC address of a PC/Laptop?
   
2. I have 2 PC's (having wireless cards) at home which are using this setup. Will I be able to "secure" the whole thing without ending up one of the PC's not being able to connect to the internet

Thanks.

 

Hi guys,

Well I thing I have managed to secure my wireless network.... It's working so far and I'll keep my fingers crossed

Thanks for your replies and help.

Regards.

 

LOL it looks like I was a little late to the party...


Two questions:

1. How do I find the MAC address of a PC/Laptop?
   
   When you access your router it should automatically see your MAC addresses; so it will simply be a matter of selecting it in a pop-up menu. Take a look at the page I specified in the manual..I remember it showing exactly this.
   
   One a side note, in my situation I had a few neighbors connecting to my router-pre encryption (in addition to my wife ane me). It not only showed the MAC address but the name of the computer associated with the MAC address.
   
   
2. I have 2 PC's (having wireless cards) at home which are using this setup. Will I be able to "secure" the whole thing without ending up one of the PC's not being able to connect to the internet

You will be able to do this, no problem. Once the encryption key is created (write it down), you will need to enter this key into each computer that will be accessing the internet. Again, the manual should explain how/where to do this. If it does not, let me know (if it is XP I can help; if Vista I am lost ).

As far as not broadcasting SSID, if you do not want to do this, it's not really a problem. I have done this in XP many times with no issues using standard windows drivers. However the reality is that the highest level of encrytion is really your best bet, not broadcasting SSID and using MAC address filtering make less of an impact on overall security.

 

Hi all,

Though I have secured my network but there is one question that came to my mind and I'll appreciate your reply so that I can better understand things:

Since I have given the MAC Addresses of the PC's and have also set the admin password for my router, what is the purpose and advantage of setting encryption on the router when this wireless network is going to be used in home???

A related question is that wouldn't setting encryption have an overhead and thus somewhat/slightly/significantly (not sure which one is true ???) slow down the performance when using the the web?

Will appreciate your reply.

Thanks.

 

Setting the router to use only computers with approved MAC addresses will not secure you against a real hacker...they will very easily be able to break this lvl of security. Some people will say it is useless to use MAC address filtering...but at the very worst it cannot hurt you and at best it may slow someone down from breaking in. There was a link posted in the forums a few days ago criticizing MAC filtering and a host of other ways people secure their networks. See: http://blogs.zdnet.com/Ou/index.php?p=43

Encryption may slow your internet access down a bit. You can test it by turning your encryption off and running some bandwidth meter tests several times and then do the same with encryption on. Not very scientific but maybe you will see some sort of trend. Either way, if your connection slows down a bit, it is well worth the security of encrypting your connection.

 

Theres only one true way to secure a wireless network.

Instead of that though if you use WPA or WPA2 and MAC filtering, its about the best that can be done on a consumer level at this date.

If you're going to go to the trouble of not handing out free internet to your neighbors, don't bother with WEP at all. Many vendors have sloppy wep that is broken very fast (minutes) and even "correct" WEP 128 can be done with passive tools over several days at any fixed location. When even macs get wifi tools, you know its mainstream.

If you're paranoid or a target, follow the link up top