How do you secure a wireless network?, Yes, I'm a complete network n00b =(

Discussion in 'OT Technology' started by Mammoth, Feb 27, 2009.

  1. Mammoth

    Mammoth OT Supporter

    Joined:
    Jun 2, 2005
    Messages:
    23,612
    Likes Received:
    18
    Location:
    Michigan
    A few months ago I switched to T-mobile @ Home phone service (basically, it's the same thing as Vonage). When I hooked it up, they sent me a wireless router and said it was the only way for the system to work in my home. This was the first Wireless network I ever had. I've always had LAN lines because I'm paranoid.

    When I installed it, the set up program made me set up some encryption passwords so I thought the network was secure. I thought wrong.

    So I purchased a Laptop yesterday and decided to add it to my wireless network. When I searched for available networks, lo and behold, my T-mobile @ Home network was available for access and completely unsecured. Since this is my broadband network, I want to secure it so no one else can access it. Right now, anyone can log on and download kiddy porn on my open network. :noes:

    How do I secure it? This is my first wireless network and I have no idea what to do. I'm also a network n00b, so network speak is pretty Greek to me.



    Don't know if my system specs matter, but here they are just in case:

    Laptop System:

    OS: Vista Home Premium
    CPU: Centrino Intel Core 2 Duo Mobile T6400
    HD: 250 GB hard drive
    RAM: 4 GB RAM



    Desktop System:

    CPU: Intel Core 2 Quad Processor Q8200 (4x 2.33GHz/4MB L2 Cache/1333FSB)
    Motherboard: MSI P7N SLI-FI Nvidia nForce 750i SLI Chipset
    RAM: 2 GB [1 GB X2] DDR2-800 PC6400 Memory
    Hard Drive 1: Western Digital 320 GB HARD DRIVE [Serial-ATA-II, 3Gb, 7200 RPM, 16M Cache]
    Hard Drive 2: Western Digital 160 GB HARD DRIVE [Serial-ATA-II, 3Gb, 7200 RPM, 8M Cache]
    Video Card: NVIDIA GeForce 8400GS 512MB w/DVI + TV Out Video
    OS: Windows XP Professional
     
  2. sorryforya

    sorryforya New Member

    Joined:
    Apr 22, 2008
    Messages:
    138
    Likes Received:
    0
    I'm no expert but I can tell you the way I usually do it.

    When you log onto your wireless router (eg. 192.168.x.x), it should ask you for your username and password. When you log in and want to setup your wireless router, it should ask you how you want to encrypt the network (WEP, WPA, and a few more I can't think of on top of my head). Choose one of those and type in a password. Follow the rest of the instructions and you should be set. Someone correct me if I'm wrong.

    This might all be different with T-Mobile @ Home though.
     
  3. Mammoth

    Mammoth OT Supporter

    Joined:
    Jun 2, 2005
    Messages:
    23,612
    Likes Received:
    18
    Location:
    Michigan
    But how do I log into my router?

    Here's what I did when I initially set it up:
    • Ran the setup CD from T-Mobile on my PC.
    • It told me to hook the router up to my PC.
    • It asked me if I wanted to set up an encrypted network. I said "yes"
    • It asked me to set up a password for the network, so I created one.
    • Boom, I was done.

    Here's a little back story that may or may not be relevent:

    My PC was brand new when I did hooked up the wireless network. It died about a week afterward. The company I bought it from sent me a new motherboard & power supply to fix the problem. It didn't work. So, since the PC was under warranty, I sent it back to the company and told them to fix it.

    I went out and bought a new Laptop for the house and decided to hook it up to the network so I could mess around while I waited for my PC to be repaired. When I searched for the network, it found it instantly, but it also said the network was unsecured.

    So, I thought I had set it up to be encrypted initially. Unfortunately, it's evidently not.

    So, how to I log into the router to set up the encryption password?
     
  4. sorryforya

    sorryforya New Member

    Joined:
    Apr 22, 2008
    Messages:
    138
    Likes Received:
    0
    Either in the back of the router or in the manual. It should tell you an ip address you type into your internet browser. Do you know the brand of the wireless router they gave you? Did a quick google search and it said they have 3 types of routers. One from D-Link, LinkSYS and an unknown one with a phone connection. If you have a D-Link, the IP address might be (192.168.0.1), LinkSYS (192.168.1.1) and the other one, I have no idea. Like I mentioned, Tmobile @ home might be completely different setup. You can try typing those two ip address into your web broswer and see if you can connect to the router.

    Its strange that it asks you to encrypt the router and it didn't do anything. Did it ask you which encryption you wanted?
     
  5. bowrofl

    bowrofl New Member

    Joined:
    Aug 20, 2005
    Messages:
    6,555
    Likes Received:
    0
    Location:
    Toronto, Canadia
    What brand is your router? You need to go to the router home page and go to the Wireless settings there. Then change the security settings to WPA2 Personal, set the passkey, and save the settings. On your laptop and desktop, reload the network list and the network should appear, enter the passkey you set, and there you go.
     
  6. DigiCrime

    DigiCrime If Only!

    Joined:
    Oct 25, 2001
    Messages:
    33,014
    Likes Received:
    101
    Location:
    St. Louis
    Look at your network connection properties. The default gateway will be your routers IP address. So if it has 192.168.1.1 as the default, open up your browser to http://192.168.1.1

    You will be prompted for a login and password. Every wireless router contains a default login and password. If you are unsure of which look in your manual or the underside of the router.

    Encrpytion modes depend on the wireless card you have inside your laptop. Most if not all will do WEP but the newer laptops will do WPA which is what you want to setup.

    You generate a pass key and set the encryption mode, save it. If you have vista on your laptop it will detect the security mode your wireless is broadcasting. It will then ask you for this key and give you an option to save it.
     
  7. Mammoth

    Mammoth OT Supporter

    Joined:
    Jun 2, 2005
    Messages:
    23,612
    Likes Received:
    18
    Location:
    Michigan
    Thanks guys, I'll try that when I get home. It really is much appreciated. :bigthumb:
     
  8. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Don't forget to change the administrator password on the wireless transmitter.
     
  9. lightsareout

    lightsareout New Member

    Joined:
    Aug 19, 2006
    Messages:
    5,913
    Likes Received:
    0
    Location:
    Murfreesboro, TN
    just use WEP you'll be fine :rolleyes:
     
  10. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    It's not the x number of people who don't know how to bypass simple security that he needs to worry about, it's the one who does. Why do you think we have locks on our doors? Most people wouldn't go into someone's house uninvited, so why bother?
     
  11. eideteker

    eideteker Who jarked off in my frakkin' coffee? OT Supporter

    Joined:
    Feb 15, 2006
    Messages:
    2,428
    Likes Received:
    0
    Location:
    PA.
    There are so many unsecured APs around me, I'm not worried about someone taking the time to crack my WEP-secured Wifi.
     
  12. nsxrebel

    nsxrebel New Member

    Joined:
    May 22, 2006
    Messages:
    3,272
    Likes Received:
    0
    use WPA instead of WEP. And your password can still be cracked. ;)
     
  13. Coottie

    Coottie BOOMER......SOONER OT Supporter

    Joined:
    Jun 6, 2006
    Messages:
    32,407
    Likes Received:
    0
    Location:
    OKC
    I'm sure WPA can also be cracked but what about combining that with MAC address restrictions.

    I've set up my linksys to only allow certain MAC addresses to connect to it and I don't broadcast my SSID.

    Wouldn't this be considered secure?
     
  14. nsxrebel

    nsxrebel New Member

    Joined:
    May 22, 2006
    Messages:
    3,272
    Likes Received:
    0
    yes, wpa/wep can still be cracked. and even if you don't broadcast your ssid, it can still be discovered. ;)
     
  15. EvanD

    EvanD Active Member

    Joined:
    Jul 12, 2004
    Messages:
    6,727
    Likes Received:
    2
    Location:
    Ottawa, Canada
    Anyone wearing the security hat will tell you any type of wireless is not "secure". Not broadcasting SSID doesn't make you invisible and MAC filtering is trivial to circumvent on its own. WPA-PSK can be brute-forced pretty easily so if you use a stupid password then WPA-PSK is not very secure. The same applies to WPA2.

    Best bet is to use a strong passphrase and use WPA2, or if you're really paranoid, throw a RADIUS server in there as well.
     
  16. Coottie

    Coottie BOOMER......SOONER OT Supporter

    Joined:
    Jun 6, 2006
    Messages:
    32,407
    Likes Received:
    0
    Location:
    OKC
    Mac filtering is trivial to circumvent? Woah that sounds like a bold statement.....but then again, I haven't done much research into it.

    One can discover my SSID when I'm not broadcasting it?
     
  17. nsxrebel

    nsxrebel New Member

    Joined:
    May 22, 2006
    Messages:
    3,272
    Likes Received:
    0
    Yes and Yes.
     
  18. nucklearknight

    nucklearknight New Member

    Joined:
    Sep 21, 2008
    Messages:
    367
    Likes Received:
    0
    Location:
    San Francisco, California
    How is MAC filtering trivial? Seems pretty good to me...
     
  19. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    i remember reading that it isn't hard to find an acceptable MAC address since the packets are flying around in the air. then, you can use software to change your MAC to spoof one of the ones that currently exists.
     
  20. EvanD

    EvanD Active Member

    Joined:
    Jul 12, 2004
    Messages:
    6,727
    Likes Received:
    2
    Location:
    Ottawa, Canada
    Bingo...MAC's are flying around in clear-text so open up a sniffer and you'll most likely have a valid MAC in a few seconds.
     
  21. Coottie

    Coottie BOOMER......SOONER OT Supporter

    Joined:
    Jun 6, 2006
    Messages:
    32,407
    Likes Received:
    0
    Location:
    OKC
    You know....I'm thinking network security is kind of like home security. There are many houses without alarms and other security measures so burglars will likely break into those.

    My network is hidden(ssid), encrypted(WPA2) with somewhat of a long password (12+ characters) but certainly not a secure password and has MAC filtering. I've seen many unencrypted, unsecured networks in my neighborhood. If someone needs/wants a path to the internet, there are many easier targets.

    Am I being foolish?
     
    Last edited: Mar 6, 2009
  22. eideteker

    eideteker Who jarked off in my frakkin' coffee? OT Supporter

    Joined:
    Feb 15, 2006
    Messages:
    2,428
    Likes Received:
    0
    Location:
    PA.
    I have the same approach, so I kind of have to say no. :bigthumb:
     
  23. 7960

    7960 New Member

    Joined:
    Oct 17, 2004
    Messages:
    60,415
    Likes Received:
    0
    Location:
    New England
    6 dumbest ways to secure your wireless network

    http://blogs.zdnet.com/Ou/index.php?p=43

    #1, mac filtering
    #2, ssid hiding.

    they're both useless to someone with even a passing interest in getting in your network.
     
  24. 7960

    7960 New Member

    Joined:
    Oct 17, 2004
    Messages:
    60,415
    Likes Received:
    0
    Location:
    New England
    SSID broadcasting means if someone walks by with no SSID configured then your AP will scream "HERE'S A NETWORK!" It will then send them your SSID so they can associate.

    Turning off SSID broadcast means your won't do that. BUT, if YOUR laptop is connected to your AP then it's sending packets back and forth for anyone else to sniff. All I need to do is check a box (I think it's called promiscuous mode) on my client and it'll tell me if there are ANY access points around, whether they're broadcasting SSID or not.
     
  25. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    no, you aren't. it is the same thing with car security. all you can do is make it more of a pain in the ass than the next guy.

    then, just make sure your stuff inside is secure as well. keep your PCs patched up to date, check your router logs periodically for any signs of break in, make sure your router password is secure (nothing more annoying than someone breaking into your wireless router and locking you out).
     

Share This Page