PDA

View Full Version : Firewalling



jdiddens
01-18-2004, 02:59 AM
What recommendations are there for setting up a firewall using linksys wireless router with Windows XP?

minibubba
01-18-2004, 04:41 AM
the linksys router should have a built-in hardware firewall so I would recommend you just use it instead of a software firewall on XP. However, if you don't protect your wifi the hardware firewall wont make much difference.

You can customize the firewall and other router settings (including wifi) by accessing linksys' built-in utility. You can access it by typing the LAN IP of the router into your web browser (usually 192.168.1.1) and entering the password.

(oops)-tw

The Wizard
01-24-2004, 05:35 AM
to secure your wireless connection, don't bother with WEP unless you have very sensitive data. (i don't care if someone sniffs me surfing pr0n) :laugh: it only bogs your connection down.

If you go wireless, set up the router so that it only communicates with certain MAC addresses (then put in the mac addy's of whatever wireless devices you have). Then set your SSID to whatever you want, just don't leave it as the default setting. (note: all the devices have to have the same SSID) then turn off SSID broadcast on all your devices.

Once you do that, your network is pretty damn secure. nobody will be able to steal your internet, or access computers on your lan. (ad hoc mode may be a bit different tho, you would have to set MAC filtering in each wireless device just like in the router) you also wont be bogged down with the overhead of encryption.

hope this helps!! :)

minibubba
01-24-2004, 05:47 AM
If you go wireless, set up the router so that it only communicates with certain MAC addresses (then put in the mac addy's of whatever wireless devices you have). Then set your SSID to whatever you want, just don't leave it as the default setting. (note: all the devices have to have the same SSID) then turn off SSID broadcast on all your devices.that's what I ended up doing on my network, works like a charm :thumb:

I've seen first hand how easy it can be to crack the encryption, even 128 bit, so you're be much more secure doing as The Wizard suggests

kane2g
01-24-2004, 10:22 AM
here is mine
I also changed the channel to 11 form default 6 ;)
PS. I hope u changed the default password! its the first thing I do:D

jdiddens
01-26-2004, 10:53 AM
I appreciate all this help but I am very unfamiliar with these terms. I know how to get into the page to configure the routers settings, but I don't know what MAC addresses are. As for the SSID, I can just make that any word I want?? Is there an online guide or anything that gives step by step instructions??

Thanks for the help.

minibubba
01-26-2004, 11:05 AM
Is there an online guide or anything that gives step by step instructions?the manual that came with the router is a good place to start.

to get the mac addresses (think of it as a permanent online serial number for your NIC) open a command window and type ipconfig /all into it and it will give you a sting of information. Look for Physical Address:, that is the mac address.

yes, you can make the SSID just about whatever you want, but keep in mind that Caps count. Also, if you turn off SID broadcasting you will want to make sure it is something you can remember.

jdiddens
01-26-2004, 11:16 AM
So once I find my routers MAC address what do I do to make the router only communicate with that address?

minibubba
01-26-2004, 11:26 AM
it's not the router's mac address that you need, it's the mac of every wireless nic that you want to connect to it. That's why it's called mac filtering. Only those mac addresses will be allowed to connect. So unless the mac address is visably printed on the NICs you will need to run ipconfig /all on every computer in order to get their addresses. Note, however, that you don't need to do this for the PCs that are connected via cables to the router.

Look under Advanced/Wireless/Wireless Network
Access to edit the allowed mac addresses

kane2g
01-26-2004, 12:42 PM
dont do that. get airsnare. its very useful wifi sniffer/intrusion detection.
http://home.comcast.net/~jay.deboer/airsnare/download.htm
its pretty kewl lil program. its gonna tell you all the MAC addresses on your network. and let ya know if a foreign one was detected :D

here's a brief decription"
AirSnare is an intrusion detection system to help you monitor your wireless network. It notfies you as soon as a machine connects to your wireless network, that is not included in your list of friendly MAC addresses. You can configure the program to send an email notification to the administrator, log the connection, and also send a message to the connected machine, informing them that their actions are being monitored. AirSnare integrates with Ethereal for additional package capturing features. "

minibubba
01-26-2004, 12:52 PM
you still have to have a trusted mac address list to do that, which means he will still have to do what i mentioned earlier. Besides, it seems more logical to try to keep the foreign connections out in the first place than to have software to tell you about it after the fact.

That is a spiffy little application that I'm glad to now know about, but I don't think it's going to be much use to someone that seems to know little about networking. Just the fact that it is designed to work with Ethereal ought to tell you what kind of person it is designed for. ;)