HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Topics » Computers & Internet » Computer Help and Support (Group) » Setting up your wireless ...

Tue Jan 21, 2014, 02:12 PM

 

Setting up your wireless router to keep the neighbors out.

This post is in response to a request in GD.
So FCC can shut down the open internet. My Question:
http://www.democraticunderground.com/10024363261

These are the routers I have. Newer ones should be similar.
If not someone will be around to clarify.
If I confused you, let me know. But keep in mind, I am retired and some of my knowledge is getting dated.

For XP and Windows 7 --
To find MAC address:
Start > Run > CMD
In the black window, enter ipconfig /all and Enter.
Look for the numbers after "Physical Address" under the "Wireless Lan Adapter" listing. That is the Wireless LAN Adapter MAC address the machine is using. The number is hexadecimal and looks something like this:
00-16-BC-4A-6F-F3
This is the number you need to add to your White List in the modem.
You will need to do this for each machine you are setting up to use wireless.
The MAC address is different between wired (Ethernet) and wireless (WiFi) on the same machine. Be sure you use the Wireless number.
The router will only allow the machines on the White List through the router. All other machines will be blocked.

To Log on to AT&T U-verse router.
IP address 192.168.1.254 (Put in Address bar in web browser.) (You are using Firefox, correct?)

When asked for a password, use the wireless network key found on the sticker on the bottom of your U-Verse router.

To set up:
Click on Wireless button, near the top of the screen.

The Network Name (SSID) is just a label to identify your system. Be creative if you wish.
I set the transmit power on this router to 25% to keep the working range down. If 'they' can't see it, because the signal is too weak, they can't use it.


This is where you input you MAC address in the White List. Don't forget to Save when you are done.

[hr]

For a Cisco/Linksys router: The address is 192.168.1.1
No user name
Default password: Found on bottom of router. Wouldn't hurt to change it, but is not normally necessary.


Selecting a channel on either end would be better. Channel 6 is the default, but may be intermittent, due to over use and interference.
These channels do overlap. Keep your cordless phone away from your wireless computers and routers. They may work on the same frequencies.


WPA Shared Key. The more complex the better. No words.
Use Upper case, lower case, numbers and Special characters.
You will need to know this, but you will not be using it, once the system is all set up.
You can always log on to the router to see it.





[hr]
Sometimes the computer insists on using information in the DNS cache, when changes are made to the network, instead of using the new information.
You'll know, 'cause the internet ain't working, even though you know it should be. To fix that, you'll need to flush the DNS cache.

Clearing DNS cache:
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/ClearingBrowserCache
[hr]
If you totally mess things up, you can start from scratch by resetting the router back to the factory defaults by pressing the Reset button. You may need a paper clip or something to press the switch. This resets everything, including password. The default password is on the bottom of the router. Then start all over.
[hr]
The MAC address White List is the secret to keeping the neighbors out.
You can set up a Black list for the unwanted intruders, but I am retired now and that is too much work.

I'll try to answer any questions and there are others around here that can answer your questions too. Just ask.

15 replies, 5045 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread

Response to RC (Original post)

Tue Jan 21, 2014, 04:36 PM

1. I share my wireless openly, but limit the speed.

It was just easier that way when my kids were high school age and living at home, friends over all hours of the night.

It's not fast enough for netflix or anything, so there's never any heavy connections to it anyways.

I don't worry much about "security" either. If someone is downloading something "bad" I'm probably worse off if it's bad guys who cracked the code than if I just have an open system. I can say "I dunno" and it's totally believable. (Maybe I'll change my mind if SWAT kicks down my door, but until then...) Besides everyone knows if you want a random connection, like the old pay-phones, there are plenty of places with open and not so open wi-fi where nobody will remember you. Heck, you can go to the lobby of any hotel, ask them nicely for the wi-fi code, and they probably won't even ask you for a room number.

The U.S.A. isn't entirely a police state yet, you don't have to sign onto the internet with your own personal code. Besides, even though the NSA probably already knows who you are anyways, having connected the unique aspects of your internet devices and software to your name already.

If anyone needs a free wireless connections it's the neighbor who lost his or her job!

Seriously the entire nation ought to be saturated with free wi-fi, paid for by taxes. It ought to be as open as the sidewalks, roads, and freeways, fast enough for telephone use even.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to hunter (Reply #1)

Tue Jan 21, 2014, 04:54 PM

2. While I agree with your last paragraph, if someone uses your connection to do something bad or

 

illegal, you can be held just as responsible as the bad guys doing it.
All it takes is to leave your WiFi wide open.

But some people have problems with the neighbors hitching an unwanted free ride on their WiFi, overrunning bandwidth caps, slowing down the feed, etc. And then there is the contract with the Internet provider, which usually has a clause not allowing sharing with the neighbors.

If you want to share, go for it, but beware of the pitfalls.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Reply #2)

Tue Jan 21, 2014, 05:40 PM

6. It doesn't seem fair if I'm in any greater jeopardy than a fast food place...

AT&T and Comcast are the major providers around here. My connection to a local provider predates these services; it started out as a lowly Pacific Bell "alarm line" connection.

I've had excessively annoying experiences with both AT&T and Comcast so I strive to keep them out of my personal life as much as possible.

The house next door is a rental. They used my wireless until they got settled (first, last, and deposit takes a bite out of people) but they are using AT&T and satellite television now.

I don't have cable or satellite television and that's the way I like it.

So far as I know nobody has ever abused my connection, not that I keep logs. Most people are pretty decent.



Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Original post)

Tue Jan 21, 2014, 05:00 PM

3. I have a question, if you don't mind ...

I leave my computer 'sleeping' at night and have disabled automatic updates for any program. Once in a while my pc 'wakes up' at odd hours of the night - could this be someone using my router?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to polly7 (Reply #3)

Tue Jan 21, 2014, 05:16 PM

4. Doubtful. It could be updates for programs you have loaded, such as your antivirus.

 

Or some maintenance something thinks needs to be done.

The next time you notice it waking up, bring up task Manager and see what is using the cpu cycles. Check each of the tabs.
Also check your Scheduled Tasks in the Control Panel. That is probably what you are noticing.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Reply #4)

Tue Jan 21, 2014, 05:20 PM

5. Good idea with the task manager.

I never thought of that .... I honestly don't think I have any scheduled tasks, but I will check. Thank you!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Original post)

Wed Jan 22, 2014, 01:47 PM

7. MAC address spoofing is trivial

 

There is no additional security by adding this step. WPA2 AES is as good as it gets. Additional security could be had by tunneling with ssh or ipsec.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to PowerToThePeople (Reply #7)

Wed Jan 22, 2014, 03:25 PM

8. Actually there is additional security in White Listing your MAC addresses.

 

How many people in the general public know how to spoof a MAC address? Or even care to?
While nothing is fool proof, your neighbors are not likely to know how to spoof their IP, MAC or anything else. Just know what they need to surf the net, and not much more.
Besides IPsec and SSH needs both ends to be set up the same way. And are a bit too complicated and even costly, for a home environment, used for normal web surfing. Unless you are a bank or some such, it ain't worth it to set up your web site with such. Besides Even DU is not set up for secure log-ins.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Reply #8)

Sun Jan 26, 2014, 11:11 PM

13. About as many people as know how to crack WPA, I suspect.

Realistically, anybody who gets past the WPA is going to have no problem with a whitelist. I guess if it helps you sleep at night..

Reply to this post

Back to top Alert abuse Link here Permalink


Response to sir pball (Reply #13)

Mon Jan 27, 2014, 12:47 AM

14. How many people in the general public or even your neighbors, know anything about wireless security?

 

Besides the basics in the instructions that came with the DSL wireless modem? Not many. But whatever, with security, every little bit helps. Just because you may know how to do something you can't assume it is common knowledge.

Instead of maligning me, why don't you bless us with your knowledge on how do properly secure a wireless modem?
Keeping in mind that this is a Group and not a Forum.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Reply #14)

Mon Jan 27, 2014, 11:49 AM

15. I'm not maligning you, there's no harm in more security.

I'm just saying that WPA alone is plenty to secure your network against casual intruders. WiFi security is "good enough", but once somebody has the skillset to crack one layer, they pretty much all fall down. In my cost-benefit analysis, the extra work isn't worth it especially since I do let houseguests connect and it's much easier to just offer a password. It's also generally a lot easier for the general public to just set a WPA password instead of tinkering around with deeper config settings; make things too difficult and they'll throw up their hands and give up, leaving things unsecured, rather than slightly less secured than you'd like.

I can't secure my modem since I don't have admin access to it, but if I were worried about smarter-than-average threats I'd flash dd-wrt onto my router, set strong passwords for both WPA and admin access, hide the SSID, implement a MAC whitelist, switch off DHCP and assign each allowed device a random static IP, also whitelisted, schedule access to be completely shut down while I'm out of the house, and spend a couple of hours tightening up iptables.

Or, if I were honestly worried that my threat level was beyond normal security practices, just disable wireless entirely and stick with Ethernet. No security is better than physical security.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Original post)

Thu Jan 23, 2014, 11:26 PM

9. I use a hard to type SSID that I don't broadcast.

There is something to be said for being a bigger pain in the ass to hack than the neighbor on the other side.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Gore1FL (Reply #9)

Thu Jan 23, 2014, 11:49 PM

10. That is just a label anyway. Like the call letters of a broadcast station.

 

That is basically what it is.

There is one in my neighborhood that id's itself as FBI surveillance.

http://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Reply #10)

Fri Jan 24, 2014, 12:04 AM

11. Point. but then, so is MAC address spoofing.

There is something to be said for making it more a pain in the ass to hack mine than it is to hack the other guy's.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to RC (Original post)

Fri Jan 24, 2014, 01:44 PM

12. Meh! I just give my AP an SSID

 

of "MalwareFactory," or "VirusesRUs," or better yet, "NSASurveillanceVan" and people don't connect to it!

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread