Laptops, Desktops or Both?

Get a good router (linksys, or SonicWALL if you really want the good stuff), and wireless adapters for each computer that doesnt have one, and you should be set.

Make sure to secure the wireless link.

Get a wireless router, and wireless cards for your PC's and Laptops.  Linksys is great.

Connect wireless router to DSL modem.  

Then connect PC that was connected to the DSL, and plug it into the router.  

Follow instructions that came with router to do initial setup (putting in your DSL username and password into the router.

Then, using the router instructions - enable wireless.  At first - do NOT secure it.  Give it a network name (SSID) and that is IT.

Get all your wireless PC's working on this FIRST.  Make sure they have internet access.

Then - go back into the router, advanced settings, and secure the wireless using WEP.  I recommend 64 bit - because it creates the least overhead and 128 bit WEP is hardly any more secure.  This will keep out the majority of people.  You will need to give the WEP a "key" - just follow router instructions.

Enter this key into your wireless clients - make sure they all still can connect to internet.

Lastly - consider applying a MAC address filter to ONLY allow your MAC addresses to be on your wireless networks.  I consider this ridiculous overkill..... but to each their own.

Quoted: Get a good router (linksys, or SonicWALL if you really want the good stuff), and wireless adapters for each computer that doesnt have one, and you should be set. Make sure to secure the wireless link.

+1

Dig in here for basic info.

computer.howstuffworks.com/home-network.htm

In graphic terms.

Your Internet connection(Cable or DSL)----->Cable or DSL Modem----->Wireless Router----->
PCs and Laptops.

Read the manual this time.
Secure your router.
Do it.
If you don't secure your router you can and probably will
be exposing your bandwidth to BW leeching WarDrivers who
download and upload all sorts of nasty crap from their cars wirelessly using
your connection that you pay for.
By nasty, I mean porn, warez(software that has been stolen), spam, virii, and
sometimes, kiddie porn.
You do NOT want all that shit going through your connection because you WILL
be the fall guy if it is traced back to you.

Check to see what your modems is set at. Some act as routers and need to be configured. The Westel that Bellsouth uses is lilke that.

Linksys wireless G router is good. www.linksys.com/servlet/Satellite?childpagename=US%2FLayout&packedargs=c%3DL_Product_C2%26cid%3D1127782957298&pagename=Linksys%2FCommon%2FVisitorWrapper

Run ethernet cable from DSL to Linksys box. there's a special port on the linsys box you plug it into. If you have a desktop you want connected on wire run an ethernet cable from the linksys to that box.

From a wired box open up a web browser and go to 192.168.1.1. You'll get a web-based login. From there it's pretty much point and click to configure the rotuer. Supply a SSID (wireless network name) and turn off SSID broadcast. If you don't turn it off anyone driving by outside can see your network and connect to it. Turn on WEP (wireless encryption) or WPA, the more modern equivalent. WEP requires a string of characters to use as a key; you can type in anything.

On the laptop side supply the SSID and the WEP key.

The Linksys does a bunch of other stuff. It's a firewall (which you NEED in the modern broadband enviornment), a DHCP server, and more.

Dont mean to hijack the thread but how secure is the highest level of built in encryption on a Linksys wireless router? I set it up and it all seemed a little to easy to be very secure.
Thanks in advance,
25Chuck

Quoted: Dont mean to hijack the thread but how secure is the highest level of built in encryption on a Linksys wireless router? I set it up and it all seemed a little to easy to be very secure. Thanks in advance, 25Chuck

It SHOULD be 128-bit, which is the standard that all reputable websites use for CC info etc.

Here, since some walls are 14" thick adobe, we have a main wireless router, with  wireless access points wired around the house (1 though the wall of the family room, one up in the kitchen to service a couple rooms, and a downward facing one for this room since its a wireless dead zone.)
ETA: the main router is a buffalo tech G router, the one through the wall is an Apple Airport express and the one in the kitchen is a linksys, not sure what the model above this rom is though.

How hard would something like this be to crack either to get my personal info or just to get access to my internet service?

The Linksys has WPA2, which is reasonably secure.

You're unlikely to be hacked with reasonable measures (SSID off, WPA on.) The attackers are just trolling for open connections for the most part. Also, when you contact a web site with sensitive information you're typically going over https anyway, which is encrypted itself.

Are the MIMO or pre-N routers worth looking into for expanding range or improving connectivity?

Quoted: If you don't secure your router you can and probably will be exposing your bandwidth to BW leeching WarDrivers who download and upload all sorts of nasty crap from their cars wirelessly using your connection that you pay for. By nasty, I mean porn, warez(software that has been stolen), spam, virii, and sometimes, kiddie porn. You do NOT want all that shit going through your connection because you WILL be the fall guy if it is traced back to you.

Blah blah blah bullshit.

Quoted: Quoted: Dont mean to hijack the thread but how secure is the highest level of built in encryption on a Linksys wireless router? I set it up and it all seemed a little to easy to be very secure. Thanks in advance, 25Chuck It SHOULD be 128-bit, which is the standard that all reputable websites use for CC info etc.

 There is a BIG difference between 128bit SSL and 128bit WEP.  

Quoted: Dont mean to hijack the thread but how secure is the highest level of built in encryption on a Linksys wireless router? I set it up and it all seemed a little to easy to be very secure. Thanks in advance, 25Chuck

The level of "easiness" to set up has nothing to do with security.  IPSEC tunnels can be quite simple to set up with a wizard, and are currently the standard for corporate communications on an insecure network.

However - home routers dont use IPSEC with IKE.  They use WEP/WPA.  

WEP/WPA is like locking your doors and windows.  It keeps out the "honest crooks" who are looking for an easy free ride.  It does a good job of making it a little more difficult of getting on your wireless network.  However, there are readily available programs on the net, where people can crack your WEP keys and get on your network.

For instance, almost ALL my neighbors have wireless setups, and I have a high gain external antenna.    I can get right on to three of my neighbors systems right now.... because they have no security at all.  Two others, are protected with WEP.  I could crack theirs, but why bother?

There are a few other things the people pointed out to add to the security - like not broadcasting your SSID in the clear, and MAC address filtering.  The SSID broadcast is meaningless to any hacker capable of cracking WEP.  The MAC filter does add another layer of security, but can be spooffed easily as well.... for anyone who can crack WEP.


Bottom line - most people, unless your job/work is highly secure.... take this crap WAY too seriously.  There are MILLIONS of unsecured wirelesss access points all over the country.  Yes, securing them as best you can is good..... but too many people just regurgitate what they read about wireless insecurity....

Tagged because I need to learn more.    
_________________________  

 

Quoted: How hard would something like this be to crack either to get my personal info or just to get access to my internet service?

Access to your internet service - a little harder if you have enabled the basic security outlined here - but doable to someone who REALLY wants to get on.... and only IF they can get in good range to even use it.

Getting your personal info?  A lot harder.... provided you log on to your PC's with a username and password, you change any default accounts or blank passwords, and you enable a software firewall on your PC's.  If you are running XP, for instance - make sure there is no "administrator" account.  If there is, and you arent using it - rename it, and change the password.  Then write that info down and file it.  Then, make sure you log on to your PC with a username and password.  Enable XP's built in software firewall and dont allow exceptions (except for programs you KNOW require them)

This will put you WAY above the average user.

Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network and won't stop someone who is determined to break in anyay.  Just turn on encryption if you want to keep casual surfers off your network, you will be fine. Don't make it harder than it needs to be, once you learn the basics then you can mess around with SSID broadcasts.

wireless router & PCs with the proper equipment, then setup the router to communicate only with your PCs

Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network and won't stop someone who is determined to break in anyay.  Just turn on encryption if you want to keep casual surfers off your network, you will be fine. Don't make it harder than it needs to be, once you learn the basics then you can mess around with SSID broadcasts.

I completely agree.

Which is why I said - dont enable ANY encryption or advanced setting AT ALL, until you get your wireless network working on ALL your PC's, and get a little familiar.

Troubleshooting a simple driver or radio problem, and thinking it is a security/WEP issue, will make you pull your hair out.  Keep it simple, get it working, get familiar, then secure it how you see fit.

Linksys is more than secure enough for a home user. Don't buy a cheap router, though. The Linksys 54g can be had for around $40 and is very easy to set up, just follow the included intstructions.

We have three desktops, a laptop on our system. We use aLinksys woireless router. The two Sony Desktops are linked with ethernet to the router. The laptop is wireless as is the baby's desktop. I would run an ethernet but we are moving in a few months.
As for what router, I am looking at Mimo, supposed to offer enhanced range and security. We are in a townhouse now and when we connect up the laptop we can get 3 other routers of neighbors that come up.

Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network a

  ONce your network is setup, turn off the SSID broadcast.  YOUR computers will still find the network.



Use MAC filtering too.

tag

Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network and won't stop someone who is determined to break in anyay.  Just turn on encryption if you want to keep casual surfers off your network, you will be fine. Don't make it harder than it needs to be, once you learn the basics then you can mess around with SSID broadcasts.

I completly disagree.  its not that difficult to click disable ssid.     I have setup  100's   of wireless networks using wrt54g's  and wusb54g  cards, and other wireless cards.     with all the latest firmeware's and drivers you will not have an issue.   if you do its either a distance problem  or interference problem

Quoted: Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network a   ONce your network is setup, turn off the SSID broadcast.  YOUR computers will still find the network. Use MAC filtering too.

I think he meant, long term.... like when you add/remove a PC, update a wireless driver/application, have a friend/family come over and want to get on.  While I agree it does add another layer to your security..... it is a very false sense of security.  ANYONE capable of breaking WEP/WPA can see your network whether you broacast your SSID or not.... and as soon as they break the WEP/WPA, they have your SSID.  MAC filtering is better.... because it takes them longer, and requires they can see and sniff traffic on your network, to determine a MAC to be able to spoof it.

Follow FALARAK's advice to the letter.

As the local "geek" in my neighborhood, All of my neighbors have come to me for the exact same scenario and my SOP is precisely what FALARAK suggested.
They all work flawlessly. Some are close enough that I can see their wireless LAN and can't tap into them with one of my wireless laptops.

Jeff

Are you only using wireless devices???? or do you plan on using both wired and wireless??? of will you ever need more than 1 AP or other device???

If you are going to use either both or multiple devices in general, you will need to come off of your DSL modem into either a hub, switch, or router for additional ethernet ports.

Switches are preferred over hubs.

Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network and won't stop someone who is determined to break in anyay.  Just turn on encryption if you want to keep casual surfers off your network, you will be fine. Don't make it harder than it needs to be, once you learn the basics then you can mess around with SSID broadcasts.

Disabling SSID broadcasts only buys you a TINY bit of security (for lack of a better term). SSID is a broadcast that your wireless network sends out for everyone to hear. It is an ID that the wireless access points advertise. If you can hear it, so can others that are close enough to hear your signal.

Most people think that if you disable the broadcast (which means you have to hardcode the SSID on each machine that uses the wireless network) that no one will ever be able to obtain the SSID. Simply not true. It is only true while no machines are associated to the wireless network (they don't even have to be actively passing data, simply turned on and associated). Once the first machine is turned on and associated with the WLAN, the SSID is contained in every packet sent back and forth, so it is still easy to grab.

Disabling the SSID broadcast buys you about .01% security but has the potential to cause you about 25% in headaches troubleshooting initial setup etc.

I would:

- disable any DHCP (auto assignment of IP addresses)
- filter the MAC addresses of the machines that you know in advance will use your network
- set up AT LEAST 128 bit WEP (which is encryption of the packets bi-directionally) while they are in the air. This must be done manually on each AP and on each PC.

If you are worried about being breaking that, change the WEP key every month.  If you are still worried about it, you can get more granular, and put another router in the mix and segment (isolate) the wireless from the wired networks and do additional filtering/blocking there as well. Additionally, running personal firewall s/w on each machine protects the machines and is highly recommended.

I use multiple wired and wireless devices at home. I come off my router into a firewall that helps protect my inside devices from the big bad Internet. On the inside of the firewall (my side), I go into router, which provides me with a couple of different network 'segments' (different IP schemes). I keep the wireless stuff sepearted from the wired. On the wireless side, I do all of the above (and then some). Additionally, I only allow the wireless out to the Internet, but not back into the other segments where the wired stuff resides. That way, if someone does managed to obtain access to my wireless signal, they only get access out, not back in.

It all depends on how tight your tinfoil hat is on.

Quoted: Quoted: If you don't secure your router you can and probably will be exposing your bandwidth to BW leeching WarDrivers who download and upload all sorts of nasty crap from their cars wirelessly using your connection that you pay for. By nasty, I mean porn, warez(software that has been stolen), spam, virii, and sometimes, kiddie porn. You do NOT want all that shit going through your connection because you WILL be the fall guy if it is traced back to you. Blah blah blah bullshit.

Really now?
How is it bullshit?

Quoted: Quoted: Quoted: If you don't secure your router you can and probably will be exposing your bandwidth to BW leeching WarDrivers who download and upload all sorts of nasty crap from their cars wirelessly using your connection that you pay for. By nasty, I mean porn, warez(software that has been stolen), spam, virii, and sometimes, kiddie porn. You do NOT want all that shit going through your connection because you WILL be the fall guy if it is traced back to you. Blah blah blah bullshit. Really now? How is it bullshit?

The biggest problem of unsecured wireless is someone else gets to use your bandwidth.  You stated:  

you WILL be the fall guy if it is traced back to you.

Show me ANY documented cases where someone was prosecuted for this, and NO evidence of illegal activity found on their PC's.  Please.   Most of the fear surrounding theft of service where a war driver steals your service is just that.... unfounded fear.  

Sure it is a good thing to secure it - I am not advocating leaving it unsecured.  However - as clearly documented in this thread, even the best wireless security you can do is farily easily crackable by any idiot with software widely available.  Acting like you will end up in the big house for having the same unsecured wireless connections that millions of Americans have.... is quite frankly, bullshit.

The only time I could see the homeowner (or person who pays for the internet) get in trouble, is if the neighbor kid was sharing a boat load of KaZaa. If the RIAA cracked down on you, the buyer would take the fall, IMHO.
Would it happen, I really doubt it. If it does...well, that sucks for you. The chances are your neighbor just wants to 'borrow' some bandwith. Don't worry, he'll give it back when he's done

How secure is WEP/WPA. Secure enough for what you're going to be using. If you were a large corporation with data that cannot be seen by others. Well, that would be a complete different story.
WEP/WPA can be broken easily enough by people that know what they are doing. If someone wants your internet that bad, they are going to get it anyways. My guess would be if they could crack it, they would just do it to show how 'big their balls are' and steal your bandwith for a while.

What has been posted before is a pretty good overview so far for the average home user.
Enable wep, if you want, enable MAC filtering. It's easier to break wep than it is to sniff a MAC address, and then spoof it.
If your router allows it, think about toning down the power a little bit. But be careful, you have to drawn a line somewhere between security, and usability. If you tone down the power too much, you'll not only cut your neighbors out, but yourself too, unless you're in the same room as the router.

The attackers that are out there are mostly just looking for completley unsecured sites. If yours is secured they'll just move on to find one of the many unsecured sites rather than trying to go l33t on you.

WPA security is much, much better than WEP.

Just putting the Linksys wireless access point on your DSL connection will vastly increase your security overall because the linksys includes a firewall for the DSL connection. The quantity of attacks coming in over broadband connections is pretty scary, and much more frequent than wireless attacks, which require the attacker to be in the same geographic area as you.

Slight threadjack:

I want to set up a wireless network in my house to let the kids play games across several computers.

I have a dial-up connection, so someone stealing my bandwidth is a non-starter.

Will the aforemetioned set-ups do what I need?

Quoted: Slight threadjack: I want to set up a wireless network in my house to let the kids play games across several computers. I have a dial-up connection, so someone stealing my bandwidth is a non-starter. Will the aforemetioned set-ups do what I need?

For playing games across several computers - this is not internet connected by default - and would be no big deal.... this is simply a local area network.  For this scenario - you would install wireless network adapters in each PC... and you would not even have a wireless router.  Someone hacking into your wireless network would not (by default) be able to access your dialup session from your primary computer.

Now - if you want to share your dialup session among multiple computers.... you have two primary options:  Go with the exact same config above, and enable internet sharing on your computer.  You computer would be the default gateway for all the other client PC's on your network.  

Or - you could find and purchase a router that supports a dialup session.  (cool, but can be ugly to support)

In all of the cases above - yes - taking the default encryption steps will secure your network from any possible bandwidth hoggers.

Quoted: Quoted: Slight threadjack: I want to set up a wireless network in my house to let the kids play games across several computers. I have a dial-up connection, so someone stealing my bandwidth is a non-starter. Will the aforemetioned set-ups do what I need? For playing games across several computers - this is not internet connected by default - and would be no big deal.... this is simply a local area network.  For this scenario - you would install wireless network adapters in each PC... and you would not even have a wireless router.  Someone hacking into your wireless network would not (by default) be able to access your dialup session from your primary computer. Now - if you want to share your dialup session among multiple computers.... you have two primary options:  Go with the exact same config above, and enable internet sharing on your computer.  You computer would be the default gateway for all the other client PC's on your network.   Or - you could find and purchase a router that supports a dialup session.  (cool, but can be ugly to support) In all of the cases above - yes - taking the default encryption steps will secure your network from any possible bandwidth hoggers.

Sweet! Now THAT'S what I'm talking about.

The laptop has a wireless "G" card built in. I just need to get 2 network adapters for the desktops.

Any suggestions as to brand and features?

Quoted: Any suggestions as to brand and features?

Any G or B card should do.  There are three wireless modes.... AdHoc, Infrastructure, or Mixed.  Typically, we run Infrastructure mode - which is a connection to an access point.  If you dont use a wireless router, then you will be in ADHoc mode.... using static IP assignments.  As long as the cards you buy support this (never seen one that didnt so far) then you should be good to go.  

Understand - some cards get better reception/trasmission than others.  A USB model, like a linksys, with a 6' cable, and a flip up antenna, will get MUCH better reception than the little USB "key" type network adapters, which plug in directly to the USB port.  Keep that in mind.  I do recommend going USB, for desktop machines, over the PCI models.  However, the PCI models are great when you need extra range, because you can connect an external hi gain directional antenna to those.

Quoted: Quoted: Any suggestions as to brand and features? Any G or B card should do.  There are three wireless modes.... AdHoc, Infrastructure, or Mixed.  Typically, we run Infrastructure mode - which is a connection to an access point.  If you dont use a wireless router, then you will be in ADHoc mode.... using static IP assignments.  As long as the cards you buy support this (never seen one that didnt so far) then you should be good to go.   Understand - some cards get better reception/trasmission than others.  A USB model, like a linksys, with a 6' cable, and a flip up antenna, will get MUCH better reception than the little USB "key" type network adapters, which plug in directly to the USB port.  Keep that in mind.  I do recommend going USB, for desktop machines, over the PCI models.  However, the PCI models are great when you need extra range, because you can connect an external hi gain directional antenna to those.

I'm in a stick built residence. One PC in the basement and one on the main floor--about 30' apart ina straight line 2 walls and a floor in between.  Sounds like USB with the antenna?

Tag

Quoted: If you don't secure your router you can and probably will be exposing your bandwidth to BW leeching WarDrivers who download and upload all sorts of nasty crap from their cars wirelessly using your connection that you pay for. By nasty, I mean porn, warez(software that has been stolen), spam, virii, and sometimes, kiddie porn. You do NOT want all that shit going through your connection because you WILL be the fall guy if it is traced back to you.

yeh, or sniff your unencrypted traffic to gain passwords and bank account info.....

Hey, WEP can be can be overcome by sniffing traffic for enough time (Ethereal), then with some easy packet injection (think Kismet, Kismac) the AP is yours, all you need is a good laptop and a second NIC.  Hell, even a MAC address can be spoofed.  The best security is knowlage and reading your logs.  Then again, one can walk into the local McDonalds, Walmart, or Starbucks with free wireless internet and do whatever they want.  Most of those places only block sites, and their routers were setup by a monkey who, half the time, left the admin password the default.

Quoted: I think he meant, long term.... like when you add/remove a PC, update a wireless driver/application, have a friend/family come over and want to get on.  While I agree it does add another layer to your security..... it is a very false sense of security.  ANYONE capable of breaking WEP/WPA can see your network whether you broacast your SSID or not.... and as soon as they break the WEP/WPA, they have your SSID.  MAC filtering is better.... because it takes them longer, and requires they can see and sniff traffic on your network, to determine a MAC to be able to spoof it.

Good point, a layered security solution is a very good way to make it "take to long to be worth it".  Just like a car thief, Door locks alone are easy, a car alarm alone is easy, and the club alone is easy, but all 3 together, not worth the time.....

I use to have all wireless on all my desktops. Mine ran slow and the signal was weak. So I hard wired my house. Now it runs quite fast. if you can go wired.I still have the wireless hooked up so I can use my lap top.

Quoted: I use to have all wireless on all my desktops. Mine ran slow and the signal was weak. So I hard wired my house. Now it runs quite fast. if you can go wired.I still have the wireless hooked up so I can use my lap top.

Well  - most people just use wireless for shared internet.  Average broadband is 1.5Mb/s.... moving toward 6Mb/s in some areas of DSL and Cable.

So..... an excellent G signal is 54Mb/s.  With overheard for encryption and wireless ethernet, you can get around 20 to 25Mb/s actual throughput.

B signals are 11Mb/s, which yeilds around 5Mb/s actuall throughput.

MORE than enough "speed".... when typically the bottleneck in the network is your internet connection.

Now - if your situation had REALLY bad signal strength (just enough to connect) then you would get some packet loss, and would synch at the lowest possible speed (1Mb/s) yeilding a throughput of around 500kb/s.  Yes - that would be noticeable.  Especially with any packet loss.... because retransmissions are VERY noticeable.

However - this is atypical of a good wireless network.... I thing your situation was unique.  More and more, we see companies moving all their clients over to wireless instead of wired.  It provides good thoughput, and there is advanced security models for corporate installations.  Of course, those are designed to have adequate coverages.

I'm just going to be quiet about my collection of coffee cans, pringles cans, and a custom powered long range antenna mounted to a shotgun stock.

Tag.

Tagaroo...

Quoted: Are the MIMO or pre-N routers worth looking into for expanding range or improving connectivity?

While it's very sad when you quote yourself, I say again:  any opinions on MIMO stuff... Linsksys SRX routers or Belkin Pre-N stuff?

Can you get getter coverage in a larger install, say 200-300 ft. range?


Gotta be able to surf arfcom out on the back deck,  you know!

Quoted: Quoted: Don't turn of SSID broadcasts, it just makes it harder for you to connect to your own network a   ONce your network is setup, turn off the SSID broadcast.  YOUR computers will still find the network. Use MAC filtering too.

\

ssid dont mean squat.. any war prog like "mini stumbler or net stumbler" ignores ssid, and will pick up the wifi with or with out it..

I have a LinkSys wireless router. Do I need to use a cross-over cable anywhere in there. Right now my router doesn't put out a useable signal.