encrypting linksys

[romman]

hey ppl i havent been on in a while, so here is my question how do i encrypt a lynksys wireles router

[Spyrus]

its easy to do first you need to let me know which model of linksys you have but since I dont know this should be close to the right answer for you

Navigate to http://192.168.1.1
enter your password
now depending on your model, the newer ones, you can go to the wireless tab and then go to security. Under there you will see a option for security, change the pull down menu to WEP,

You can do 1 of 2 things you can choose to enter a passphrase or you can type in your own key. If you hit passphrase and hit generate that will be your new WEP key. now enter this key into your pc and you have WEP enabled.

Other steps to take
Change the default router password
Turn off SSID broadcast
Change SSID to a nickname that you prefer
also enable MAC filtering. Your Network card has a MAC address. you can view it by going start run type in cmd hit enter. Then type in ipconfig /all you will see your mac address in there, input it into the MAC filter section on your linksys router and now only your MAC address can get online.
You may also consider limiting your DHCP pool, there is a section where you can change it, i would limit it down to 5 or something just to be safe.

If you need more help or need better locations just let me know

[Gump]

Good steps from Spyrus,

I would add to be careful if you choose the passphrase option to generate your keys. It will generate 4 keys and you will have to select the one you want to use. You cycle through the 4 keys that are generated on the page, whichever one your cursor is on or is active/highlighted/seleccted (choose your vocab) is the one the router will use. I accidentally left mine on the 4th key as i reviewed each one, and entered the first key into the laptop configs. Needless to say I had to do a little troubleshooting to figure it out. Just pay attention to detail as it is not very intuitive at first.

May seem silly but that was my experience with it, hope it helps.

[luv_kido]

Hey,

here is something more.... what they have suggested is .. no doubt complete.. i will just say put a netstumbler on you wireless lan and you will get your wireless WEP keys in front of you ... this is for the time...when you forget what keys you have placed in... :-)

Cisco said " Thou shalt not look into my network using tools like these ..its a sin and if thy cant stop and i cant make a better encryption and i shall close my eyes".. ;-)

My apologies.. but i m in a great gossipin mood today... he he he came in here after long..

regards
kido.

[3rr0r]

Hm, maybe I'm missing something, but I don't think NetStumbler can be used to break any kind of encryption, nor does it give you access to WEP keys.
Maybe you meant AirSnort.

[luv_kido]

hey...

I wud buy that as well... just that some people (dont say i said Cisco) had issues of their Unseen WEP keys being shown by Netstumbler..

Still blame it to BEER coz i m relaxing after weeks....

" Dont make your son a networking guy... :-( else he will be like you ".. a wise man( me) once said.

regards
kido

[Cybr1d]

here is something more.... what they have suggested is .. no doubt complete.. i will just say put a netstumbler on you wireless lan and you will get your wireless WEP keys in front of you ... this is for the time...when you forget what keys you have placed in... :-)

netstumbler does not show you the WEP keys. It has the option to automatically reconfigure your system to connect to a network, but windows XP already does that anyways.

[deftones12]

luv_kido your weird.

[keezel]

Actually I thought linksys routers were by default 192.168.0.1. I wrote a tutorial on securing a wireless network a while back...it might be useful but you don't need all that info just to encrypt your router. It's here- http://www.antionline.com/showthread...hreadid=259394 if you find it interesting.

[annihilator_god]

I have a linksys wrt54g wireless router. It is running wpa with aes and i have had no known compromises of the system. Here's what I did:
open a web browser and navigate to 192.168.1.1 (or whatever address your router is sitting at)
If you set a password, you will be prompted for it at this time (if you haven't set one, do that now inside the administration tab)
open the wireless tab, basic wireless settings will be shown.
Set wireless network more to b-only, g-only, or mixed depending on your hardware.
Change the wireless network name (ssid) to some non-standard name.
Pick a wireless channel (preferably different from your neighbor's)
Under wireless SSID broadcast, select disable.
Click Save Settings.
Now click wireless security, and select your favored security mode.
WPA pre-shared key, WEP, or disable (still don't know how to implement RADIUS)
Check your wireless hardware to see which methods it supports (you might want to check for firmware or software updates for the higher security modes)
I use WPA pre-shared key because it it more secure than WEP (harder to break the encryption)
Under WPA Algorithms, pick your favored encryption scheme (dependant on your hardware)
I chose AES because it is quite secure, but there is some overhead to decrypt the packets.
TKIP also is very secure with lower overhead for decrypting.
Then enter your WPA Shared key (this will need to be the same on all your wireless hardware) and set the group key renewal time (in seconds).
Click Save Settings.
Next menu over, Wireless MAC Filter will allow you to filter the mac addresses that can connect to the router. It can either ban addresses or only permit addresses.
I use "permit only" because I only have 2 cards that will ever need to connect.
At this point, click Edit MAC Filter List and enter your cards' MAC addresses in the window that pops up. Be sure to click Save Settings before closing the window.
Then click save settings again on the main web window.
At this time you can hit "Advanced Wireless Settings" and set some extra properties. I'm not sure what 90% of these settings do (yet) so I haven't played with them.

Now, as spyrus said, you should limit the maximum number of DHCP users (which is under setup->basic setup). Also, if you do not have the SPI firewall enabled, do that now under Security->Firewall. Also, you probably want to disable Remote Management (it's disabled out-of-the-box) if it's on. You can find it under Administration->Management (the same place you set the router password).

hope this helps