Results 1 to 9 of 9

Thread: Some help with router

  1. #1
    Junior Member
    Join Date
    Aug 2004
    Posts
    18

    Some help with router

    Hey. Still kind of a newbie here (look at post #), but check this site everyday. Great info and you guys are really informative. I have some questions that need answering.

    I am setup on a linksys wireless broadband router. I have 3 computers running off it. One is ethernet connect on one of the ports on the back. Two are wirless connects.

    I am running them on static IP, WEP encrypt, MAC filter, no SSID.

    OK.Here goes.

    Should I move back to DHCP?If yes how many IP addresses should I set?Three just for the three computers I am running, or more than that so it can generate new IP's beyond just those(If that came across OK).

    Also, should I release and renew DHCP daily? I do not reboot my computer, or the other box. The laptop does get rebooted daily. Is there a way to bunny-hop the new IP address so I do not get three IP's in a row..ie XXX.XXX.XXX.110-113?

    Can I change the IP of the router to something else besides the default address? How does this effect the subnet mask IP address?

    On the WEP. I am running 64bit 10hex. Would the 128bit 26hex be better? I live in the country and am not worried about people WARing my network. We live to far apart for that I think. Or should I switch to WPA?

    Both wirless share the same key. On my network setup on box and laptop, should I make both of these 'shared key' or 'open'?

    Can either of these be setup to run off a different key for each one?

    sorry for all the questions, but I am slowly learning networking and these were some of the bigger questions that I had. I hope someone can help me out on this.

    Thanks
    Dave

  2. #2
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    It sounds like you have taken some pretty good steps to protect your network. With regard to wireless, you may be secure enough just by proximity(in the country). Some people on this site are probably going to argue with that, but my opinion is that if there is enough of a physical boundry betweeen your AP and any possible attackers, then WPA and even WEP could be less convenient and no more secure. Leaving dhcp off is not a bad idea as long as you change the IP address scheme of your network from its default settings.
    Can I change the IP of the router to something else besides the default address? How does this effect the subnet mask IP address?
    You can continue to use 255.255.255.0 as your subnet mask and change your IP to something like 10.10.10.X. What model is your router?
    -NeuTron

  3. #3
    Junior Member
    Join Date
    Aug 2004
    Posts
    18
    I am running a linksys WRK54G.

  4. #4
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    As NeuTron said, it sounds like you have taken some good precautions and being out in the country with 64 bit encryption it would still take someone weeks to break your WEP key and I am thinking a car sitting in front of your house for a couple weeks you might get suspicious about. So I woudlnt worry about changing to 128 unless you want to learn to do it. Nothing different than what you have already learned. It doesnt really matter if you use DHCP or static IP's, if you are comfortable with static I would leave it be. If you go with dhcp you can set it to 3 if you want and then no other devices will get on through dhcp. If you go that route you dont have to reset your computer or release and renew your dhcp, the router will take care of all of it for you.

    But for home security you are in good shape and I wouldnt worry too much about your wireless, just make sure your computers are all patched and running antivirus and antispyware and you should be set.
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  5. #5
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    I would set a static ip for each one of your comptuters. I do this because it makes port forwarding a lot easier.

  6. #6
    Unless you have a number of systems coming in and out of your network, DHCP isn't necessary and can introduce its own problems at times. The static IPs, with MAC filtering, keeps the authorized systems in and the others out, pretty much.

    I'm always a fan of using the least amount of overhead required, so the 255.255.255.0 subnet mask is a very good idea and keeps just those systems in the IP range talking to each other and the router.

    As Spyrus and NewTron said, you are probably fine with WEP and a shared key. I use WPA, but I also live in a high-density area with lots of wireless neighbors. Keep your pre-shared keys the same for all your equipment, just saves you the hassle of tracking more than one at a time. Make them long and complicated.

    You are correct in not advertising your SSID, but you should also consider changing the default name of the router. And, you have set a hardened (8+ CapsSymb#lc or passphrase)local admin password on the router, right?

    Hope this helps.

  7. #7
    Junior Member
    Join Date
    Aug 2004
    Posts
    18
    OK. I thought that I had everything good to go, but I am always looking for ways to make sure it's safe and secure.

    Yeah, if there is a car sitting outfront of my house, he's 250ft to the road and sitting in a 5ft ditch. I was wondering what is the distance for someone to try and get on my network, if he could?

    Also I was thinking about getting network monitoring software or is this overkill on my part?

  8. #8
    Senior Member
    Join Date
    Jun 2003
    Posts
    134
    You should be good to go with your current configuration. Just remember, even though you may live in a residential area doesn’t mean that someone won’t wardrive your house. I really wouldn’t bother switching to WPA if you are not using it in conjunction with a radius server. WPA in personal mode is susceptible to password cracking. Just make sure if you use WPA to use an extremely strong password. Just change your WEP key every now and then. If you are really concerned about confidentiality you can set up a vpn server on the wired client and connect the wireless nodes through that. As far as the range goes, you can change certain options with the antennas though the Admin GUI.
    Sysmin Sys73m47ic
    -The Hacker Pimps
    -Development Team {FuxorWRT}
    http://www.AntiOnline.com/sig.php?imageid=563

  9. #9
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    Originally posted here by dodd3256
    OK. I thought that I had everything good to go, but I am always looking for ways to make sure it's safe and secure.

    Yeah, if there is a car sitting outfront of my house, he's 250ft to the road and sitting in a 5ft ditch. I was wondering what is the distance for someone to try and get on my network, if he could?

    Also I was thinking about getting network monitoring software or is this overkill on my part?
    Sure...network monitoring software is never a bad idea. It can reveal other problems such as being infected with a virus. A smothwall is what I use, and it has been very useful.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •