Team-BHP > Shifting gears > Gadgets, Computers & Software


Reply
  Search this Thread
4,711 views
Old 14th January 2010, 10:48   #16
Newbie
 
Join Date: Jul 2009
Location: Mumbai
Posts: 22
Thanked: 8 Times

from the screen shot i see that WPA2 option is available, this is far more secure than both WEP & WPA, that is what I read up & use myself.
vtecker is offline  
Old 14th January 2010, 10:51   #17
BANNED
 
Join Date: Jul 2007
Location: Bangalore
Posts: 2,440
Thanked: 1,234 Times

This howto will help anyone to properly configure and protect a wireless router. The theory and the configuration options presented in this guide should be valid for any router.

To access the administration page for the router, enter the following in a browser http://192.168.1.1 You should then have a pop up window asking you for your login credentials. The default username most often used is admin and no password. If you haven't created a password to prevent access to your router, I strongly suggest you do that now.

The SSID is a human readable name to identify your router. This is how we can select between multiple routers when several routers are present in the same range(area). Without a unique SSID name, we wouldn't be able to tell which one is our own router. Many people leave the default name which often is simply the name of the manufacturer such as Dlink or Linksys. I recommend you change the name to something "your own". Carefully choose a unique SSID name for your wireless router.

The channel is the radio frequency that the wireless router will use to communicate. Wireless routers have a range of frequencies to choose from. The reason is to prevent interference when several wireless devices are within the same range. It's safe to leave this setting to the auto mode as it does a good job of switching frequencies when interference is detected by the wireless router.

Wireless devices can communicate using a variety of standards. The first standard was the 802.11a which was quickly followed by the b and g standards. New wireless hardware may support the n standard as well. The mode you select will depend on the other wireless devices you will be using on your wireless network. For example, all of my wireless devices use the g standard, so I explicitly use the gmode. The mixed mode for the Linksys WRT54GL is a combination of b and g. The mix mode setting is dependent on the hardware generation of the wireless router.

The famous SSID Broadcast setting. Let me clear up a wildly misconception regarding the SSID broadcast. Disabling the SSID does NOT in any way secure or hide the presence of your wireless router. This myth started when wireless networks were still relatively new and no one seemed to know how to restrict and prevent unauthorized access to the router. Even when this is disabled, packets are still transmitted in the air and those packets contain the SSID in them. So disabling the SSID will not in any way prevent or hide the presence of your wireless router. The best choice here is to enable the SSID broadcast.

The Security setting. This is where we will prevent unauthorized access and stop wireless sniffing by encrypting the wireless communication. Important Notice:Wired Equivalent Privacy (WEP) is broken and NOT secure. Do Not Use It! WEP can be hacked in less than a minute and is not recommended anymore. It should only be used as a last resort or if it's the only encryption available.

The proper and much safer method for securing a wireless router is by using the new Wireless Protected Access (WPA) standard. You may also see it referenced as WPA2 which is the current standard for wireless authentication and encryption. WEP was so unsafe and easy to hack, that the folks at the IEEE had to quickly find a better solution. WPA was born. By using the same encryption algorithm (RC4) as in WEP but in a properly implemented method is how WPA has made our wireless networks safe again. WPA was later upgraded to WPA2 and is the latest improvement in wireless encryption and authentication. WPA2 uses the Advanced Encryption Standard (AES) to encrypt the wireless communication between the wireless device and the wireless router. Either WPA or WPA2 should be selected to protect and prevent unauthorized access and sniffing of your wireless connection. Both WPA and WPA2 are current and safe to use.

PSK stands for Pre Shared Key. This is a one time setup between the wireless router and the wireless device. Because of this, it is not necessary to remember the passphrase. Notice I used passphrase and not password. The reason is simple, the only known way to hack WPA or WPA2 is by brute force. What this means is an attacker has to try every possible combination of letters, numbers and characters to guess the password. However, the longer the password or passphrase, dramatically diminishes a successful compromise. The recommended length is a minimum of 30 characters. WPA and WPA2 support passphrases of up to 63 characters or 64 characters in hexadecimal mode. This provides more than enough security through the encryption process that it would take an infinite amount of time to hack. For a passphrase to really be effective, it depends on the randomness of it. I would like to point you to this page https://www.grc.com/passwords.htm This is a secure page that provides a unique random string of characters to use as passphrases and passwords. The first set is 64 random hexadecimal characters. The second set is 63 random ASCII characters and the third set is 63 random alphanumeric characters. For compatibility reasons, I suggest you use the middle set. (63 random ASCII characters) Copy and paste this string into the passphrase box for your wireless router. Remember to paste the same string of characters into your wireless device, such as a laptop, to use as the passphrase for it so you can access your wireless network. That's it you're done. Hint: You should save this string in a text file for future reference and to add new devices to your wireless network. Save this file in a safe place.

Source: some article which i found from the internet at the time of securing my wireless router
wildon is offline  
Old 14th January 2010, 11:04   #18
Senior - BHPian
 
Shan2nu's Avatar
 
Join Date: Feb 2004
Location: Hubli - Karnata
Posts: 5,533
Thanked: 125 Times

Nice article Wildon. So WPA should be good enough for a personal wifi i guess.

ANyway, i also tried the MAC address security. It accepted my physical address and secured the connection, but the prob is that when i log into connection properties on my wifi laptop, there is no MAC option. I only see shared, wep, wpa, 802.1x.

So im unable to acces the internet through my wifi devices.

Im going back to WPA settings for now, until the MAC issue is solved.

Shan2nu
Shan2nu is offline  
Old 14th January 2010, 11:10   #19
Senior - BHPian
 
Shan2nu's Avatar
 
Join Date: Feb 2004
Location: Hubli - Karnata
Posts: 5,533
Thanked: 125 Times

I would also like to know how i can change the default password to the opening page (the log in page that i get when i enter the 192.168.1.1 website).

Coz i read that no matter what settings i do with wep, wpa or mac, if the main log in page is using the defualt settings, it can be hacked very easily.

Shan2nu
Shan2nu is offline  
Old 14th January 2010, 12:09   #20
Senior - BHPian
 
pranavt's Avatar
 
Join Date: May 2008
Location: Mumbai
Posts: 1,682
Thanked: 634 Times
Infractions: 0/1 (5)

Blocking via MAC address is stupid since spoofing a MAC address takes all of 5 seconds.
pranavt is offline  
Old 14th January 2010, 12:10   #21
BANNED
 
Join Date: Jul 2007
Location: Bangalore
Posts: 2,440
Thanked: 1,234 Times

Quote:
Originally Posted by Shan2nu View Post
I would also like to know how i can change the default password to the opening page (the log in page that i get when i enter the 192.168.1.1 website).

Coz i read that no matter what settings i do with wep, wpa or mac, if the main log in page is using the defualt settings, it can be hacked very easily.

Shan2nu
From the screen shot provided by on the first page i can see the "Management" option click on that >> Access Control >> Passwords and select the user name from the drop down menu.

If you select admin and leave the old password as blank (if you dont have any) and enter the new passwords in the next column, confirm the same in the next column.

close the browser and open it again enter 192.168.1.1 and now i hope you will get the popup box for username and password

Last edited by wildon : 14th January 2010 at 12:18.
wildon is offline  
Old 14th January 2010, 12:52   #22
Senior - BHPian
 
Shan2nu's Avatar
 
Join Date: Feb 2004
Location: Hubli - Karnata
Posts: 5,533
Thanked: 125 Times

Ok another issue.

When i set the security and save it, the settings only last till the modem is on. If i switch the modem off and start it again. The settings go back to default.

Why is this happening?

Shan2nu
Shan2nu is offline  
Old 14th January 2010, 13:26   #23
BANNED
 
Join Date: Jul 2007
Location: Bangalore
Posts: 2,440
Thanked: 1,234 Times

There will be an option/button for Save/Reboot so the changes made will remain permanent.
wildon is offline  
Old 14th January 2010, 13:52   #24
Senior - BHPian
 
Shan2nu's Avatar
 
Join Date: Feb 2004
Location: Hubli - Karnata
Posts: 5,533
Thanked: 125 Times

Ok got it.

I first applied the settings, restarted the access point, saved all and then restarted the connection.

Its not going back to default now.

Shan2nu
Shan2nu is offline  
Reply

Most Viewed
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Copyright ©2000 - 2024, Team-BHP.com
Proudly powered by E2E Networks