Configuring your Home Wireless Network
Questions How many of you have more than one computer at home? How many of you connect to the Internet using broadband (Cable or DSL) How many already have a home router? Already have a wireless router? For those who have not already done so, we will show you how to install a WLAN tonight. More critically we will discuss ways to secure your wireless network
Agenda Connecting things together Home network - terminology Security Firewalls, Filtering, etc Setting up a home router Setting up Print and File Sharing Questions
Home Network Internet ISP Wire to home Modem Translates electronic data Router Disperses electronic data Network Adaptor Required for each Computer Wired NIC (network interface card) or ethernet card Wireless Wireless Adaptor
Network One or more devices connected together To the Internet with a router To each other in order to share Resources: Internet Connections Sharing Files Sharing Printers WAN, LAN, WLAN, PAN WAN Wide Area Network many computers, locations LAN Local Area Network few computers, 1 location PAN Personal Area Network home network WLAN Wireless Local Area Network
Wireless Wireless Networking Standards 802.11 a, b, and g configuration specifications to insure compatibility Different speed/range capabilities Equipment conforming to g is most popular/available Good for 100-400 feet in a house General rule don t mix equipment made to different standards Bluetooth Standard which is often used for peripheral devices Printers, scanners, cell phones, etc Short range (10 ft), high speed
What is a Cable/DSL Modem Modem (modulator/demodulator) encodes/decodes information transmitted to the internet Usually provided and controlled by your ISP Connects your home to the Internet. This is the device that gets your public IP (internet protocol) address Normally has no firewall protection
What is a Router Connects one network to another Sometimes called a Gateway Connects your computer to the internet (cable modem or DSL Line) keeps LAN traffic local Routers keep track of IP addresses and physical (MAC) addresses of hosts IP (Internet Protocol) address your computers internet address MAC (Media Access Control) id for each physical communication device
What is an Access Point A point where computers access a network Device which links wireless users to network Transmits and receives data (Transceiver) Bridge between wireless and wired networks Can be linked together to cover broad area No security or firewall implemented
What is a Firewall A device that filters packets of data or traffic Its job is to be a traffic cop You configure the firewall: What will allow to pass What will it block Hides your home network from the outside world Can be either in hardware or software Most popular routers for home have built in firewall protection
What Does a Firewall do? They: Protect your home computer from the bad guys Keep your information private Make you less of a target By: Stopping viruses Hiding your computer from the world Making the bad guys work harder to get your info
Firewall Protection Internet Firewall Home Network 1. Checks incoming traffic from the network before it gets to your home network. default Blocks all Incoming connections 2. Traffic leaving your home network default - Allow all outbound connections 3. Hardware firewalls protect you home network by stop all traffic before it get to your computers 4. Personal software firewall on your computer blocks incoming and outgoing (lets you know what is leaving your computer)
Hardware Firewall Routers The idea is layers of protection Examples of home combo units include Belkin (we will demo tonight) Dlink Linksys Netgear
Software Firewalls Adding a second level of protection Controlling what leaves your computer By being aware of application level attacks By allow you to schedule Usage of the internet by time (control access at night) By location (block content for young children)
Software Firewalls for Home Use Examples Zone Alarm (Free) McAfee Firewall Symantec s Norton Personal Firewall Computer Associates with Firewall (free) Windows Firewall in XP Service Pack 2 (free)
Configure Wireless Firewall/router Overview 1. Basic Settings name, ip address, etc Check for firmware updates 2. Set Account name and password Change name and password don t used default 3. Wireless Settings SSID broadcast make sure that remote computers are set to automatically connect Do not enable DMZ Do enable ping blocking 4. Security - Blocking and Filtering Wireless Security encryption MAC filtering 5. Back up settings
Basic Settings and Info Run Install CD that comes with router Basic info will be automatically entered or requested To change info: For Belkin the default IP address is 192.168.2.1 Other manufacturers use different ip addresses (later slide) Enter this into address bar Setup page will be displayed Firmware - software that is embedded in a hardware device Updated occasionally by manufactures Check whenever you access router
Account Name Change name Default name is set by manufacturer eg, Belkin54 Bad guys know defaults and default administrative passwords Create Administrative Password Use Strong Password Record your password where you can find it so you can make changes
Default Info Router default info is easily available on internet for consumers and the bad guys eg http://www.otosoftware.com/wwhelp/default_router_usernames_a nd_passwords.htm http://forum.pcmech.com/showthread.php?t=64258 So Change Name and Password Mfg Default IP User Name Password Belkin 192.168.2.1 admin blank D-link 192.168.0.1 admin blank Linksys 192.168.1.1 blank admin Netgear 192.168.0.1 admin password
Passwords Your computer password is the foundation of your computer security No Password = No Security Old Passwords & Same Password = Reduced Security Set and change the administrator password on router (and your computer logon) STRONG PASSWORD 6-8 digit passwords use upper, lower case, numbers and symbols
Wireless Settings SSID - service set identifier name given to your wireless network Broadcasting this ID makes network visible to PCs in area can be turned off so it will not be detected by other PCs in area Be sure to set up your own pc to automatically detect and logon to your WLAN DMZ allows you to select a PC to access WLAN outside the firewall do not enable unless firewall interferes with some activity Ping Blocking troubleshooting tool Signal sent and echo received indicates valid ip address Used by hackers to find active computers Enable ping blocking won t send echo back
Security Blocking and Filtering Encryption coding transmissions Multiple variations. 2 most common: WPA-PSK Wireless Protected Access (Pre-shared key) Use same password for all computers Preferred Choice WEP Wired equivalent privacy 64 or 128 bit encryption doesn t matter Enter Password converts to hex code Must enter hex code 2 nd Choice (if WPA not supported)
MAC Filtering MAC address Media Access Control address Unique ID permanently attached to each communication device by manufacturer hardware id Can find MAC address: run cmd ipconfig/all Enter MAC addresses of acceptable network clients If address is not on filter list, access to network will be denied Very effective security method
RECAP Steps to protect your wireless network 1. Change the default password on your router 2. Enable WPA(PSK) or WEP on router and wireless workstation 3. Use MAC address filtering 4. SSID broadcast off 5. Prohibit Peer-to-peer (Ad Hoc) networking 5. Keep current on hardware bios upgrades
Print and File Sharing Overview Print and File Sharing: Useful, but Risky if all computers are not secure Setting up Network for Printer and File sharing 1. Interface card Set Interface card to allow 2. Each computer in network Make sure each computer is part of network 3. Printer Make sure that Print sharing is allowed for printer Load appropriate print drivers on each computer 4. Firewall Settings Reset network IP range to trusted zone 5. Place files to share in Shared Documents folder
Print and File Sharing Details (1) Be sure WLAN is working and secure Interface card Start connect to NIC or WLAN card properties Printer Check File and Printer sharing on Microsoft Networks Repeat for all PCs on Network Start Printers and Faxes shared printer Select properties sharing check share this Printer)
Print and File Sharing Details (2) Firewall Be sure WLAN IPs are allowed in Firewall for all PCs Zone Alarm Firewall zones add IP range <enter appropriate range> Network ID for each computer Under My Computer Properties Computer name Click Change and add WLAN name as Workgroup Shared Documents Folder for each computer Any files in the Shared Documents folder will be accessible from all computers