How to Setup Wireless Networking in Your Home
Do's and Dont's of Home Wireless Networking
Home based wireless networking is becoming the norm these days. With the availability of hardware, coupled with the affordable pricing of such hardware, it has become cheaper to setup a wireless network in your home. Along with this affordability though, comes liability. When you connect your new access point for your wireless home, you'll find almost every vendor's hardware works right out of the box. Simple, 5 minute setup time they advertise and it's true more often than not. But, are you done with your wireless setup? The simple answer is no, you're not. Let's look, though, why that answer is really not so simple.
Depending on the hardware that you purchased, there are many configuration changes that you could implement. Since we can't possibly cover every piece of hardware on the wireless market and every setting they may have, we're going to focus on wireless networking as a whole. First thing, let's get that wireless network some security. Now, while this won't be impregnable security, it will add some layer of protection while we work on the other parts. Remember, security is like anything else, just one strategy doesn't defend against every possible negative thing. We have to approach this in a "layers" mentality.
So we're ready for our first level of security. Let's log into our wireless access point and add a WEP or WPA key (which one depends on the hardware you bought. Some do both types of security key, some only do WEP). We'll want to assign a 128-bit key (a 256-bit key is preferable if your hardware supports it). One point here though is that your wireless access point and the wireless cards in your computers or handhelds must be able to support the same protocol and encryption level you choose. If they don't match, your device isn't getting connected. You have to enter the same key on your computer's wireless card too.
Now, let's change our SSID (this is the wireless name of your network). As an example, a Linksys brand wireless access point (WAP) has a default SSID of LINKSYS. We don't want to leave it this way. All the people that want to break into your WAP knows that LINKSYS SSID had a login of ADMIN and password of ADMIN. You should think of something clever, but something not too easy to break into. You'll also want to turn off broadcast of SSID after you change it's name. That way sniffer programs that look for SSID's won't be able to see your WAP is online. Known examples of good SSID's are:
Ok, we're on a roll. We have a few layers of security in place (The SSID is changed, the channel we broadcast on is not default, the SSID broadcast is turned off, we changed our WAP login/password). Now let's get even more specific. We know we have X amount of computers in our home (for example let's say 2, 1 desktop and 1 laptop). So in the DHCP IP section of our router, we can tell the router to only issue 2 ip's. That way if a third computer (one of our neighbors or someone) wants to get on our network, they can't get an IP adress. Our last layer is setting up the WAP to only issue IP addresses to specific MAC addresses. If you log into one of your computers and go to start>run>cmd>and then type IPCONFIG /ALL into the dos box, one of the line items will be Hardware address. Write down that info, go back to your router administration screen and enter this hardware address. Now only that MAC address can get one of your 2 IP addresses Now go to your second machine (in our example) and do the same steps. Now only those 2 mac addresses can can the 2 IP's that it will hand out.
Now, we've gone several layers deep to improve security on our WAP and to keep intruders off the network. Most people will stop trying if they have to defeat three layers of security, especially for just a home network. You have 6 layers and most likely won't see an intruder. Keep in mind, each access point is different but these basic settings are included in the major vendors (Linksys, DLink, Buffalo, Netgear, Microsoft).
Enjoy your new wireless computing!
Depending on the hardware that you purchased, there are many configuration changes that you could implement. Since we can't possibly cover every piece of hardware on the wireless market and every setting they may have, we're going to focus on wireless networking as a whole. First thing, let's get that wireless network some security. Now, while this won't be impregnable security, it will add some layer of protection while we work on the other parts. Remember, security is like anything else, just one strategy doesn't defend against every possible negative thing. We have to approach this in a "layers" mentality.
So we're ready for our first level of security. Let's log into our wireless access point and add a WEP or WPA key (which one depends on the hardware you bought. Some do both types of security key, some only do WEP). We'll want to assign a 128-bit key (a 256-bit key is preferable if your hardware supports it). One point here though is that your wireless access point and the wireless cards in your computers or handhelds must be able to support the same protocol and encryption level you choose. If they don't match, your device isn't getting connected. You have to enter the same key on your computer's wireless card too.
Now, let's change our SSID (this is the wireless name of your network). As an example, a Linksys brand wireless access point (WAP) has a default SSID of LINKSYS. We don't want to leave it this way. All the people that want to break into your WAP knows that LINKSYS SSID had a login of ADMIN and password of ADMIN. You should think of something clever, but something not too easy to break into. You'll also want to turn off broadcast of SSID after you change it's name. That way sniffer programs that look for SSID's won't be able to see your WAP is online. Known examples of good SSID's are:
-
- IAMAWARDRVR2
-
- UCANTUSEME
-
- DONTLOOKNOWTHEINTERNETISDOWN
-
- DAVEYBOYSHOME
-
- HOWYOULIKEMENOW
-
Ok, we're on a roll. We have a few layers of security in place (The SSID is changed, the channel we broadcast on is not default, the SSID broadcast is turned off, we changed our WAP login/password). Now let's get even more specific. We know we have X amount of computers in our home (for example let's say 2, 1 desktop and 1 laptop). So in the DHCP IP section of our router, we can tell the router to only issue 2 ip's. That way if a third computer (one of our neighbors or someone) wants to get on our network, they can't get an IP adress. Our last layer is setting up the WAP to only issue IP addresses to specific MAC addresses. If you log into one of your computers and go to start>run>cmd>and then type IPCONFIG /ALL into the dos box, one of the line items will be Hardware address. Write down that info, go back to your router administration screen and enter this hardware address. Now only that MAC address can get one of your 2 IP addresses Now go to your second machine (in our example) and do the same steps. Now only those 2 mac addresses can can the 2 IP's that it will hand out.
Now, we've gone several layers deep to improve security on our WAP and to keep intruders off the network. Most people will stop trying if they have to defeat three layers of security, especially for just a home network. You have 6 layers and most likely won't see an intruder. Keep in mind, each access point is different but these basic settings are included in the major vendors (Linksys, DLink, Buffalo, Netgear, Microsoft).
Enjoy your new wireless computing!
Published by David Howard
I was in the Army and I have been in the Information Technology sector for over 12 years. I am also a Certified Ethical Hacker (C|EH), MCSE, CCNA and A+ certified professional. View profile
- Introduction to Wireless NetworkingThis article will explain several aspects of wireless networking that confuses most customers. It outlines ways that the reader can form his or her own wireless network, as well as some of the technical aspects.
- Secure Your Home Network like a Pro (Part 1)Contrary to popular belief, you can protect your home network from spyware and viruses without anti-virus software like the kind sold by McAfee and Norton - that's $60 a year you can spend somewhere else. Read this se...
- AT&T's U-verse: TV-Plus-Internet Service is Better, Cheaper Than CableCable television is obsolete. Meet its cheaper successor. It's not satellite television but free, Web-accessible DVR with picture-in-picture channel surfing and three, free receivers.
- Review: Linksys Wireless-G USB Adapter for Windows PCThis is the best and easiest way to add plug-and-play wireless capability to your desktop PC, and it works perfectly with Windows Vista!
- How to Install a Wireless CardInstalling a wireless nic on your pc isn't as hard as you might think!
- Wireless Internet Routers Allow for Easy Home Computer Network
- Wireless Local Area Network
- A Pocket Buyer's Guide for Home Networking
- How to Set Up a LAN in Your Home
- How to Network Your Computers in Your Home
- Wireless Networking Without a Router
- Windows XP: How to Network Your Home Computers
- Take the Layer approach to wireless security
- Be vigilant
- Don't spend too much money
The average effective, good 802.11g wireless access point is $39.95.