PPRuNe Forums - View Single Post - Steps to secure Netgear DG834GT Wireless Install?
Old 30th Oct 2005, 21:48
  #4 (permalink)  
Avrel
 
Join Date: Sep 2003
Location: Earth
Posts: 18
Likes: 0
Received 0 Likes on 0 Posts
If I get this right (English is unfortunately not my native language), you bought a Netgear wireless router and have problems fixing the wireless security. If I am wrong, regard this post as useless, tell me about it and I will delete it again.

So now let me see whether I can help you at least a bit... My help might be rather concerning general terms.

In general there are different methods to secure a wireless connection by a key combination. They are called WEP and WPA (if it is the same technics as we use it in Germany). WEP is usually avaiable (if it is a new unit) in 2 forms. 64bit and 128bit key. The 128bit got a higher security level, but in general the WEP technics is rather common if you have old hardware on your computer or if the unit itself is old.
The WPA standard is more actual and my unit even offers WPA 2 (which is the actual standard I guess). If your hardware and software (WPA works with Windows XP, dunno about other operational systems) is compatible with WPA, I would suggest in any case using that method. In the technical information I got it is described as newer and improved standard compared to WEP. The key is generated another way and thus more difficult to hack as far as I know. How secure it is depends in any case (same goes for WEP) on the key combination you use. Wild number / letter combinations up to the limit which you can write down and keep in a secure place (for example the same where you keep your internet access data of your provider) are a good way to keep it secure. The use of small and capital letters also makes a difference.
At least in case of the WEP key / and also the WLan in general goes that a non-secured network is more quickly recogized by your own computer than one with key security. WEP 64bit goes relatively quickly, WEP 128bit key always took my computer a while till it logged itself in. WPA works quite fast for me too, but I use a notebook. I dunno how it will be for you. It can just take a while until your computer finds the lan after you entered the key both in your unit and on your computer system.

Being in the web without working key is something you should not do for very long. The chance that someone in your neighbourhood immidiately reads your data out is quite small, but on longer term it is very well possible.

For typing all this data into your router I would suggest honestly a wire connection. In Germany all units got the hole for a normal lan cable. Dunno whether yours got that too. It probably should. With wireless you might end up having the trouble you mentioned. In the end you lose the connection when you click upon the apply button. Of course it is possible to try it, but it works only if you immidiately give the key and method into your computer program, with which you try to access the connection.
With a cable connection you will not lose the access and you can try to apply the next changes before you plug it off and use the w-lan.

The next step after successfully applying the key would be giving the LAN another SSID. You can also do it before if you wish. It's just the order I try to remember the things I have done to secure my connection. The SSID is the name your access point got. It might be displayed on your notebook / stational computer aswell as for people outside who can theoretically access your network right now because it is not secured yet. Mine was called from the start WLAN which was a great name, because in our house we got about 4 connections being called that way. I go by a fantasy name now, which also makes it possible to recognize my network. If you have the possibility to change the SSID, do so.
My router also offers the possibility to hide it. It is a box, I can click and this option means the SSID is not sent around blindly. I did try that although I know I should. I guess it just complicates the recognition process if you try to apply all this for the first time. If you want to use it, I would suggest the SSID change, applying it and testing of it before you hide it.

Another VERY important step is giving your router a secure password. Everyone can access the settings via WLAN if it has an admin password of 0000 or something as intelligent as that. You can always emergency reset the settings of course if someone fouled things, but it still means someone can toy around with your unit until you know it. That should not be because at least in my case there is the data of the internet provider in it. The internet access data is something no one should know about. Choose in any case a safe password for your unit.

I dunno whether you got the possibility, but there is also something like an IP table in my menu. It means you give your computer a fixed Lan IP adress and enter that one into the router. If you activate this IP based system only those can access WLAN whose computers use an IP entered in that table. I never got that to work though and haven't tried too hard either. I don't know whether this is even possible for you. If it is someone might else be able to help you ut with that, because I do not have that specific knowledge.

Well the last security measure is also a rather general one, which has not to be used, but can be. It is the most simple of all: Turning the router off when you are offline. The less time it is online, the less chance you got to be hacked. Don't misunderstand me, I don't try to say: "The best system is the one not being used", but I rather mean that the times when you don't use it anyway can be used as offtime. It is what I do, although it is rather hard because of 2 flatmates who are also using my internet connection.

Whether you do it is your choice, but you should in any case think about changing your connection key (WEP, WPA or whatever) from time to time. Using the same one for a long period can also be unhealthy.

That's about all I remember now. It is very general and I am not that much of an expert. I successfully use WLAN for about one year now (without issues although I live in a student house with a few guys studying EDV and programming and such stuff). In general I am just not even sure, whether this is actually an answer to your question or whether you were aiming at something else. Like mentioned above, if this is the case... sorry for the misunderstanding on my side.

I hope someone else will jump in and clear some of the points I was not able to explain that well in my rather unstructured attempt to give some immidiate help. Perhaps even someone using the same unit you got will go through it with you. If not, PM me and I can try it if we once meet in a rather chat-like environment. Good luck in any case and I hope at least something of this was useful (if you can read it at all because of my pidgin-English).
Avrel is offline