First, be sure to connect to the router using an Ethernet cable for your configuration work – otherwise, with the first change, you’ll get locked out. If you are using wireless to login to the router, if you get locked out, you’ll have to wait for the router to time out and close that login.
Know these definitions,
- SSID = Server Set ID – basically, this is the network name
- MAC Address = a unique code for every networking device
- WEP = "Wired Equivalent Privacy" (don’t you believe it!)
- WPA = newer technology"Wi-Fi Protected Access"
- WPA2 = the latest version"Wi-Fi Protected Access v2"
First, I recommend that you secure your network. Many people believe in having their network open — available to anyone who might want to use it. Without considering whether such sharing this may or may not be in compliance with your ISP’s terms and conditions of your service, you should consider the impact on the individual computers of your network.
If you are using a DHCP server to assign addresses and do not control access to your network, you will not be able to share files and printers between the other computers of your network. You will also open those computers to malicious, or just bored, attack by someone accessing your network.
You should pick and use the maximum security options that your computer and operating system are capable of using. If you are using Windows XP, you should use WPA, not a variety of WEP. This also means you should purchase or upgrade to at least an 802.11g router — you have to use up-to-date equipment to have up-to-date security options. Most manufacturers provide excellent instructions in their manuals on setting up a wireless network securely. You can download many of these manuals from the manufacturers’ websites to help you in your pre-purchase decisions.
My operating system and equipment choices: Windows 7 Home Premium, Windows 7 Professional or Windows 7 Ultimate, a NETGEAR Wireless Router – AC 1750 Dual Band Gigabit (R6300), at least two Ethernet cables (one to go between the modem and the router, and one for at least a temporary connection of a computer to the wireless router, for configuration and firmware upgrades). If you have to purchase a wireless adapter for a desktop or notebook, get a matching USB adapter from the same manufacturer for the same speed. If you have wireless capability built into your notebook, you can use it or an add-on like the Netgear WiFi USB Adapter – AC Dual Band (A6200)
that I bought. You can probably use other brands, too, but after years of using Linksys, I’ve converted to Netgear for my router. For the best in current home wireless encryption, make sure you can do WPA2 — almost all wireless computing devices now support it, including iPhone, iPad and some of the Android products.
- Connect router to pc/notebook with Ethernet cable –– so you don’t get locked out.
- Set to Infrastructure (with router), not ad-hoc (peer to peer)–– router can do more filtering (e.g., only talk to certain MAC addresses) than the PC’s cards can.
- Change the default SSID name.
- Turn on MAC address filtering for all wireless cards & router
- Turn off broadcasting of the SSID.
- Turn on WPA2 – Don’t use WEP – it’s too easily cracked these days…
- Change the default Login ID (if applicable) and default password on the wireless router
- Ensure that remote management is turned off.
- Consider placement of the AP to get the signals where you want them and minimize signals going where you don’t want them. Usually, the middle of the house.
There are three more important things to do if you are using a portable wireless device — a notebook computer or a wireless PDA to connect to your network for file and/or printer sharing.
- Run any of the commercial firewall programs – personally, I don’t like the Windows firewall, as it accepts too much Microsoft traffic as legitimate. .
Use a non-default IP range for your home network. Why? Because, you’ll probably set the firewall to "Trust" anyone on your local network’s IP range. If you use the default IP range, and if you go to the coffee shop, you just told it to "Trust" any computer on that network, too! Most routers for the home market default to 192.168.0.1 – 192.168.0.255 or 192.168.1.1 – 192.168.1.255.
What are the valid IP ranges you can use? These IP addresses are "Reserved for Private Networks" — like yours.
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255 and
192.168.0.0 – 192.168.255.255.
- Use a non-default Workgroup name for your local network. Windows will default to "MSHOME." You don’t want to accidentally share files with the others in the coffee shop.
Each router model is set up differently. If you can not figure out how to do these steps, read your manual –– all the manuals that I have examined have good instructions, although I like Linksys’ the best.
If you need help, get your local computer guru or computer consultant to give you a hand. Most computer shops also have staff who make house calls.
Please, do not skip these security steps.
After you finish, you are not finished! Check for firmware updates occasionaly. Sometimes, these fix security holes that have been found. Other times, they make dramatic improvements in the wireless connection’s stability. I have seen computers that were unable to maintain a wireless connection with the router — a firmware update to the router completely solved the problem.
- You ARE running a firewall aren’t you? If not, get the VIPRE Antivirus Premium, which combines anti-virus, anti-malware and firewall
- Set your network card’s SSID to "ANY" and disable the WEP encryption. That’s all it takes to connect.
- Remember, nothing you send is encrypted (unless you’re using a "https" website). Anyone with the know-how can intercept your radio signal and read it. Don’t send passwords or sensitive information unless you are sure they will be encrypted.
- Make sure you’ve handled the issues in the section above (Wireless Networking with Notebooks and PDAs) so that you do not have unplanned security holes.
Read more about Wireless Networking