ECN Forum Forums Technical Discussion Re: Computers and the Internet Router

Thanks everyone. I got everything up and running. I had to call Cisco to get the router set up. When I set up the Internet connection for the new laptop it asked for the router pin #. I went through all the steps to make sure the setup is protected. The only time I needed to create a password was when I set up the router. I did not need the password for the laptop, just the router pin #. But, I have no way to prove that it is password protected.?
I guess I will have to get someone with a laptop to see if they can get onto my network?
Once again, Thanks!!!!

What an informative site this is! I had to join just to contribute, so here's my first contribution.

Seeing if someone can get into your router is not the recommended test of security! I deal with wired and wireless networks in hospitals with hundreds of nodes in multiple sites and here is what I'd recommend.

First let me clear up some confusion. You've mentioned passwords and PIN's and seem to be confused about the functions and differences. There is a password required to get into the router's administration console and a "key" (which is what I think you're calling a "PIN") which is used for encryption. You are the only one that needs to get into the admin console so the password is only for your own use.

Most home routers can be configured using a wired connection and a supplied CD, or you can forget the CD and just manually set the IP address of your connected computer to one that's in the same subnet as your router. So if your router has a default address of 192.168.1.1 (and a netmask of 255.255.255.0) you could set your computer to 192.168.1.2 and the same netmask. Then open your Internet browser and type in the IP address of the router. That should bring you to the default administration page.

There is a password required to login to your router for administering it --> make SURE you change it... immediately! Everyone knows (or can easily find) the default password for your router as set by the manufacturer. Usually it's username "admin" and password "admin". Leave the username alone but set your new password to something reasonably complex (not your dog's name or your street number, etc.) and make a note of it. If lost, you can still get back into the admin screen of your router but only by resetting all the configuration back to factory defaults and starting over. If you skip this step and someone gets into your router they "own" your network and everything on it!

There are several aspects to securing your router. What you've been referring to as "password" or "PIN" is not actually the password - it's an encryption "key" that is used to encrypt the wireless data so it cannot be read by outsiders "sniffing" the network. That's assuming you have logged into your router and set it to use WPA or WPA2 encryption (please don't use WEP if available; it is easily cracked). Stronger keys make for stronger encryption, so again, use something that is reasonably complex. This will be required when setting up your laptop to connect so make a note of it. If your laptop sees an "unsecured wireless network", that's someone that has not done this step and their router can be freely used by anyone in the area. You don't want that.

There is also something called a SSID, which is what your laptop will display when you ask it to show all available wireless networks in the area. This is not terribly important; it's more a means of differentiating your network from others in the immediate area, so that clients (eg: your laptop) know which one to connect to. However, there's another security measure you can take and that is to make the SSID non-broadcast (security through obscurity). That just means it still exists but is not advertised, so anyone wanting to connect to it has to know (or guess) what it is. This is okay if you're the only one that's going to connect, but impractical if multiple guest users are going to be using it. And it's not much of a security measure by itself. When you set up your wireless connection on your laptop, you will specify the SSID and the WPA key chosen here, allowing it to make contact and establish a secure, encrypted connection. If it's non-broadcast, your laptop will not report it but don't worry - just go ahead and set it up anyway. Once the laptop has the required info it can find it.

Your router will have firewall rules too - these are rules about what traffic is allowed to pass through the router and/or in what direction. They are beyond the realm of this post but do read up on them. Basically you want to deny everything coming in from the outside, which is how most routers are configured by default, but you should look to be sure. You may also have the option of passing traffic through to a particular computer on the inside (a DMZ or server) - this is dangerous if you don't know what you're doing and it is unnecessary unless you need to run some kind of server behind your router.

I've given you more of a "what-to-do" rather than a "how-to", so you may have to consult your router's documentation. There's lots of detail on the Linksys site and elsewhere on the Internet, but if you do these basic steps you will be well on your way to having a secure wireless network.

Tiger,
Welcome to ECN, mate.
That post is brilliant!
One point about the Network key, that I don't think some people realise is that it uses Hexi-decimals (0-9,A-F).
You can make quite a complex string of numbers/letters in your key.

Another thing about passwords, is don't fall into the trap of using easily typed strings like 123456 or QWERTYU.

I use a random password generator to make an 8 character alphanumeric key... Could use more, but then it gets tricky to remember and/or read it off to guests.