Honest 836 Report post Posted March 5, 2011 How To: Configure a Wi-Fi Router Correctly Last week, we looked at ways to look for a good Wi-Fi router. It's one thing to choose a Wi-Fi router, but it's equally important to spend the same time to install and configure it correctly. If you’ve bought a router from your ISP, then someone from the ISP might have come over to your place and installed the router for you. Sometimes, the ISP personnel might not have any knowledge of wireless security and have no idea about your network setup at your home. If you’ve bought your own Wi-Fi router, then you will have to configure your router yourself. Let’s look at some of the most important features that need to be configured on your router. Logging into your router At this point, we are going to assume that you’ve setup the cables between the ISP and the router correctly. Routers and modems do not have any controls or LCD displays that let you configure the settings for them externally. The firmware on the router can only be accessed through a web browser. The web interface can typically be accessed on http://192.168.1.1 or http://192.168.0.1. The user name and password are both admin most of the time as well. If that doesn’t work, refer to the router manual for the correct URL or look at the back of the router. The user name and password will also be mentioned there. Some of them require you to authenticate using a web login while most of them use PPPoE (PPP over Ethernet). When you first buy your router, you might have to enter these details into the router manually for once. The interface and location of the menus differs from one brand of routers to another, but the features are common everywhere. If your ISP doesn’t use PPPoE, you can use DHCP as your setup type and if your ISP assigns you specific IP addresses, you can choose the Static IP option and enter the details manually. Enabling MAC Address Cloning Every single network device has a MAC address which is unique to that device. ISPs lock internet access to MAC addresses on their clients’ PCs. So when you buy a new router, the ISP detects a different MAC address and disables internet access to that connection. Fortunately, routers have a MAC address cloning feature that allow you to manually add the MAC address of your PC. Most of the routers have a MAC address auto-detection feature built into them. Enable it if you find your internet connection not working the moment you install your brand new router. Securing your Wi-Fi network Wi-Fi security is absolutely important if you don’t want your network PCs to be exposed and if you don’t want random users using your internet connections. Most routers come with no passwords set for the wireless network, which makes it easy for you to get online but at the same time, also easy for those unauthorized users. There are a few steps that can reduce the chances of that happening. When you first install the router, make sure that you have Security mode on your router setup to WPA2-Personal and enter a long and somewhat complicated password. Most ISPs today distribute routers amongst their users with the passwords set as admin, password, the user’s phone number or name. The next step is to block all MAC addresses other than your PC and other devices that you might be using. Remember, we talked about ISPs blocking PCs with unrecognized MAC address? Routers have a similar feature that blocks devices whose MAC addresses aren’t present in the white list. Linksys calls the feature the Wireless MAC filter. Disabling SSID Broadcast is one of the last steps to securing your router. With the broadcasting disabled, users aren’t able to see any wireless networks and accessing it isn’t possible unless you know the exact SSID of the network. Ideally, disable this once you’ve connected your devices to the Wi-Fi router at least once so that the SSID, password and settings are saved. Setting up port forwarding A lot of P2P applications and games might require open ports, which basically means that the router should be able to accept ports and forward them to your devices. Since all the connections being made to your network pass through the single router, the router needs to redirect those requests to specific PCs. In this case, incoming connections coming to various ports need to forwarded to the correct PCs. P2P applications for example need an accessible incoming port. Once you know which port your P2P application knows (which is something you can find out from the connection settings for the application), you can specify the port you would like the router to forward and to which PC or device. Some manufacturer use the term NAT, port forwarding or in the case of recent Linksys routers, the feature is available through a menu called Applications & Gaming. In this case, users can choose from one of the preset applications and ports or can choose to manually enter the values. For example, if you were hosting a game of Quake III Arena (a game that uses the port 27960) for your friends, you would need to specify the external port to be 27960, the internal port to be 27960 as well and mention the destination PC’s IP address. Don’t forget to specify TCP/UDP traffic. You can set it to be both if you’re unsure. Enabling bandwidth priority Streaming Youtube uses a lot of bandwidth. If you happen to be playing a multiplayer game online while someone else is watching a Youtube video on the same connection, you’re likely to face lag or disconnections. This is obviously very annoying. Routers have a feature which allows users to set higher or lower priority for bandwidth provided to specific PCs or applications. The QoS feature should allow you to select MAC addresses, IPs address and ports, so that bandwidth priorities can be assigned to them. Thanks to Rossi Fernandes Courtesy : Tech2 3 Share this post Link to post Share on other sites
_Kailash_ 63 Report post Posted March 6, 2011 Thanks Kamalji Thanks Share this post Link to post Share on other sites
Genius 817 Report post Posted March 6, 2011 nice article - looking at last article i had ordered one with usb to download torrents - thanks +1 Share this post Link to post Share on other sites
rajanmehta 4,056 Report post Posted January 19, 2012 Indian Wi-Fi Networks Under Possible Virus Attack: Indian Computer Emergency Response Team Source Indian Computer Emergency Response Team Website >> http://www.cert-in.org.in/ The advisory is on Home Page under Latest Security Alert named CERT-In Advisory CIAD-2012-0005 Dated January 13th 2012 with Severity Rating as High. Check if your Wi-Fi Routers are from among the brands mentioned in the advisory and do the workaround. Indian computer security analysts have detected and alerted Wi-Fi users in the country against a possible virus attack that could lead to crashing and hacking of secure networks. The Indian Computer Emergency Response Team (CERT-In), country's national agency to respond to computer security incidents, has found that the "Wi-Fi Protected Setup (WPS) contains a design error that could allow a weaker-than- expected defence against brute-force attacks, which could allow an attacker to gain unauthorised access to the affected system." A brute-force attack, in computer terminology, is a programme that is used to crack and stealthily enter into an encrypted and password protected system while WPS is a popular method for setting up a new wireless router for a home network. "The virus is streaming in the Indian Internet networks with a high severity. The combat mechanisms are being deployed," a computer security analyst with a government agency said. "An un-authenticated, remote attacker within range of the wireless access point could use the PIN (password) to gain unauthorised access to the device to retrieve the password for the wireless network or change the configuration of the device. "Failed attempts to exploit the vulnerability could lead to a denial of service condition," the CERT-In said in its alert to Wi-Fi users. The agency also said that reports (with the agency) indicate that some WPS devices "do not implement any kind of lockout policy for brute-force attempts, which greatly reduces the time to perform a successful attack." Share this post Link to post Share on other sites