I've just replaced my Netgear 4-Port router with a Linksys Wireless WRT54GS
router. I have 2 desktop PC's and a TiVo that are always connected to the
router via CAT-5, and on a very infrequent occasion, an X-Box that also
connects to the router via CAT-5. It's the recent addition of a laptop with
built-in wireless capability that prompted me to go with a wireless router,
and now that I am wireless, I'm a little more concerned about security (than
I have been) and have a few questions.
What I've done so far, is changed the router name & password, disabled SSID
broadcast, enabled the wireless MAC list so only the laptop is permitted to
access to the wireless network, set the max # of DHCP users to the minimum
amount I need, and am using WEP 64 encryption. Remote WAN management is
also disabled. I tried changing the subnet mask, but I was then locked out
of the router and had to reset it to factory defaults in order to gain
access to it again. In my opinion, changing anything from the default
setting can only be beneficial, so I wonder why I wasn't able to change the
subnet...?
The 2 Desktops are running XP Pro W/SP1 and the Laptop is running XP Home
W/SP1 also. Microsoft's ICF is off and all 3 PC's are running ZA Pro 4.5.
For simplicity, I named the Zone in ZA to be the same as the Workgroup I set
up in Windows on all 3 machines, and it's set up as a trusted zone. Out of
necessity, I've also enabled F&P sharing on all 3 PC's.
When I run Shields up at Steve Gibson's site, ports 0-1056 are completely
stealthed, and the port tests I ran at DSLReports.com, although not as
intensive, show all TCP & UDP ports as silent.
So I feel I'm pretty secure, but I'm also wondering how much of this is a
false sense of security? What else should I be concerned about, or consider
adjustments to? I guess I could utilize WPA security, and I'm not sure why
I haven't yet, maybe because of something I've read?...
Also, I assume that disabling SSID is meaningless against someone who is
bound and determined to hack into my little home network, and that disabling
it just really "hiding" me from local neighbors in an apartment complex that
are casually looking to jump on someone else's network?
I would use WPA if your devices support it... I am also surprised you say your only using 64-bit WEP
versus 128-bit WEP...I certainly would use 128-bit WEP as a minimum, if again your devices support
it...and WPA being the ideal...
Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
"DavidJ726" <DavidJ726@hasnoaddress.com> wrote in message
news:OimYCHuNEHA.2976@TK2MSFTNGP10.phx.gbl...
> I've just replaced my Netgear 4-Port router with a Linksys Wireless WRT54GS
> router. I have 2 desktop PC's and a TiVo that are always connected to the
> router via CAT-5, and on a very infrequent occasion, an X-Box that also
> connects to the router via CAT-5. It's the recent addition of a laptop with
> built-in wireless capability that prompted me to go with a wireless router,
> and now that I am wireless, I'm a little more concerned about security (than
> I have been) and have a few questions.
>
> What I've done so far, is changed the router name & password, disabled SSID
> broadcast, enabled the wireless MAC list so only the laptop is permitted to
> access to the wireless network, set the max # of DHCP users to the minimum
> amount I need, and am using WEP 64 encryption. Remote WAN management is
> also disabled. I tried changing the subnet mask, but I was then locked out
> of the router and had to reset it to factory defaults in order to gain
> access to it again. In my opinion, changing anything from the default
> setting can only be beneficial, so I wonder why I wasn't able to change the
> subnet...?
>
> The 2 Desktops are running XP Pro W/SP1 and the Laptop is running XP Home
> W/SP1 also. Microsoft's ICF is off and all 3 PC's are running ZA Pro 4.5.
> For simplicity, I named the Zone in ZA to be the same as the Workgroup I set
> up in Windows on all 3 machines, and it's set up as a trusted zone. Out of
> necessity, I've also enabled F&P sharing on all 3 PC's.
>
> When I run Shields up at Steve Gibson's site, ports 0-1056 are completely
> stealthed, and the port tests I ran at DSLReports.com, although not as
> intensive, show all TCP & UDP ports as silent.
>
> So I feel I'm pretty secure, but I'm also wondering how much of this is a
> false sense of security? What else should I be concerned about, or consider
> adjustments to? I guess I could utilize WPA security, and I'm not sure why
> I haven't yet, maybe because of something I've read?...
>
> Also, I assume that disabling SSID is meaningless against someone who is
> bound and determined to hack into my little home network, and that disabling
> it just really "hiding" me from local neighbors in an apartment complex that
> are casually looking to jump on someone else's network?
>
> Thanks for your thoughts.
>
> David...
>
>
>
>
Should of also mentioned that in addition to disabling SSID broadcast, I
also changed the SSID. Also, I stayed with 64 bit encryption instead of 128
due to concerns I've read about 128 "bogging" down the system.
David...
"DavidJ726" <DavidJ726@hasnoaddress.com> wrote in message
news:OimYCHuNEHA.2976@TK2MSFTNGP10.phx.gbl...
> I've just replaced my Netgear 4-Port router with a Linksys Wireless
WRT54GS
> router. I have 2 desktop PC's and a TiVo that are always connected to the
> router via CAT-5, and on a very infrequent occasion, an X-Box that also
> connects to the router via CAT-5. It's the recent addition of a laptop
with
> built-in wireless capability that prompted me to go with a wireless
router,
> and now that I am wireless, I'm a little more concerned about security
(than
> I have been) and have a few questions.
>
> What I've done so far, is changed the router name & password, disabled
SSID
> broadcast, enabled the wireless MAC list so only the laptop is permitted
to
> access to the wireless network, set the max # of DHCP users to the minimum
> amount I need, and am using WEP 64 encryption. Remote WAN management is
> also disabled. I tried changing the subnet mask, but I was then locked
out
> of the router and had to reset it to factory defaults in order to gain
> access to it again. In my opinion, changing anything from the default
> setting can only be beneficial, so I wonder why I wasn't able to change
the
> subnet...?
>
> The 2 Desktops are running XP Pro W/SP1 and the Laptop is running XP Home
> W/SP1 also. Microsoft's ICF is off and all 3 PC's are running ZA Pro 4.5.
> For simplicity, I named the Zone in ZA to be the same as the Workgroup I
set
> up in Windows on all 3 machines, and it's set up as a trusted zone. Out
of
> necessity, I've also enabled F&P sharing on all 3 PC's.
>
> When I run Shields up at Steve Gibson's site, ports 0-1056 are completely
> stealthed, and the port tests I ran at DSLReports.com, although not as
> intensive, show all TCP & UDP ports as silent.
>
> So I feel I'm pretty secure, but I'm also wondering how much of this is a
> false sense of security? What else should I be concerned about, or
consider
> adjustments to? I guess I could utilize WPA security, and I'm not sure
why
> I haven't yet, maybe because of something I've read?...
>
> Also, I assume that disabling SSID is meaningless against someone who is
> bound and determined to hack into my little home network, and that
disabling
> it just really "hiding" me from local neighbors in an apartment complex
that
> are casually looking to jump on someone else's network?
>
> Thanks for your thoughts.
>
> David...
>
>
>
>
So other than that, I guess everything looks good to you, no other area's of
concern?
Thanks,
David...
"Sooner Al" <SoonerAl@somewhere.net.invalid> wrote in message
news:%23U5daMuNEHA.3012@tk2msftngp13.phx.gbl...
> I would use WPA if your devices support it... I am also surprised you say
your only using 64-bit WEP
> versus 128-bit WEP...I certainly would use 128-bit WEP as a minimum, if
again your devices support
> it...and WPA being the ideal...
>
> http://www.microsoft.com/WindowsXP/e...n/03july28.asp
>
> http://www.microsoft.com/windowsxp/e...december03.asp
>
> --
> Al Jarvi (MS-MVP Windows Networking)
>
> Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
> The MS-MVP Program - http://mvp.support.microsoft.com
> This posting is provided "AS IS" with no warranties, and confers no
rights...
>
> "DavidJ726" <DavidJ726@hasnoaddress.com> wrote in message
> news:OimYCHuNEHA.2976@TK2MSFTNGP10.phx.gbl...
> > I've just replaced my Netgear 4-Port router with a Linksys Wireless
WRT54GS
> > router. I have 2 desktop PC's and a TiVo that are always connected to
the
> > router via CAT-5, and on a very infrequent occasion, an X-Box that also
> > connects to the router via CAT-5. It's the recent addition of a laptop
with
> > built-in wireless capability that prompted me to go with a wireless
router,
> > and now that I am wireless, I'm a little more concerned about security
(than
> > I have been) and have a few questions.
> >
> > What I've done so far, is changed the router name & password, disabled
SSID
> > broadcast, enabled the wireless MAC list so only the laptop is permitted
to
> > access to the wireless network, set the max # of DHCP users to the
minimum
> > amount I need, and am using WEP 64 encryption. Remote WAN management is
> > also disabled. I tried changing the subnet mask, but I was then locked
out
> > of the router and had to reset it to factory defaults in order to gain
> > access to it again. In my opinion, changing anything from the default
> > setting can only be beneficial, so I wonder why I wasn't able to change
the
> > subnet...?
> >
> > The 2 Desktops are running XP Pro W/SP1 and the Laptop is running XP
Home
> > W/SP1 also. Microsoft's ICF is off and all 3 PC's are running ZA Pro
4.5.
> > For simplicity, I named the Zone in ZA to be the same as the Workgroup I
set
> > up in Windows on all 3 machines, and it's set up as a trusted zone. Out
of
> > necessity, I've also enabled F&P sharing on all 3 PC's.
> >
> > When I run Shields up at Steve Gibson's site, ports 0-1056 are
completely
> > stealthed, and the port tests I ran at DSLReports.com, although not as
> > intensive, show all TCP & UDP ports as silent.
> >
> > So I feel I'm pretty secure, but I'm also wondering how much of this is
a
> > false sense of security? What else should I be concerned about, or
consider
> > adjustments to? I guess I could utilize WPA security, and I'm not sure
why
> > I haven't yet, maybe because of something I've read?...
> >
> > Also, I assume that disabling SSID is meaningless against someone who is
> > bound and determined to hack into my little home network, and that
disabling
> > it just really "hiding" me from local neighbors in an apartment complex
that
> > are casually looking to jump on someone else's network?
> >
> > Thanks for your thoughts.
> >
> > David...
> >
> >
> >
> >
>
I feel secure, am I ? 
Linear Mode
