FAQ & Section Info
The major manufacturers of wireless routers include Linksys, Cisco, Netgear, D-Link, TP-Link, Buffalo, and Asus.
A wireless router can be used to create a 'wireless network' out of a standard internet connection. For example, if you have a cable modem that has a single ethernet port on it, that connection can be plugged into the wireless router to be shared with many devices all at once. The advantage of a wireless router is that those connections don't necessarily have to be tied to a cable connection. A wireless router can communicate with other devices that have wireless capabilities - such as a laptop, SmartTV, iPad, tablet, phone, printer, etc.
Speed and security. A wired connection will typically be faster and more stable as you are conducting over a cable medium that is optimized for your use. With wireless routers you get a reduced transfer rate that is susceptible to signal loss and decay (especially as you move further away from the base station). As far as security, a wired connection will require someone to be physically plugged into it to compromise your local LAN (although with the internet this is no longer true). Because a wireless network extends out to as far as the signal can carry it, neighbors and people in the area in and around your home/office may be able to get access to it. That's why with a wireless network it's so important to password protect it as soon as you set it up. Passwords are usually set at the router level using the router's configuration software.
A wireless router's range is how far the signal extends out to from the base station. This is the distance the signal will travel (and thus the distance your devices can travel while still having access to the router). Range is determined by many components such as the physical hardware of the router, the antennas, etc. But the measurements you'll find on a router assume perfect 'lab conditions'. In reality, range can be substantially less if your signal has to pass through floors, walls, and other barriers.
Wi-Fi routers are very cheap and affordable nowadays; manufacturers like Belkin, Netgear, Cisco and D-Link have a variety of routers available in the market to suit the needs of different users and their budgets. The cheaper ones usually ship with four different LAN ports which is enough if you want to set up a LAN connection for the computers at your home or work.
If you want to share devices like a printer or a USB hard drive directly over the network, you need to increase your budget a little and invest in a print server (for the printer of course) as well. Here is a look at how you can set up a network at home.
Need to buy a router? Click Here to shop our wireless routers
Before installing you'll need to unbox your router. What you receive from the manufacturer will vary greatly, but in general most wireless routers come with the router itself, some sort of software or drivers disk, a power supply, and manual. Use the manual to quickly familiarize yourself with what each colored light/LED means on the router as this will help you diagnose any errors later in the process.
Install your router in a central location where all the devices can receive sufficient signals. It is often best to place it in an elevated location. Plug in the power connector to your wireless router and make sure the lights start flashing and turning on. Connect the cables from your Internet modem or any other form of Internet connection that you use to the WAN port on the router (Skip this if you do not have access to an Internet connection or do not want to share your internet)
Connect an Ethernet cable to any of the LAN ports; make sure that your cable is long enough to reach your host computer. Also, try not to get the cable tangled with other cables as it could cause some interference in the cable leading to unstable connections.
Connect the other end of the Ethernet cable to the Ethernet port on your host computer. You are now almost ready to start your home network.
Turn on your host computer and use the installation CD provided by the manufacturer to set up your network. One thing to remember while setting up your network though, always makes sure that your network is set to WP2-PSK to ensure that you have the highest possible security for your network. If you don't have any software you will want to try to access the router through the web interface. This can usually be achieved by typing 192.168.0.1 or 192.168.1.1 into your web browser (these are default values, to be more accurate lookup your 'Default Gateway' and type that address in).
When using your software you'll see a lot of options to choose from. Typically these will cover Quick Setup Wizards, General Setup, Status Information and Tools.
Quick Setup is just that, very quick, just enter Time Zone, Broadband Type and IP Address Info.
Under General Setup you'll usually find values to type in such as WAN settings, LAN setup, Wireless configuration, QoS, NAT and Firewall.
Under different options you'll find things like settings for AP, Station-Infrastructure, Bridge-Point to Point, Bridge-Point to Multi-Point, Bridge-WDS and Universal Repeater. Dig through everything and setup your password first so no intruders can get into your unsecured network.
When choosing a password use one that includes characters, numbers and special characters to make sure that no one can guess it. Different manufacturers have different installation methods for their routers and some may require you to set up using a web address instead of a CD.
Another thing to remember is that you should always change the login id and password of your router (not the WPA2 keys) which you use to access your router from the host computer with.
Your home network is now ready and you can share your files and internet connection over the network.
So what is wireless networking? The simple answer is networking without having to run cables all over your home.
What do you need? First thing you need is a WAP and a wireless card or wireless device that communicates with the WAP.
How does the WAP and wireless card or wireless device communicate? Via data converted to radio waves using the following frequencies: 802.11 @ 2.4Ghz 802.11a @ 5Ghz 802.11b @ 2.4Ghz 802.11g @ 2.4Ghz 802.11n @ 5Ghz and 2.4Ghz 802.11ac @ 5Ghz
What is 802.11? It is the wireless network standard named by the IEEE (Institute of Electrical and Electronics Engineers). The "a", "b" and "g" are the current iteration within the 802.11 wireless network standard.
The next logical question is what is the difference between the "a", "b" and "g"? 802.11b is the slowest and first standard to hit the market which can transmit data up to 11mbs. Now, 802.11a and 802.11g can both transmit data up to 54mbs.
If 802.11a and 802.11g can both transmit data up to 54mbs, why the two standards? Since 802.11a transmits data at the 5Ghz frequency, the equipment is costly to manufacture so the 802.11g standard was created utilizing the less costly 2.4Ghz frequency.
How do I setup my own wireless network? You have the option of setting up an open or secured wireless setup. An open wireless network is very simple to configure and setup. On the other hand, there are various options you can choose when setting up a secured wireless setup. The following is an example of how to setup a wireless network based on Linksys hardware taken from quick install product manuals for each device. I have included this more for reference and visual aids. Setup your wireless card first: (The following example is taken from the instruction manual of a Linksys WPC54g)
Once you have setup your wireless card you can now setup your WAP: (The following example is taken from the instruction manual of a Linksys WAP54g)
Once you have completed the setup, test your connection! (At the end of this article I have provided some misc. setting information for your WAP.) Personally I do not like the connection software that comes with the Linksys wireless cards. I use Windows XP Wireless Connection to connect to my WAP. This is a personal choice; you should determine what works best for you.
Now let's talk about security! Do I need to password protect my WAP? Yes, always password protect your WAP! Changing the default password is one of the first things you should do especially since the default passwords can be found at the manufactures websites. Failure to change the default password will allow a "Hacker" to access your WAP and change your settings
What is a good password? A strong password does not contain your dog's name "Spot", your daughter's name "Jill", your son's name "Jack", your spouse's or significant others name "Jane or Bill", or your birthday. Strong passwords are at least 6 characters long containing random letters (upper and lower case), numbers and at least one symbol. For example you can use P%9a6R. I know, it's hard to type a password like the example but in time it will be easier to type.
What an SSID? This is the Google Definition of SSID: "Service set identifier. A unique identifier that stations must use to be able to communicate with an access point. The SSID can be any alphanumeric entry up to a maximum of 32 characters." Each WAP or Hot Spot has an SSID, regardless if it is the default or one that describes your network, or one you just decide to make up.
Should I broadcast my SSID? Yes and No! If you want others to connect to your wireless network you should broadcast your SSID. If you do not want anyone to see your SSID and would like to add the first level of security, then you should disable the broadcast of your SSID.
Am I secure by disabling my SSID? No, the following was taken from a Hacking Site: "The SSID (Service Set Identifier) is a token which identifies an 802.11 (Wi-Fi) network. The SSID is a secret key which is set by the network administrator. You must know the SSID to join an 802.11 network; however, the SSID can be discovered by network sniffing. By default, the SSID is part of the packet header for every packet sent over the WLAN. The fact that the SSID is a secret key instead of a public key creates a management problem for the network administrator. Every user of the network must configure the SSID into their system. If the network administrator seeks to lock a user out of the network, the administrator must change the SSID of the network, which requires reconfiguration of the SSID on every network node. Some 802.11 NICs allow you to configure several SSIDs at one time. Most 802.11 access point vendors allow the use of an SSID of "any" to enable an 802.11 NIC to connect to any 802.11 network. This is known to work with gear from Buffalo Technologies, Cisco, D-Link, Enterasys, Intermec, Lucent, and Proxim. Other default SSID's include "tsunami", "101", "RoamAbout Default Network Name", "Default SSID", and "Compaq". Many Wireless Access Point (WAP) vendors have added a configuration option which lets you disable broadcasting of the SSID. This adds little security because it is only able to prevent the SSID from being broadcast with Probe Request and Beacon frames. The SSID must be broadcast with Probe Response frames. In addition, the wireless access cards will broadcast the SSID in their Association and Reassociation frames. Because of this, the SSID cannot be considered a valid security tool. The SSID is also referred to as the ESSID (Extended Service Set Identifier). Some vendors refer to the SSID as the "network name.""
What is MAC Address Filtering? MAC Address Filtering is the ability to enter a list of MAC Addresses specifying which device or devices you would like to allow access to your WAP.
Should I enable MAC Address Filtering? Yes, enabling MAC Address Filtering is recommended in conjunction with other forms of security.
Am I secure using only MAC Address Filtering? No, the following was taken from a Hacker Site: "Most 802.11 (Wi-Fi) access points allow the network administrator to enter a list of MAC (Media Access Control) addresses that are allowed to communicate on the network. On the other hand, most 802.11 (Wi-Fi) NICs allow you to configure the MAC address of the NIC in software. Therefore, if you can sniff the MAC address of an existing network node, it is possible to join the network using the MAC address of that node."
What is WEP? The Google Definition of WEP: "WEP data encryption is defined by the 802.11 standard to prevent (i) access to the network by "intruders" using similar wireless LAN equipment and (ii) capture of wireless LAN traffic through eavesdropping. WEP allows the administrator to define a set of respective "Keys" for each wireless network user based on a "Key String" passed through the WEP encryption algorithm. Access is denied by anyone who does not have an assigned key."
There are two version of WEP:
64-bit encryption which is actually 40-bit (the least secure) 128-bit encryption which is actually 104-bit. (more secure) The 128-bit WEP is the most widely used form of security today, even at Hot Spots!
Is 64-bit and 128-bit WEP Secure? No, the following was taken from a Hacker Site: "Wired Equivalent Privacy (WEP) is the encryption algorithm built into the 802.11 (Wi-Fi) standard. WEP encryption uses the RC4 stream cipher with 40 or 104 bit keys and a 24 bit initialization vector. The security issues with Wired Equivalent Privacy (WEP) include: A high percentage of wireless networks have WEP disabled because of the administrative overhead of maintaining a shared WEP key. WEP has the same problem as all systems based upon shared keys: any secret held by more than one person soon becomes public knowledge. Take for example an employee who leaves a company - they still know the shared WEP key. The ex-employee could sit outside the company with an 802.11 NIC and sniff network traffic or even attack the internal network. The initialization vector that seeds the WEP algorithm is sent in the clear. The WEP checksum is linear and predictable. The number and scope of difficulties with WEP security has led to the creation of WPA (Wireless Protected Access). For more information on security issues with Wired Equivalent Privacy (WEP), read Security of the WEP algorithm by Nikita Borisov, Ian Goldberg, and David Wagner." There are programs on the internet available for download that assist "Hackers" in the "Cracking" of WEP. They have been widely publicized and some have even been on the show "The Screen Savers".
How do I setup WEP? It's really simple, once you have enabled WEP 64-bit or 128-bit, create a "Passphrase". The "Passphrase" will generate a "Key" for you to configure into your wireless card or wireless device. Some WAP's will allow you to pick a "Key" from a list of 3 or more generated "Keys". Please refer to the User Guide of your WAP and wireless card or wireless device for more specific instructions.
What is WPA? WPA is not as easy to describe. In short, WPA is an Advanced Encryption Standard that is to replace WEP 64-bit and 128-bit. However, you must have hardware that supports WPA, it's an all or nothing situation. Currently most new hardware supports WPA, but it is currently not being used by the majority of wireless networks.
If WPA is to replace WEP, is WPA Secure? No, the following was taken from a Hacker Site: "WPA (Wi-Fi Protected Access) is an interim standard by the WiFi Alliance which will most likely be rolled into the eventual IEEE 802.11i standard. WPA (Wi-Fi Protected Access) features two very different modes of operation: WPA Enterprise Mode Requires an authentication server Uses RADIUS protocols for authentication and key distribution Centralizes management of user credentials WPA PSK (Pre-Shared Key) Mode Does not require an authentication server Shared secret is used for authentication Device-oriented management of user credentials The PSK (Pre-Shared Key) Mode of WPA is vulnerable to the same risks as any other shared password system, such as dictionary attacks. PSK Mode also suffers from the same key management difficulties as any system where the key is shared among multiple users, such as the difficulties in removing a user once access has been granted. The Enterprise Mode of WPA benefits from the mature RADIUS architecture -- but it requires a RADIUS server. This is not something that will benefit most home users. WPA provides additional security by: Requiring authentication using 802.1X Requiring re-keying using TKIP Augmenting the ICV (Integrity Check Value) with a MIC (Message Integrity Check), to protect the header as well as the payload Implementing a frame counter to discourage replay attacks In addition to WPA, some vendors also implement WPA2, which allows the use of AES instead of RC4."
WPA is harder to break than WEP and is much harder to configure. Also, since the majority of Hot Spots use WEP, switching back and forth between security protocols is a pain. Eventually WAP will be the standard for all wireless home networks and hotspots. When the next standard 802.11i is released, the word is that a revised version of WAP will be used. Will it be 100% secure, probably not, but it may make it harder for a "Hacker" to "Hack" into your wireless network.
So what do I recommend?
Personally, I use the following configuration for my home wireless network:
Changed default password SSID=Disabled MAC Address Filtering=Enabled with a list of Trusted MAC Addresses WEP=128-bit Key And I hope that some "Hacker" does not want to waste his/her time trying to get into my system!
Is there anything else that I recommend for you to do?
Yes, there are a few things you can do to assist in protecting your computer(s).
Install/Run an Operating System using the NT File System (Windows NT, 2000 and XP). Install a personal firewall on each of your computers (regardless if you use a gateway router). If your Operating System is Windows XP SP2 you can use the included firewall if you cannot afford a third party firewall. Disable file sharing (If you need to share files, temporally specify a single folder to share and disable when you are finished transferring files). Disable the "Guest" account (In Windows XP) In conclusion, there is no guarantee that any system is 100% secured. There is an old saying I like to use, "Where there is a will, there is a way."
A few more settings for your WAP (Please read your user guide before making any changes):
What is the AP Name?
The name of your WAP. You can change this without affecting anything. If you're like me, you'll change it to something cool and not the default name.
What is the difference between the Configuration Types?
The two options you have are "Static IP Address" or "Automatic Configuration - DHCP".
This is the Google Definition of Static IP Address:
"A static IP address is are permanently assigned address on the internet. Usually used for servers, printers, VPNs (Virtual Private Networks), etc."
This is the Google Definition of DHCP:
"(Dynamic Host Configuration Protocol) - This is a protocol that lets network administrators centrally manage and automate the assignment of IP Addresses on the corporate network. When a company sets up its computer users with a connection to the Internet , an IP address must be assigned to each machine. Without DHCP , the IP address must be entered manually at each computer . DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.DHCP uses the concept of a 'lease' or amount of time that a given IP address will be valid for a computer. Using very short leases, DHCP can dynamically reconfigure networks in which there are more computers than there are available IP addresses."
Which one should I use?
Both are acceptable to use, it's more of a personal preference. I use "Static IP Address" so I always know the IP of my WAP when I want to upgrade the firmware, change my WEP Key or make any other changes.
If I select "Static IP Address" what is the standard configuration?
As long as you know the IP Address of your Gateway Router, it's simple to configure.
IP Address: 192.168.0.2 / 192.168.1.2 Subnet Mask: 255.255.255.0 (Standard/Default) Gateway: 192.168.0.1 / 192.168.1.1
What is the Wireless Mode?
The options displayed will depend on your WAP. Here are some examples:
B-Only: Allows 802.11b connections only G-Only: Allows 802.11g connections only Mixed (Default): Allows 802.11b and 802.11g connections
What does the "Channel (Regulatory Domain: USA)" selection do?
It allows you to change the Channel on the 802.11 radio waves. You can compare it to changing the channel on your Walkie Talkies. If there is another WAP in your area using the same channel, it's beneficial to select another channel. The IEEE has approved 11 channels.
What is "Authentication Type"?
There are three options:
Open System: The WAP and wireless card or device do not share a WEP key for authentication Shared Key: The WAP and wireless card or device share a WEP key for authentication Auto (Default): Automatically determines the type of authentication between the WAP and wireless card or devic
The "Transmission Rates" defaults to "Auto", what do you suggest I use?
"Auto" is recommended from what I have read. This will allow your WAP to connect at different transmission rates and will automatically use the fastest rate possible.
Your WAP will have other settings that can be changed like "Beacon Interval", "RTS Threshold" and others. Before changing any of these settings, please refer to your user guide since changing these settings will have an impact on the performance of your WAP, beneficial or not.
Editor's Conclusion In general, a wireless network is infinitely less secure than a traditional wired network. If you want piece of mind and 100% (or as close) security then try your best to implement a standard wired network. If you want the convenience and flexibility of a wireless network then these guidelines and tips we have laid are yoru best method to protect your data and PCs. I have gone for a cruise around town with a buddy wardriving and it is simply astounding the number of WIDE OPEN networks out there. We even had access to connect to and alter the settings of a large router at a BIG BUSINESS in Nashville (which we didn't do of course). Security is NO JOKE. There ARE people out there capable of invading your wireless network, especially if you do not do what you can to keep them out. In summary: If you use a wireless network then follow this guide and implement the same security measures. Failure to do so is just like asking for trouble.