SETTING UP SECURITY

alcav · May 11, 2007, 08:59:38

Hi all.

I now have my netgear router connected with a wireless adapter and my signal is indicated as very good.

Can I ask some kind person to take me through setting up the security side of things please.

I have had one or two tries but don't seem to get to grips with it.

I have since going wireless had two or three computer lock ups...any ideas TIA regards Alan

Rik · May 11, 2007, 09:26:04

Hi Alan

Go to your browser (I recommend using IE for browser interaction, they seem to be coded to work with IE) and type http://192.168.0.1 in the address bar. Hit Enter and you should be presented with the login for the router, this defaults to Admin and password from memory, but if you got it from IDNet, it may well use your IDNet password.

Check your basic settings (just below the wizard at the top left of the screen). The 'Does your connection require a login' radio button should be selected, below that the connection should show as PPPoA (PPP over ATM). There you will see your login name and the password will be represented by stars or blobs. Make sure the Idle Timeout is set to 0, and that you have 'Get Dynamically from ISP' selected for Internet IP Address, and 'Get automatically from ISP' selected for DNS address, with NAT set to 'Enable'. Although you have a static ISP, these are the recommended settings for IDNet, and all this will probably have been done before the router was sent to you.

Next, check ADSL settings. These should be VC-based, VPI 0, VCI 38, DSL mode Auto.

Now check your wireless settings. Change the SSID to something which you can recognise, but which is not immediately identifiable to anyone trying to hijack your connection. I use the last six digits of my phone number, which is ex-directory. The region should be Europe, channel 11 is a good place to start (only alter if you encounter interference) and set the mode to 'g & b'. In the wireless access point section, 'Enable Wireless Access Point' should be checked, as should 'Allow Broadcast of Name (SSID)'. Many people will say that this should be disabled to improve security. This is a fallacy, all it does it make it harder for you to identify your own network, the SSID continues to be broadcast in other ways, which a hacker would soon find. The third checkbox, 'Wireless isolation' is a "your call" setting. If you have two or more machines networked, and want to exchange files between them or share printer, do not check it. If this does not apply, then checking it isolates the wireless connection from other machines on your network, ie the wirelessly-connected computer can only access the net.

Moving to security options, you want WPA-PSK or WPA2-PSK selected. If your wireless card support WPA2 use that, otherwise use WPA. (The answer to your question is, I don't know, try it and see if it works.

). Use a complex key with a minimum of 20 characters. I'd suggest using a key generator, like the one here.

Next, go to the Logs page, and select the items which you want recorded. I usually don't bother to have reports of connections to the web-based interface logged - I know when I've been there, but you may feel safer, initially, to have all reports.

Now, move to Schedule, and select 'Every day', 'All day', GMT as the timezone, and check 'Adjust for DST' and 'Use this NTP server'. Against that, enter 158.43.128.66, I find this more reliable than Netgear's own NTP servers. Remember to adjust the DST switch when clocks go forwrd or back!

Next, go to Email, and enter your email address and SMTP server. If you're using an idnet.com address, that's smtp.idnet.com. Check 'Turn email notification on', check the three boxes under 'Send email alerts immediately' and finally, set a time for the routine log to be sent to you, I recommend this is done daily.

Go to WAN setup and check that 'Connect automatically as required' is checked. Then choose backup settings on the left, and save your configuration to file. This saves having to enter it all again.

NOTE: All wireless setup needs to be done with the computer connected to the router via a cable.

HTH

alcav · May 11, 2007, 10:14:24

Many thanks Rik,I will have a bash a t that later today

regards Alan

Rik · May 11, 2007, 14:19:18

Nae bother, Alan. Yell if you need any clarification.

Lance · May 11, 2007, 15:09:29

I feel another sticky coming on!

Rik · May 11, 2007, 15:15:57

You're not meant to be here today, Lance.

I don't think this can be a sticky as it's router specific. Possibly, given that IDNet supply Netgears, it might be an idea on a 'one product' basis though...

Inactive · May 11, 2007, 16:28:30

Quote from: lance on May 11, 2007, 15:09:29
I feel another sticky coming on!

No, tell me NO..not more stickies, I hate stickies, they clutter the place up.

Rik · May 11, 2007, 17:30:44

It will be in the stickipaedia, you'll hardly see it.

Lance · May 11, 2007, 22:09:12

Quote from: Rik on May 11, 2007, 15:15:57
You're not meant to be here today, Lance.

I was using an unsecured wireless network on my phone whist on a break on my course!

Rik · May 11, 2007, 23:54:12

I call that dedication.

How was the course?

Lance · May 12, 2007, 19:16:05

The course was ok thanks. The BPP tutor was certainly among one of the best I have come across and he seemed to make the otherwise boring content relatively interesting!

Rik · May 12, 2007, 19:21:42

The sign of a good teacher. Bad ones can make interesting subjects boring.