Technically Easy

Tag: securing

  • Securing the D-link DI-524 Wireless Router

    Securing the D-link DI-524 Wireless Router

    I recently created a post titled Securing Linksys WRT54G Wireless-G router in which I provided step-by-step instructions on securing the WRT54G router. The Linksys WRT54G Wireless-G router is a popular router, but it isn’t the only one on the market. In this post I will discuss how to secure another wireless router, the D-Link DI-524.

    Note:

    If you are having trouble with the administrative pages for the router, try using the Internet Explorer Web browser. The administrative Web pages for the router seem to work better in Internet Explorer.

    Securing Your Wireless Router

    Note:

    If you need to reset your router back to the factory defaults, then please read How to Reset the D-Link DI-524 Wireless Router.

    To secure your D-Link DI-524 wireless router, follow these steps:

    1. Open your Internet browser and enter the following in the address bar: http://192.168.0.1.

      2. Note:

      If you have changed the IP address of your wireless router, enter that into the address bar. By default, the address is 192.168.0.1.

    2. Enter the user ID and password for your router. If you haven’t changed it, the default user ID is “admin” and the password is “blank”. We will change it later if you haven’t already changed it.
    3. We will first change the administrative password. First click the “Tools” tab at the top of the page. The “Admin” page should be displayed.
    4. Within the “Administrator Settings” on the right, enter a new password for the administrator beside “New Password” and then again beside “Confirm Password”.
    5. Click “Apply” at the bottom of the page. The next time you access the administrative options, you will need to enter the new password with the “admin” user ID.
    6. Next, click the “Home” tab, and then select “DHCP” on the right. The “DHCP Server” Web page should now be displayed.
    7. We will now limit the number of IP addresses assigned by your wireless router. Count the number of computers that will connect to the router, and change the “Ending IP Address” to allow that many computers to connect.

      8. For example, if you have three computers that need to connect to your wireless router, enter “102” into the text box. The first computer will get the IP address 192.168.0.100, the second 192.168.101 and the third 192.168.0.102.

    8. Click “Apply” at the bottom to save your changes.
    9. Now we will secure you wireless connection to prevent others from connecting. Under the “Home” tab, click the “Wireless” option from the left.
    10. Beside the “SSID” option, enter the name for your wireless network connection.
    11. This is where the steps are different depending on which revision of the DI-524 you are using. Beside “Security”, if you see “WPA-PSK”, then you should select that option, and then go to step 14. If you see a dropdown list, select “WPA”. If you can’t connect using “WPA”, then select “WEP”. Using “WPA” will provide a much more secure connection that using “WEP”. For more information about WEP and WPA please read Wireless Security: WEP and WPA.
    12. Click “AES” beside the “Cypher Type”.
    13. Make sure “PSK” is selected beside “PSK/EAP”.
    14. Now you must get very creative. Specify a long “Passphrase” with a mix of upper and lower case letters, numbers and punctuation. Once again, please read Creating Secure Passwords for tips on how to do this. In this case the longer the better.

      15. Make sure you write down this key somewhere, either on a piece of paper or in a text document on your computer. You will need this information when you connect to your wireless network.

    15. Enter your passphrase next to “Passphrase” and again beside Confirmed Passphrase.
    16. Click Apply to save your security settings.
    17. Now you are all done securing your wireless router and network. All you need to do is connect to your network, and enter your “Passphrase” exactly as you specified it. I won’t go into detail on how to connect to your wireless network, as I will save that for another post.

    Wireless Router Security Connection Questions

    How come we didn’t disable the SSID broadcast? Won’t that help with securing my wireless connection?
    It has been mentioned many times that disabling your SSID broadcast will help secure your network. The reality is that those who attempt to get into your wireless network will be able to easily pick up or SSID whether it is broadcasted or not. You may also have problems connecting to your wireless router if you disable the broadcasting of your SSID. I keep it enabled.
    Question: Why do you specify to use WPA – Personal first, and not WEP?
    The reason is that WPA is much more secure than WEP, and therefore you should use that security mode over WEP. An experienced hacker can easily crack WEP encryption so it doesn’t provide as strong security as WPA. If you can’t use WPA, use WEP because it is still better than nothing.

    Summary

    This post provided step-by-step instructions on securing your D-Link DI-524 wireless router. After following the steps, you should now be confident knowing that you have a secure wireless Internet connection.

  • Securing the Linksys WRT54G Wireless-G Router

    Securing the Linksys WRT54G Wireless-G Router

    I discussed establishing good wireless network security in a post titled Securing a Wireless Network, but now I will discuss securing the Linksys WRT54G wireless-G router. I currently have a Linksys WRT54G Wireless-G router. When I work from home I use this router to connect to work through VPN, and have done it without any problems. It has made a great cable router for my broadband connection.

    The big issue with wireless networks is security. As anyone with a wireless network card within a few hundred feet of your router can connect to your router. To prevent this from happening, it is important to secure your router.

    Securing the Linksys WRT54G Wireless-G Router

    Note:

    If you need to reset your router back to the factory defaults, then please read How to Reset the Linksys WRT54G Wireless-G Router.

    To secure your Linksys WRT54G wireless router, follow these steps:

    1. Open your Internet browser and enter the following in the address bar: http://192.168.1.1.

      2. Note:

      If you have changed the IP address of your wireless router, enter that into the address bar. By default, the address is 192.168.1.1.

    2. Enter the user ID and password for your router. If you haven’t changed it, the default password is “admin”. We will change it later if you haven’t already changed it.
    3. You should now see the “Basic Setup” Web page display in your browser. Scroll down the page until you see “Maximum Number of DHCP Users”.

      4. This option will assign a specific number of IP address to computers. If more than this number of computers tries to connect to your router, they will not be able to.

    4. Count the number of computers that will connect to the router, and type it into the “Maximum Number of DHCP Users textbox”.
    5. Scroll down to the bottom of the Web page and click “Save Settings”. Once the settings have been saved, click “Continue” to return to the Web page.
    6. At the top of the Web page, click the “Administration” option in the menu bar.
    7. On the “Management” Web page, you should see two password text boxes. This is where you should change your administrative password. Type in a new secure password into both boxes. If you need help creating a secure password, please read Creating Secure Passwords.
    8. Once you have changed your password, click “Save Settings” at the bottom of the Web page.
    9. You may be prompted to login again, if you are then enter you new password in the password field.
    10. Navigate back to the “Management” Web page by clicking the “Administrative” option in the menu.
    11. We will now encrypt your connection to your router setup from your computer. To do this click the “HTTPS” checkbox next to the “Access Server” option.
    12. Once again, click the “Save Settings” button at the bottom of the Web page.

      13. You won’t get the settings saved page again because the URL in the address bar is not longer correct. Since you have changed your connection to HTTPS, it you need to specify that in the address when you connect to the router setup.

    13. In your browser, change the address to: https://192.168.1.1.

      14. If you get a security error, ignore the error and continue to the Web page.

    14. Login with your password and then click the “Wireless” menu option.
    15. Beside the “Wireless Network Name (SSID)” option, type in a name for you network connection.
    16. Click the “Save Settings” button and the “Continue” button to return to the “Basic Wireless Settings” page.
    17. Click the “Wireless Security” sub-menu option at the top of the page. This is where we will provide the most important security setting.
    18. Next to “Security Mode”, select “WPA – Personal” from the drop-down list. If you have trouble connecting to your wireless connection, you can try selecting “WEP”, but your connection will be much less secure. For more information about WEP and WPA please read Wireless Security: WEP and WPA.
    19. Next to “WPA Algorithms”, select “AES”. Once again if you have trouble connecting to your wireless router, select “TKIP”.
    20. Now you must get very creative. Specify a long “WPA Shared Key” with a mix of upper and lower case letters, numbers and punctuation. Once again, please read Creating Secure Passwords for tips on how to do this. In this case the longer the better.

      21. Make sure you write down this key somewhere, either on a piece of paper or in a text document on your computer. You will need this information when you connect to your wireless network.

    21. Click the “Save Settings” button at the bottom of the Web page, and then the “Continue” button.

    Now you are all done securing your wireless router and network. All you need to do is connect to your network, and enter your “WPA Shared Key” exactly as you specified it. I won’t go into detail on how to connect to your wireless network, as I will save that for another post.

    Wireless Router Security Connection Questions

    Question: How come we didn’t disable the SSID broadcast? Won’t that help with securing my wireless connection?

    Answer: It has been mentioned many times that disabling your SSID broadcast will help secure your network. The reality is that those who attempt to get into your wireless network will be able to easily pick up or SSID whether it is broadcasted or not.

    You may also have problems connecting to your wireless router if you disable the broadcasting of your SSID. I keep it enabled.

    Question: Why don’t you filter who connects to your wireless router using the MAC address by turning on MAC address filtering?

    Answer: This is another tip you may see on the Internet about securing your wireless network. There are a few problems with turning on the MAC address filtering.

    The first problem is that a hacker can easily spoof a MAC address, and therefore bypass the MAC filtering. The second is that you need to manage the MAC addresses of all network cards attempting to connect to your router. Since it really doesn’t provide a lot of security, it is just easier to keep it turned off.

    Question: Why do you specify to use WPA – Personal first, and not WEP?

    Answer: The reason is that WPA is much more secure than WEP, and therefore you should use that security mode over WEP. An experienced hacker can easily crack WEP encryption so it doesn’t provide as strong security as WPA. If you can’t use WPA, use WEP because it is still better than nothing.

    After following the steps, you should now be confident knowing that you have established a good wireless network security which provides a secure Internet connection through your Linksys WRT54G Wireless-G router.