Configuring your Home Network
Download
Report
Transcript Configuring your Home Network
Configuring your Home
Wireless Network
Presented by Lou Koch
March 14, 2006
Adapted from Presentation at APCUG
By Jay Ferron
ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM
Questions
How many of you have more than one computer
at home?
How many of you connect to the Internet using
broadband (Cable or DSL)
How many already have a home router?
Already have a wireless router?
For those who have not already done so, we
will show you how to install a WLAN tonight.
More critically we will discuss ways to secure
your wireless network
Agenda
Connecting things together
Home network - terminology
Security – Firewalls, Filtering, etc
Setting up a home router
Setting up Print and File Sharing
Questions
Home Network
Internet – ISP
Wire to home
Modem
Translates electronic data
Router
Disperses electronic data
Network Adaptor
Required for each Computer
Wired
NIC (network interface card)
or ethernet card
Wireless
Wireless Adaptor
Network
One or more devices connected together
To the Internet with a router
To each other in order to share Resources:
Internet Connections
Sharing Files
Sharing Printers
WAN, LAN, WLAN, PAN
WAN – Wide Area Network … many computers, locations
LAN – Local Area Network … few computers, 1 location
PAN – Personal Area Network … home network
WLAN – Wireless Local Area Network
Wireless
Wireless Networking Standards
802.11 a, b, and g
configuration specifications to insure compatibility
Different speed/range capabilities
Equipment conforming to “g” is most popular/available
Good for 100-400 feet … in a house
General rule – don’t mix equipment made to different
standards
Bluetooth
Standard which is often used for peripheral devices
Printers, scanners, cell phones, etc
Short range (10 ft), high speed
What is a Cable/DSL Modem
Modem (modulator/demodulator)
encodes/decodes information transmitted to the
internet
Usually provided and controlled by your ISP
Connects your home to the Internet.
This is the device that gets your public IP
(internet protocol) address
Normally has no firewall protection
What is a Router
Connects one network to another … Sometimes
called a “Gateway”
Connects your computer to the internet (cable
modem or DSL Line) – keeps LAN traffic local
Routers keep track of IP addresses and physical
(MAC) addresses of hosts
IP (Internet Protocol) address … your computers
internet address
MAC (Media Access Control) … id for each physical
communication device
What is an Access Point
A point where computers access a network
Device which links wireless users to network
Transmits and receives data (Transceiver)
Bridge between wireless and wired networks
Can be linked together to cover broad area
No security or firewall implemented
What is a Firewall
A device that filters packets of data or traffic
Its job is to be a traffic cop
You configure the firewall:
What will allow to pass
What will it block
Hides your home network from the outside world
Can be either in hardware or software
Most popular routers for home have built in
firewall protection
What Does a Firewall do?
They:
Protect your home computer from the bad guys
Keep your information private
Make you less of a target
By:
Stopping viruses
Hiding your computer from the world
Making the bad guys work harder to get your
info
Firewall Protection
Internet
Firewall
Home
Network
1.
Checks incoming traffic from the network before it gets to your home network …. default
– Blocks all Incoming connections
2.
Traffic leaving your home network … default - Allow all outbound connections
3.
Hardware firewalls protect you home network by stop all traffic before it get to your
computers
4.
Personal software firewall on your computer blocks incoming and outgoing (lets you know
what is leaving your computer)
Hardware
Firewall Routers
The idea is layers of protection
Examples of home combo units include
Belkin (we will demo tonight)
Dlink
Linksys
Netgear
Software Firewalls
Adding a second level of protection
Controlling what leaves your computer
By being aware of application level attacks
By allow you to schedule
Usage of the internet by time (control access at night)
By location (block content for young children)
Software Firewalls for Home Use
Examples
Zone Alarm (Free)
McAfee Firewall
Symantec’s Norton Personal Firewall
Computer Associates with Firewall (free)
Windows Firewall in XP Service Pack 2 (free)
Configure Wireless Firewall/router
Overview
1. Basic Settings … name, ip address, etc
Check for firmware updates
2. Set Account name and password
Change name and password … don’t used default
3. Wireless Settings
SSID broadcast …
make sure that remote computers are set to automatically connect
Do not enable DMZ
Do enable ping blocking
4. Security - Blocking and Filtering
Wireless Security encryption
MAC filtering
5. Back up settings
Basic Settings and Info
Run Install CD that comes with router
Basic info will be automatically entered or requested
To change info:
For Belkin the default IP address is 192.168.2.1
Other manufacturers use different ip addresses (later slide)
Enter this into address bar
Setup page will be displayed
Firmware - software that is embedded in a hardware device
Updated occasionally by manufactures
Check whenever you access router
Account Name
Change name
Default name is set by manufacturer … eg, Belkin54
Bad guys know defaults and default administrative
passwords
Create Administrative Password
Use Strong Password
Record your password where you can find it so
you can make changes
Default Info
Router default info is easily available on internet for
consumers … and the bad guys
eg
http://www.otosoftware.com/wwhelp/Default_Router_Usernames_a
nd_Passwords.htm
http://forum.pcmech.com/showthread.php?t=64258
So Change Name and Password
Mfg
Default IP
User Name
Password
Belkin
192.168.2.1
admin
blank
D-link
192.168.0.1
admin
blank
Linksys
192.168.1.1
blank
admin
Netgear
192.168.0.1
admin
password
Passwords
Your computer password is the foundation of
your computer security
No Password = No Security
Old Passwords & Same Password = Reduced Security
Set and change the “administrator” password on router (and your
computer logon)
STRONG PASSWORD … 6-8 digit passwords
use upper, lower case, numbers and symbols
Wireless Settings
SSID - service set identifier
name given to your wireless network
Broadcasting this ID makes network visible to PCs in area
can be turned off so it will not be detected by other PCs in area
Be sure to set up your own pc to automatically detect and logon to
your WLAN
DMZ –
allows you to select a PC to access WLAN outside the firewall
do not enable unless firewall interferes with some activity
Ping Blocking –troubleshooting tool
Signal sent and echo received indicates valid ip address
Used by hackers to find active computers
Enable ping blocking … won’t send echo back
Security
Blocking and Filtering
Encryption – coding transmissions
Multiple variations. 2 most common:
WPA-PSK … Wireless Protected Access (Pre-shared key)
Use same password for all computers
Preferred Choice
WEP … Wired equivalent privacy
64 or 128 bit encryption … doesn’t matter
Enter Password … converts to hex code
Must enter hex code
2nd Choice (if WPA not supported)
MAC Filtering
MAC address … Media Access Control address
Unique ID permanently attached to each
communication device by manufacturer – hardware id
Can find MAC address: run cmd ipconfig/all
Enter MAC addresses of acceptable network
clients
If address is not on filter list, access to network will be
denied
Very effective security method
RECAP
Steps to protect your wireless network
1. Change the default password on your router
2. Enable WPA(PSK) or WEP on router and wireless
workstation
3. Use MAC address filtering
4. SSID broadcast off
5. Prohibit Peer-to-peer (Ad Hoc) networking
5. Keep current on hardware bios upgrades
Print and File Sharing
Overview
Print and File Sharing:
Useful, but Risky if all computers are not secure
Setting up Network for Printer and File sharing
1.
Interface card
2.
Each computer in network
3.
Make sure that Print sharing is allowed for printer
Load appropriate print drivers on each computer
Firewall Settings
5.
Make sure each computer is part of network
Printer
4.
Set Interface card to allow
Reset network IP range to trusted zone
Place files to share in “Shared Documents” folder
Print and File Sharing
Details (1)
Be sure WLAN is working and secure
Interface card
Start connect to NIC or WLAN card
properties
Check “File and Printer sharing on Microsoft Networks”
Repeat for all PCs on Network
Printer
Start Printers and Faxes shared printer
Select properties sharing check “share this Printer)
Print and File Sharing
Details (2)
Firewall
Be sure WLAN IPs are allowed in Firewall for all
PCs
Zone Alarm
Firewall zones add IP range <enter
appropriate range>
Network ID for each computer
Under My Computer Properties Computer
name
Click Change and add WLAN name as Workgroup
Shared Documents Folder for each computer
Any files in the Shared Documents folder will be
accessible from all computers
Questions