Home Network question.

[Harold A. Climer]

Last week I asked a question on his group about setting up a home
network for three computers. I do not have broadband access and was
wondering if any wireless router/switches have the ability to use a
Analog modem to make an Internet connection as opposed to a DSL modem
or Cable modem
( Neither service is available where I live). Using a wireless system
would make life a lot easier than having to snake type 5 cable all
over the house.
Harold A. Climer
Dept. Of Physics,Geololgy, and Astronomy
U.T. Chattanooga
318 Grote Hall
615 McCallie Ave
Chattanooga TN 37403

 

[Chuck]

Last week I asked a question on his group about setting up a home
network for three computers. I do not have broadband access and was
wondering if any wireless router/switches have the ability to use a
Analog modem to make an Internet connection as opposed to a DSL modem
or Cable modem
( Neither service is available where I live). Using a wireless system
would make life a lot easier than having to snake type 5 cable all
over the house.
Harold A. Climer
Dept. Of Physics,Geololgy, and Astronomy
U.T. Chattanooga
318 Grote Hall
615 McCallie Ave
Chattanooga TN 37403

Harold,

There are several possibilities for you.

The Netgear FWG114P (SPI and 802.11g):
<http://www.netgear.com/products/details/FWG114P.php>

The SMC7004AWBR (802.11b):
<http://www.smc.com/index.cfm?sec=Products&pg=Product-Details&prod=63&site=c>

The USR USR8022 (802.11b):
<http://www.usr.com/products/networking/router-product.asp?sku=USR8022>

All products will require an external modem of your choice. As some have
discovered, a WinModem will not suffice.

I used an SMC7004ABR with dialup support, for a couple weeks, while my DSL
service was being switched from one ISP to another. I was very satisfied with
that. Now SMC has a wireless version - the SMC7004AWBR. Netgear and USR both
have competing models.

Whichever product you get, please remember the security needs of a wireless LAN,
in that your network neighbors can be far outside your front door. Don't leave
yourself a possible victim to wardrivers.

Here's a story about somebody's very stupid wireless neighbor. Don't expect all
wireless neighbors to be this stupid.
<http://www.canoe.ca/NewsStand/LondonFreePress/News/2003/11/22/264890.html>.

The point is, you need to protect a wireless LAN with more precautions than just
the NAT firewall.

Enable WEP / WPA. Use non-trivial (non-guessable) values for each. (No "My dog
has fleas").
Enable MAC filtering.
Disable DHCP, and assign an address to each computer manually.
Change the subnet of your LAN - don't use the default.
Change the router management password, and disable remote (WAN) management.
Don't disable SSID broadcast - some configurations require the SSID broadcast.
But change the SSID itself - to something that doesn't identify you, or the
equipment.
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open the
following ports for file sharing only in the Local Zone: TCP 139, 445; UDP 137,
138, 445.
Use non-trivial accounts and passwords on every computer connected to a wireless
LAN. Disable or delete Guest userid. Rename Administrator, to a non-trivial
value, and give it a non-trivial password. Never use the Administrator renamed
account for day to day activities, only when intentionally doing administrative
tasks.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
microsoft.public.windows.networking,wireless are good places to start.

And Harold, please don't contribute to the spread of email address mining
viruses. Learn to munge your email address properly, to keep yourself a bit
safer when posting to open forums. Protect yourself and the rest of the
internet - never post your address unmunged.
http://www.mailmsg.com/SPAM_munging.htm

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

 

[Harold A. Climer]

Harold,

There are several possibilities for you.

The Netgear FWG114P (SPI and 802.11g):
<http://www.netgear.com/products/details/FWG114P.php>

The SMC7004AWBR (802.11b):
<http://www.smc.com/index.cfm?sec=Products&pg=Product-Details&prod=63&site=c>

The USR USR8022 (802.11b):
<http://www.usr.com/products/networking/router-product.asp?sku=USR8022>

All products will require an external modem of your choice. As some have
discovered, a WinModem will not suffice.

I used an SMC7004ABR with dialup support, for a couple weeks, while my DSL
service was being switched from one ISP to another. I was very satisfied with
that. Now SMC has a wireless version - the SMC7004AWBR. Netgear and USR both
have competing models.

Whichever product you get, please remember the security needs of a wireless LAN,
in that your network neighbors can be far outside your front door. Don't leave
yourself a possible victim to wardrivers.

Here's a story about somebody's very stupid wireless neighbor. Don't expect all
wireless neighbors to be this stupid.
<http://www.canoe.ca/NewsStand/LondonFreePress/News/2003/11/22/264890.html>.

The point is, you need to protect a wireless LAN with more precautions than just
the NAT firewall.

Enable WEP / WPA. Use non-trivial (non-guessable) values for each. (No "My dog
has fleas").
Enable MAC filtering.
Disable DHCP, and assign an address to each computer manually.
Change the subnet of your LAN - don't use the default.
Change the router management password, and disable remote (WAN) management.
Don't disable SSID broadcast - some configurations require the SSID broadcast.
But change the SSID itself - to something that doesn't identify you, or the
equipment.
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open the
following ports for file sharing only in the Local Zone: TCP 139, 445; UDP 137,
138, 445.
Use non-trivial accounts and passwords on every computer connected to a wireless
LAN. Disable or delete Guest userid. Rename Administrator, to a non-trivial
value, and give it a non-trivial password. Never use the Administrator renamed
account for day to day activities, only when intentionally doing administrative
tasks.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
microsoft.public.windows.networking,wireless are good places to start.

And Harold, please don't contribute to the spread of email address mining
viruses. Learn to munge your email address properly, to keep yourself a bit
safer when posting to open forums. Protect yourself and the rest of the
internet - never post your address unmunged.
http://www.mailmsg.com/SPAM_munging.htm

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

Thanks for the help. I think any one of the ones you listed will be
great. As far as PCI or USB cards for each computer,which do you
recommend? I already have an external US ROBOTICS V.92 Modem
As far as security goes. I do not think I have a wireless
problem, yet. I live so far out in the sticks we are lucky to have
electricity and a telephone. I am not kidding.
There was a place not far west of Chattanooga that just got
power several years ago from TVA..
In any case since I do not have broadband, I do not have a
continuous connection, that helps some. But I will surely try to keep
my eyes and ears open as more people move out in our area.
Harold A. Climer
Dept. Of Physics,Geololgy, and Astronomy
U.T. Chattanooga
318 Grote Hall
615 McCallie Ave
Chattanooga TN 37403

 

[Chuck]

Thanks for the help. I think any one of the ones you listed will be
great. As far as PCI or USB cards for each computer,which do you
recommend? I already have an external US ROBOTICS V.92 Modem
As far as security goes. I do not think I have a wireless
problem, yet. I live so far out in the sticks we are lucky to have
electricity and a telephone. I am not kidding.
There was a place not far west of Chattanooga that just got
power several years ago from TVA..
In any case since I do not have broadband, I do not have a
continuous connection, that helps some. But I will surely try to keep
my eyes and ears open as more people move out in our area.
Harold A. Climer
Dept. Of Physics,Geololgy, and Astronomy
U.T. Chattanooga
318 Grote Hall
615 McCallie Ave
Chattanooga TN 37403

Harold,

PCI vs USB is always an interesting discussion. USB has two advantages:
1) Ease of installation - you don't have to power the computer down, and open
the case, to install.
2) The USB cable allows you to place the antenna portion of the WAP away from
the computer case.

Item #2 is important for performance reasons. Placing the antenna above the
computer can improve signal strength, and rotating the antenna (from vertical to
horizontal), to make it parallel to the antenna on the router, can help with
signal strength too.

Of course you also have to consider availability of USB ports - or PCI slots -
in each computer.

You state that you will network 3 computers. Even though network bandwidth will
not be important WRT your WAN speed (56K dialup will be your bottleneck), if you
do file sharing your LAN speed will be important. So signal strength will be
important.

How large is your house? How many floors? Size and layout will also make
signal strength crucial.

I personally dislike using USB for networking - I like to keep USB for wireless
keyboard, mouse, camera, UPS - and keep my network on the PCI bus, using native
Windows Ethernet, or a PCI card. My choice would be a PCI wireless card with an
attachable remote, or at least rotatable, antenna (ala USB advantage #2). If
that were not available, though, I would go with USB.

I also do not like to mix brands. If you have a technical problem with a
Netgear router, it is a lot easier to ask for help when the computer wireless
device is Netgear too. Less finger pointing by Netgear TS is possible. YMMV.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.