Linksys routers

  • Thread starter Thread starter Sam
  • Start date Start date
S

Sam

I have a linksys router and read something about I should
enable MAC address filtering. If I do, will I be able to
go out to the Internet with these XP machines? I would
like to still have Internet access.
 
I have a linksys router and read something about I should
enable MAC address filtering. If I do, will I be able to
go out to the Internet with these XP machines? I would
like to still have Internet access.
Click to expand...

Sam,

MAC filtering limits the wireless devices that can connect to (associate with) a
wireless router. You do this to prevent anyone unknown in your wireless
neighborhood from using your network for internet access, or access to your LAN.
Remember that your wireless neighborhood may extend far from your front door.

If you enable MAC filtering, and you enter the MAC addresses of all the wireless
devices which you own, those devices and only those devices will be permitted to
associate with your router. So, if you enter the MAC addresses of the XP
machines which you own, they will have access to the internet.

Remember MAC filtering alone will not protect you - MAC spoofing is a trivial
exercise. Here are additional security precautions which you should take.

Enable WEP / WPA. Use non-trivial values for each. (No "My dog has fleas").
Disable DHCP, and assign an address to each computer manually.
Don't disable SSID broadcast. But change the SSID itself - to something that
doesn't identify you, or the equipment.
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open the
following ports for file sharing only in the Local Zone: TCP 139, 445; UDP 137,
138, 445.
Use non-trivial userids and passwords on every computer connected to a wireless
LAN. Disable or delete Administrator and Guest userids.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
microsoft.public.windows.networking,wireless are good places to start.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
-----Original Message-----
I have a linksys router and read something about I should
enable MAC address filtering. If I do, will I be able to
go out to the Internet with these XP machines? I would
like to still have Internet access.
.
Click to expand...
You have a Linksys Wireless Router? If so, enableing MAC
address filtering will prevent other wireless macines
from accessing your router. The wireless card in each PC
has a MAC address. Use the internet to prgram the router
according to the instruction. Go to WIRELESS and click
onteh subpafge that has MAC filtering. Add the addresses
of each of you machines to the list, click save, then
enable MAC filtering in the form, PERMIT only. You
won't have any problems. Works for me with an XPHome
and a 98SE
 
Chuck, you made a comment about *not* disabling the SSID
Broadcast. Linksys says to disable the SSID Broadcast
option. Can you give me your reasons why not to disable
the SSID broadcast option?
Click to expand...

Here's what Linksys says:
http://www.linksys.com/edu/page10.asp

Sam,

I'd bet that Linksys wrote that article before Wireless Zero Configuration
became the standard for Windows XP wireless computing. The whole issue of
"disable SSID" / "don't disable SSID" has been discussed repeatedly in other
forums.

Many networking experts now realize that disabling SSID causes problems with WZC
enabled wireless devices. If a wireless device broadcasting SSID comes online
in your neighborhood (using WEP / WPA / MAC filtering or not), a WZC enabled
device, currently associated with a router not broadcasting SSID, will try to
connect to the SSID broadcasting device. This causes disconnection from the
router not broadcasting SSID, and frustration for the user.

Not broadcasting the SSID beacon doesn't prevent the SSID from becoming known -
it's still present in any packets between the router and any associated devices.
Most wardrivers are way past the point of not being able to see a router not
broadcasting SSID.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Thanks Chuck and everyone who responded.

Chuck, I have something else to add. You said something
about active the log of the router.

Here's what Linksys says that confuses me. Can you help
me?

There is an option to enable/disable the Log Activity.
But there is one other thing that I don't understand.
There is a ip address that is already entered, it seems
it is there by default of 192.168.1.255 by the Send Log
To field.

None of the ip addresses are using that Ip address. So,
what is that for? My ip addresses on the network is using
192.168.1.101 - 192.168.1.103.
 
Thanks Chuck and everyone who responded.

Chuck, I have something else to add. You said something
about active the log of the router.

Here's what Linksys says that confuses me. Can you help
me?

There is an option to enable/disable the Log Activity.
But there is one other thing that I don't understand.
There is a ip address that is already entered, it seems
it is there by default of 192.168.1.255 by the Send Log
To field.

None of the ip addresses are using that Ip address. So,
what is that for? My ip addresses on the network is using
192.168.1.101 - 192.168.1.103.
Click to expand...

Sam,

192.168.1.255 is the broadcast address for subnet 192.168.1/24. If you have the
log sent there, it will go to each computer on your LAN.

If you have a Linksys router, you can install WallWatcher (free) from
<http://www.wallwatcher.com> on any of your computer(s). It will pick up the
broadcasted log, and display it on any computer running WallWatcher. WW comes
with modules to automatically forward any intrusion alerts to DShield or
MyNetWatchman, two well known (free) intrusion aggregation and reporting
utilities.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Greetings Chuck,

I just contacted Linksys Techinal Support and here is what they said about
disabling the SSID broadcast option. They said that they are quite aware of
this issue but it is a form a securing measure if you are using the utility
for the wireless adapter which is bundled with the setup CD. But you will
encounter if you are using WZC by disabling the SSID broadcast with Windows
XP. I'd thought you might liked to know this for future reference.

__________________
Eric
 
Greetings Chuck,

I just contacted Linksys Techinal Support and here is what they said about
disabling the SSID broadcast option. They said that they are quite aware of
this issue but it is a form a securing measure if you are using the utility
for the wireless adapter which is bundled with the setup CD. But you will
encounter if you are using WZC by disabling the SSID broadcast with Windows
XP. I'd thought you might liked to know this for future reference.

__________________
Eric
Click to expand...

Eric,

The whole issue of disable / don't disable the SSID has been rehashed so much by
folks more focused on wireless networks than me. I suspect it's another form of
Security By Obscurity, like stealthing your ports.

The Microsoft article (posted by Marc above) doesn't leave too much room for
discussion.

I personally think that, of the four security measures, this is the least
significant:
1) WEP / WPA.
2) MAC filtering.
3) Use fixed ip addresses, and firewalls on your computers.
4) SSID broadcast.

Thanks for doing the research though.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
Back
Top