Setting up the Internet connection
The first stage of the configuration wizard is the Internet setup. Figure 3-6 shows the initial question that asks if you want the router to determine the Internet connection type.
Let the detection process proceed, because it can save you some time. After the detection runs, you are given an option to review your settings and to fill in any missing information about your Internet connection. Figure 3-7 shows the configuration screen for the Internet connection.
Figure 3-6:
To auto-configure, or not?
Figure 3-7:
Internet configuration screen.
The Does Your Internet Connection Require A Login option is set to No. The Internet IP address is filled in (but grayed out) because the router detected the Internet connection properly.
Do you need to log in?
Cable Internet generally doesn’t require a login. If you have ADSL, it depends on your provider. If your ISP gave you a username and password when you signed up, or if the detection failed, then you probably need a login. If you had to run software such as the WinPoET on your computer to get on the Internet, then you need a login.
If you do need a login, follow these steps.
1. Select Yes at the Does Your Internet Connection Require a Login question.
Your screen changes to something such as Figure 3-8.
2. If your ISP is listed in the ISP section, select it.
North American users typically use the PPP over Ethernet (PPPoE) protocol to log in, which means you select Other for your ISP. For those in Europe or Australia, you probably use PPTP (Point to Point Tunneling Protocol). When in doubt, call your ISP and ask.
Figure 3-8:
Entering your login information.
3. Enter the login information your Internet service provider gave you, and then scroll to the bottom and select Apply.
Doing so resets your router.
4. Confirm you have an Internet address by selecting Router Status from the main menu.
If all went well you see an address on the Internet port. The status light on the router corresponding to the Internet port also changes to green.
If you ran software on your PC to log in to your ISP, then you can uninstall it now. Your router is taking care of logging in for you.
Congratulations, you’re on the Internet!
Working with your ISP
Some Internet service providers are picky about who they let on the Internet and will not let you on from a different computer. This situation is most often the case with cable modems, because the ADSL service with a login identifies people by the login. From the ISP’s perspective, your router is now the only person using the Internet because all your local devices are hidden behind it.
The first thing to do is to reboot your cable modem. Doing this clears out any computer associations should the restriction be made on the cable modem.
If that doesn’t work, try plugging your computer directly into the cable modem (another reason I told you to label your cables!). If your computer works but the modem doesn’t, then you need your ISP to intervene.
Give your ISP a call and tell them that you just installed a new router and are having problems connecting. Ask if you’re being restricted based on your computer. Also let them know the outcome of plugging in the computer.
If you aren’t getting anywhere with your ISP, and your computer works but the router doesn’t, you can tell the router to act like your computer. Go back to the Basic Settings menu and scroll all the way to the bottom to the Router MAC Address section shown in Figure 3-9.
Increasing security
Security is a tradeoff between the risk of something bad happening and the frustration you’re going to encounter trying to prevent it. We could talk for hours about all the things you could do to keep bad guys out, but in the next couple of sections, I focus on some simple fixes that can make a big difference.
Remember, you’re never truly secure; all you can do is make your network hard enough to break into that the bad guys go somewhere else.
Figure 3-9:
Changing your router’s MAC address.
Changing the router login information
Most routers come with a default username and password of admin and password, respectively. Want to guess the first thing someone is going to try? That’s right . . . "password" is a good way to describe what the word is, but as a password, it makes a bad one.
Change that admin password!
The screen to change your password is found under the Set Password menu item, as shown in Figure 3-10. You are prompted for your old password, which is probably "password" in case you’ve forgot.
Here’s my advice for choosing a good password:
♦ Make it at least 8 characters.
♦ Put at least one number and one uppercase character in your password. Passwords are case-sensitive, so G and g are not the same.
♦ Make it memorable, but not obvious. If your name is Sarah, you might try something like saraH500. Maybe you like cats, so try 100Meows.
♦ Avoid too many letters that look the same, such a zero and a capital O, or the number 1 and a lowercase l.
Figure 3-10:
Changing your administrator password.
Finally, write the password down and put it somewhere safe (and somewhere that you’ll remember). That’s right, I told you to write the password down! Doing this is often frowned upon, but think of it this way:
♦ You’re not protecting Fort Knox, it’s your home network. That’s not saying your personal stuff isn’t important, but with a password that’s good enough, you’re still making it harder to get in. Remember that security is a tradeoff between safety and convenience.
♦ You’re going to store the password somewhere safe, like a filing cabinet. You’re not going to tape a sign to your front window with the password on it.
♦ Someone has to first get on your network before they’re going to be able to log in to the router.
♦ If you’re still paranoid, ignore my advice and make up a complex password. I won’t be offended, really.
Keeping others out of your network
If someone could connect to your wireless network, he can surf the Internet from your ISP. That’s not such a big deal, but you’re now responsible for what they do. If something bad happens, the police will track the perpetrator back to your house. Then you get to explain to the police why it wasn’t you.
Secondly, software is available that can intercept your network traffic. At best they see which Web sites you browse to, at worst they pretend to be your bank and rob you blind.
Protect your Network!
Figure 3-11 shows the Wireless Settings screen. At the top is the name of the wireless network called the SSID (Service Set Identifier). This makes your network unique. When you start off, it’s usually set to the name of the manufacturer, such as Linksys or Netgear. Not only is a default SSID a magnet for hackers, it could cause conflicts if your neighbor is at the defaults, too. This setting is not a secret, so choose something obvious enough that if you saw it in a list, you’d recognize it.
Leave the channel at Auto — your router will choose the best channel to use.
For the mode, pick one of the higher ones. The options I get are 45 Mbps, 145 Mbps, and 300 Mbps. This is a wireless-N router, so it’s capable of the full 300, but I’m in an area with some interference from neighbors so I dialed it back to 145. Try different settings and see which one works the best for you.
The security options dictate what sort of encryption level is used. None is the default and means that anyone can connect without a password. We know that’s a bad thing.
Figure 3-11:
Protecting your wireless network.
WEP (Wired Equivalent Privacy) is old and broken. Someone sitting outside your house could break your password in a matter of a few minutes. I’m not even sure why vendors bother offering it; only ancient computers don’t support anything better.
WPA and WPA2 (Wi-Fi Protected Access versions 1 and 2, respectively) are the current standards. WPA2 is newer and somewhat better, but some computers only support the original WPA. I recommend enabling both WPA and WPA2 — clients that support WPA2 will use it, and others will use WPA.
You see the box for the passphrase when you select one of the WPA options. A good password is the key to your network’s security. You can write it down, but this Netgear router leaves it as plain text so you can look it up easily. (You have changed the admin password for your router, right?)
Dispelling a couple of myths
Wireless has come a long way since it first came out, and people have learned a lot about security over the years. The following list explains what not to do.
♦ Don’t use WEP, use WPA2, or WPA if your computer doesn’t support WPA2.
♦ Don’t bother with restricting clients by MAC address. These addresses can easily be spoofed by bad guys.
♦ Don’t hide your SSID; you just make it harder on yourself, and it’s still easy for someone parked outside your house to find your SSID. Even the credit card companies have taken this restriction out of their requirements for businesses that take credit cards.
