No announcement yet.

Wireless network newbie help

  • Filter
  • Time
  • Show
Clear All
new posts

  • Wireless network newbie help


    Im posting on behalf for a friend. I dont know if this is the correct place for this but i apologise now and hope I find some help.

    Basically he has just had wireless internet installed all around his house for his laptop and pc. The router has a built in firewall and he has noticed that DoS and port scan protection is disabled - is this a good idea?

    Also, would it be worth while installing another firewall onto each computer, such as zone alarm or something or would this cause complications and basically not help anyway?


  • #2
    a firewall on the computer is never a bad idea...In my opinion I would rather be too protected rather then ill protected..


    • #3
      If you router has a firewall and your computer will never be moved outside that network then I would not bother getting a separate firewall for your comp. It really would not protect you any more than using just the router's firewall.

      If you have a laptop that will be going all over to different networks then definitely get a firewall, or at least turn on any built in firewalls your system may have.

      It doesn't really matter though, go ahead and get a firewall... they generally won't cause many problems and they don't kill systems like the stupid "live virus protection" crap that Symantec and so many other companies advertise.


      • #4
        ok thanks both. do u know if those two settings should be enabled on the routers firewall though?


        • #5
          Originally posted by _SKiLLz_ View Post
          ok thanks both. do u know if those two settings should be enabled on the routers firewall though?
          Why not try turning them on for a couple days to make sure they don't cause any issues?


          • #6
            A wireless network card can communicate only with a wireless router or a wireless access point. It is important that the wireless network card or adapter should work at the same speed and with the same coverage as the wireless router. In addition to the communication software that is embedded in the network interface card's (NIC's) ROM, the computer also requires networking software to be installed for the network to be functional. Both the software and the NIC have to adhere to the communication protocols of the network to which the computer is to be connected.

            The site survey is an assessment of signal coverage per each access point within a specific building. It confirms with the client 100% coverage at a specified signal guaranteeing employees will have no issues with sending wireless packets across the network. Each building structure will have a design that determines signal characteristics. The most often issues that cause problems with decreasing wireless signals include water, metal, building contours and devices that emit electro-magnetic interference. Some access points can send a pattern of coverage extending 100 - 170 feet while some will emit a signal 50 feet with same characteristics. The building structural design has a lot to do with that.

            The following is an overview of the site survey process:

            1) Discuss Signal / Noise and Data Rate with Client

            2) Obtain Floor Plans

            3) Survey Buildings Noting Signal and Coverage

            4) Document Access Point Placement


            • #7
              Wireless networking has predominantly become more popular over the past few years, with advancements in technology, wireless speeds are getting closer to matching those of wired and many homes and businesses are implementing them into their network.


              • #8
                1. The router firewall is enough. There's no reason to install a software firewall onto any of the pcs connected to the router. Just make sure the router is secure.

                2. DoS will need to be trial and error since. I would suggest enabling the protection and disable it when necessary. There have been problems with xbox and rare occurrences of other connection issues with it enabled, so you'll need to check that first if you notice problems.

                3. Port Scanning: I recommend enabling the protection. Without specifics its hard to say whether or not you would need this protection disabled but a good start is to enable it and turn it off if/when needed.

                These are not cookie cutter, one size fits all answers so your friend may find that he needs a different setup as time goes on.



                • #9
                  As an additional layer of security use WPA encryption if hardware supports this method and change the default SSID (wifi network indentifying broadcast) or disable it completely and setup MAC filtering so only your computers can use the router especially so if you have other people living nearby or are within 200 feet of a public road.

                  Why you ask? .. because it takes less than five minutes to hack a WEP key, turning off the SSID and adding MAC filtering will also slow a hacker down a little but not much. WPA on the other hand is a tougher nut to crack but not imposibble, so do use a long random passphrase and change it regulary if you're paranoid.


                  • #10
                    building router in firewall is really good idea but try to enable dos and port scan but small problem is some file may not open


                    • #11
                      If your rooter has firewall you have no need to install one on the pc.

                      I use MAC filter on my wireless network just add the MAC addresses of the laptop and pc and you dont even need a password since noone but those 2 computers can connect.


                      • #12
                        Originally posted by MarkTheUser View Post
                        If your rooter has firewall you have no need to install one on the pc.

                        I use MAC filter on my wireless network just add the MAC addresses of the laptop and pc and you dont even need a password since noone but those 2 computers can connect.
                        Not true at all.

                        Always use the router firewall in addition to your operating system firewall. That will protect you against external & internal (LAN-based) attacks. Not to mention if you dont use one on your computer and you say... goto the coffee shop with it... well... your laptop would be wide open. Firewalls can also help protect against worms on the local network - something your router's firewall cant do.

                        As for the router:

                        1) Without encryption (a password/key) everything will be wide open and plain text (except for SSL....) Its very easy to sniff passwords/traffic that way. Plus with a rouge AP and some know-how they could sniff SSL as well (with fake security certs, since most people just ignore those security warnings).

                        2) Its easy to sniff MAC addresses with/without encryption, MAC filters are a very-weak form of security. While your wifi card has its own burnt-in MAC address, the operating system is what actually constructs the wifi/ethernet frames. Every modern operating system supports some ability to change what MAC address gets used. Heck, many newer routers even let you change what its MAC address is.

                        On top of that the MAC addresses are sent with every single packet that goes through the network.

                        All it would take is a packet sniffer like wireshark to find out the network's existing MAC addresses, edit a couple of settings on their laptop, and boom... now they are on. That's how people bypass those silly pay-to-connect wifi networks as well, but you didn't hear that one from me

                        For best security:

                        Always use WPA2 - as WPA and especially WEP are both easily cracked. If your router has it - disable wifi protected setup (WPS) if you can. There's been a bunch of WPS vulnerabilities exposed lately. And use a firewall on both the router & PC.

                        Things like MAC filters and hiding the SSIDs (a setting on most wifi routers) add very little in the way of security.