Need some help securing a wireless router

[GB]

Brother Freepers, I've gotten some great help on computer-related issues here before, so I'm turning to you for assistance again.

[GB]

Finally, nearly a year after purchasing it as part of a deal with Broadband National to get Comcast Cable Internet, I have hooked up a D-Link WBR-1310 router to my main desktop computer (Dell Dimension E510) to set up a small network to allow my wife, who has had a laptop for nearly two years, to finally be able to get online with it. The installation guide CD that D-Link enclosed made it really easy to install the router and, while I saw mixed feelings on the software when checking it out online, although most of the comments I saw were positive, I love the trial download of Network Magic that was included on the installation guide CD, I find the interface very clear and simple as to what's going on, I feel it will fit our needs and I intend to purchase the software at the end of the trial period.

My wife is online with her laptop as I write this, virus protected and with a firewall enabled. However, our little network ... which is going to include one more desktop computer when we get it set up in our kids' room ... remains unsecured. And it may be the fallout of my brain being scrambled after just going through downloading and installing 82 critical Windows XP updates, five driver updates and six other really needed software updates being that my wife's computer has never been online in the two years she's had it, but I'm having trouble getting a handle on exactly what to do.

I've read a very detailed sticky post about securing networks on Comcast's help forums, I've read the instructions from D-Link, I tried using Network Magic's automatic function for securing the network and it didn't take because apparently I have a really low end router that isn't included on Network Magic's list of routers that it will automatically configure for security. And all this stuff ... WEP, WPA-PSK, 64 bit, 128 bit, hexdigits, passphrases, MAC filtering, DMZ, and so forth and so on .. has my eyes spinning.

So could someone out there who is familiar with this particular router, or something like it, or familiar with this subject in general, give me the as simple as possible, steps A through Z, "instructions for dummies" version of exactly what I need to do to (a.) the router and (b.) my wife's computer, and I guess later on my kids' computer, since they will be the ones accessing the Internet wirelessly, to secure this network? I know the router's IP address, I know what the default login is, but after that, I really don't have clue one of what exactly to do. (For instance, the booklet gives instructions for WEP and WPA-PSK encryption, but doesn't go into detail about either or say which one is preferable for this particular router.)

Thanks in advance for any help.

[GB]

I probably should’ve titled this “securing a wireless network.” It’s late and as I said, my brains have been scrambled by this experience. :)

[stainlessbanner]

The basic idea is to create a shared secret on the router and the client to allow encrypted communications.

On the router
Use WPA-PSK encryption to create a secure network connection. On the router server administration page, create a network identifier (SSID) name. Then enable WPA-PSK and create a passphrase.

On the client
In the network configuration settings, add the same passphrase to the connection properties. There is usually a setup wizard to help you create the new connection, or you could power on the wireless radio and capture the network signal to connect.

Also, you can lock your network down by MAC address (network interface card in your PC), which is probably more secure, but you'll have to capture your MAC address from each client and add to the router.

I don't use d-link's....maybe some other folks can give you a better idea.

[Vintage1]

I had similar problems networking out two laptops and one desktop using Comcast’s secured network. I instead bypassed their router by attaching the networking cable into a linksys wireless router; then I secured the network using McAfee’s Security Suite (which I already had installed on all the computers; McAfee has a rotating key and so far so good - it’s been about a month, and I’m happy with the security and connections. Best of luck!

[miliantnutcase]

I used to use WEP and MAC address filtering, but recently WEP has been found to be easily compromised so I just kept with MAC filtering.
I like to give my wireless network funny names like “FU Neighbor!”, or “No P0rn 4 U!”.

[Jedi Master Pikachu]

Not that skilled with computers. ShadowAce might be able to help, though.

[texas booster]

Get the MAC addresses from each computer that you want on the network. They will look like this:

00-02-2D-11-55-4D

or just go here for detailed instruction to get the MAC address:

http://www.coffer.com/mac_info/locate-windows.html

Log into the router and go to the section on MAC addresses. Set the router to DENY ALL except the addresses typed into the router by you.

Now no one can jump on your network.

Follow stainlessbanner’s advoce above and turn on WPA if you want. Not a bad idea at all.

Remember that you will need to add new computers to the MAC address list, so DON”T FORGET YOUR PASSWORD to the router.

Write it under the router on a label, but DON”T forget the password to teh router!

[Bloody Sam Roberts]

The router should have a NAT (Network Address Translation) firewall built in so anything connected to it should be secure. As for the wireless connection, use WPA only. WEP uses an encrypted key...so does WPA but WPA cycles the key every few seconds which makes it inherently more secure.
This security protcol is solely for the purpose of locking your wireless connection so anyone without the passphrase you assign, cannot utilize your wireless connection.

When you set up your wireless, be sure to select the option to let Windows manage your wireless connection. After that it's all a breeze.

[GB]

I'm more awake than when I first posted last night ... it may be broadband, but I tell you, it was a CHORE downloading and installing 88 Windows updates and five driver updates on my wife's laptop; setting up the network was a breeze ... so let me get a bit more specific. Should I choose WPA, WPA2 or WPA2-Auto for my type of encryption? And what cipher type is preferable, TKIP or AES? I think I've already decided to use the PSK setting instead of the EAP setting.

Thanks to you and everyone else for the input. We're not only together on the right side of politics and history, but I've found in the nine years I've been posting here that there is a breadth of knowledge on all things than I don't think any other board of any other ilk can beat. :)

[kevkrom]

Log into the router and go to the section on MAC addresses. Set the router to DENY ALL except the addresses typed into the router by you. Now no one can jump on your network.

Not entirely true. You can spoof MAC addresses if you want to. You'll need the transmission encrypted to prevent snoopers from reading (and then later spoofing) valid MAC addresses; you'll want it encrypted anyway to keep your personal info (password, credit card numbers, etc.) private.

[Bloody Sam Roberts]

Not sure of all of the diffs but I use WPA-TKIP on all my laptops/nodes in my network and have had no issues at all. But then, I’m in a fairly rural setting and hyper-security isn’t a large concern.

[ShadowAce]

I think post #7 is probably the easiest way to get the most secure.