May 25, 2009

Setting up a router for your home network

I mentioned a while ago that one of the pieces you need to secure your network is to add and configure a router. A router is used to accomplish:
  1. sharing the (high speed) Internet connection. An ISP will only give you 1 external IP address. If you have more than 1 computer, it's too expensive to have multiple IP addresses assigned by the ISP
  2. Increase security for your network & computers

This is accomplished by creating an internal network with its own set of IP addresses. When a computer is plugged into the router, it assigns a new IP address to that computer. The router uses Network Address Translation (NAT) to map the external IP address to the internal ones. This achieves #1 and also is a major part of #2.

There's no way I can post step by step instructions on setting up your router. There are too many variables (ISP, model, etc.). However, the steps you take are basically the same for any router or ISP.

Your first decision is what brand of router to choose. The number of models and protocols can be intimidating. If you have a geek friend, talk to him or her. Once you decide on the model and protocol, use the Internet. You will always find it cheaper than buying it at Best Buy, Stapes or such.

If you don't have a geek friend, I would recommend you stick with Linksys or NetGear. The both are available inexpensively and come with software that will walk you through everything. In My Not So Humble (IMNSHO), Linksys has the edge on this. You shouldn't hae to spend more that $50 or so.

Whatever you do, don't get a wired router. This is one where every computer has to be connected with an Ethernet cable. They cost just as much as a wireless router. Also, every wireless router has at least 4 ports you can use to connect a computer by a wire.

The next decision on the communications (802.11 protocol to use. You will see the following:

  • 802.11a (54 Mbps)
  • 802.11b (11 Mbps)
  • 802.11g (54Mbs or 108Mbps)
  • 802.11n (300Mbps)

Forget about 802.11a and 802.11b. They are both over 10 years old and basically obsolete. As to 802.11n, it may seem like the way to go, except for the fact that it's more expensive and you will not be likely to require that kind of throughput. Also, the protocol is still technically in the "draft" stage. Your best bet is to get a router with 802.11g. It will provide you what you need for quite a while. If you can get one that supports 108Mbps (Super G) protocol, consider it. However, 54Mbps is a lot of bandwidth unless you have a lot of computers connected that are sending/receiving a LOT of data....

Okay, here are the setup basic steps:

  1. Turn off your computer
  2. Connect the router to the modem with an Ethernet cable
  3. Connect a computer to the router using an Ethernet cable. You can go wireless later, if you want to.
  4. Turn on the router, wait until it is running and turn on the computer
  5. Configure the router. With certain models, there will be software that will walk you through it. The actual configuration is done via a web interface using your web browser.
  6. Verify that the computer is connected to the Internet.
  7. Connect any other computers (wired or wireless).

There are some configuration changes that should (and often must) be made. These will increase the security that the router can provide. You should consider these even if you already have a router in place and working!

  1. Change the default administrator's password: This is a mandatory change. Every manufacturer has a default password. Everyone on the Internet knows what they are!!!. If you don't change it, you are inviting someone to use your wireless Internet connection or, even worse, attack your computers and use the Internet for malicious purposes.
  2. Turn on encryption. This will help prevent intrusions by unauthorized users. You all probably remember the massive security penetration of T.J. Maxx a while ago. Thousands of credit card numbers, etc. were stolen. The reason they got in? T.J. Maxx was using an obsolete encryption schemes called WEP. This is considered no better than no encryption. You should be using WPA or WPA-2. Use the strongest one your router and wireless computers provide.
  3. Change the SSID of the router. This is the network name. Again, every manufacturer has a default SSID. By changing it you are making it a little more difficult for hackers to connect
  4. Turn off SSID broadcasting. By default, every wireless router broadcasts to the world "I'm here and my name is...". This makes it easy to connect. However, it also makes it easy for hackers (or neighbors) to see you.

There are a lot of other things one can do. The good news is that they all make your network more secure (some less than others), but they also make it a bit more complicated to get a computer set up to use the wireless network. I usually recommend that once you've got it set up, write the administrator password, the SSID and the encryption key on a label and attach it to the router unless there are security reasons not to do this. Also, write down the steps (with the SSID and encryption key) so that it will be easier for your family and friends to connect.

Here are a couple links with a bit more detail on some of the steps I've given (and lots more). Good luck and enjoy....


Post a Comment