Wireless routers--I admit I'm an idiot.

Factual Questions
1

Inspired by Zsofia’s thread. I have a TWC Roadrunner wireless router. It consistently knocks me off the internet, and shows up as an “unsecured connection”. I’ve had it 3 years. I had my laptop hooked up to a hotel network a couple of weeks ago, with no interruption in service.

I’m thinking (in my totally computer-ignorant mind) that I might need a new wireless router. Please forgive my ignorance (fight it!). Do I have to go through TWC to get a new router? Or can I buy one on Amazon and get it to work with my wireless connection?

My kids (adults) were visiting a few weeks back and were appalled that my connection was not “secured”. Help me–help me!!!:o

2

An unsecured connection means that anyone can connect to it and use your bandwidth. Someone could be browsing kiddie porn and it would show up as you.

Your router will have a configuration page. Normally http://192.168.0.1 - but it could be different. Look in there and attend to the following:

SSID: Give it a unique name (e.g. hellpasowireless).
SSID Broadcast: turn this off. This stops it from advertising its presence. You have to know that it’s there. You may want to change the channel too.
Security: set this to WPA or WPA2 to encrypt the traffic between your laptop and the router. Otherwise someone can monitor what you’re doing e.g. steal your credit card info. You should have to have a pass phrase - necessary the first time people connect. No one can connect and use your bandwidth unless they know the name of the wireless link (the SSID), and the pass phrase.

For the tightest security turn on MAC address filtering and plug in the MAC address - those 12 hex digits - of your laptop. This will mean that only a device with the same MAC address as your laptop can connect to the router. This usually means only your laptop.

3

You should definitely secure your wireless router. Three words: encryption, encryption, encryption.

To keep out random strangers passing by: turn on WEP, WPA or WPA2.
Yes, WEP. WEP encryption is cracked in just minutes, but you need to make an effort to do it. It will keep out casual passers-by, and gives much better security than MAC filtering or SSID hiding.

To keep out persistent hackers: Turn on WPA or WPA2. Choose a good pass phrase.

Please, please, please forget SSID hiding and MAC filtering, it does not improve security at all, and is easily defeated by hackers. What’s worse, it gives you a false sense of security, making you think that you have real security when you do not.

Wireless LAN security hall of shame

  • MAC filtering
  • SSID hiding
  • LEAP authentication
  • Disable DHCP

Wireless LAN security myths that won’t die

4

Not true: they give would-be malefactors two more hurdles to jump. Sure they may be relatively easy to circumvent, but they’ve still got to be circumvented. A set-up like the OP’s isn’t going to resist the determined hacker. It’s the casual ones against whom he needs to guard, and both of these are good in that regard.

5

But there’s absolutely no point in doing it. A casual passer-by is stopped by any kind of encryption, even WEP. And encryption is needed to keep out the determined hackers, anyway. Encryption is like locking the door. SSID hiding is like slapping a Post-It note over the keyhole.

You didn’t read this, did you?

My bolding.

I can (and do) sniff out hidden SSIDs with my iPod Touch. Yes, the MAC addresses are there, too. Free and legal program.

MAC filtering and SSID hiding has become a pet peeve of mine. That is because it is not real security, and really should not be presented as such.

And if you’re concerned that your SSID is being broadcast to the world, then you should know that your laptop is broadcasting that very same SSID when you’re on vacation in Aruba.

6

You’re making my point for me. You have an app that does it. Someone who doesn’t have such an app is stymied. As I said, the OP’s setup isn’t going to resist the determined hacker. It’s the casual one, the bandwidth thief or the snooper, that’s the target here.

7

I once tried disabling SSID broadcast on my wireless router (while plugged in with a cable), and then could not figure out how to connect to the network wirelessly myself. After a few go-rounds of this, I plugged the cable in, turned SSID broadcasting back on, and went on with my life.

This was a couple of years ago on a Windows XP Home machine. I’ve since read several opinions like Earl E. Bird’s suggesting that it wouldn’t have been beneficial anyway, so I have not pursued the matter further.

But…was I being a complete idiot then, when I was unable to connect? It sure felt that way…

8

I think you are missing the point: WPA or WPA2 stops the casual person also, so why bother with the other items? Put up the big wall and be done with it.

9

Are you suggesting using no encryption at all and only use SSID hiding and MAC filtering? Because that will indeed keep out the most casual of casuals, but still give full access to any half-baked hacker and 14-year-old script-kid in the neighbourhood in less than 20 seconds. If that is what the OP wants, then that is the way to do it.

The TWC Roadrunner has WEP encryption or better. With WPA encryption, the OP is going to resist the determined hacker.

Yes, you have to do a few extra steps. I initially did this, too, and it was just a royal pain in the butt. Which is why SSID hiding and MAC filtering should never be used. The time and resources wasted on faux security is much better spent on real security.

10

If you’d spent more than 2 seconds reading post #2 instead of latching on to your hobbyhorses you’d have spotted this:

11

Thanks for all the responses. But my question was, could I just buy a better router online and use it with my current provider. Told you I was ignorant. But I figure if I could buy a better router, that wouldn’t kick me offline every 20 minutes, I could set it up properly. I’m not worried about cost. (I have a PC)

12

Then why are you blathering on about SSID hiding and MAC filtering when it adds abso-frickin-lutely nothing except being a huge waste of time? :confused: Do you claim to have superior knowledge of Wi-Fi security to that of George Ou, Microsoft, and Robert Moskowitz, senior technical director at ICSA Labs? Yes, they all advice against SSID hiding.

Seriously, if anyone saddled up any hobbyhorses in this thread, you set an example. :rolleyes:

EOD, and welcome to my ignore list.

To the OP: My apologies for being partly responsible for derailing this thread.

Back on topic: I suggest contacting your internet provider and ask them. Not all routers are created equal, and the one you grab off eBay or wherever may not be compatible. WPA encryption is a must. WPA2 is arguably better, but at least my iPod Touch refuses to play nice with it.

With just WPA or WPA2 encryption and a good pass phrase you will keep out just about the whole dang world. And by giving that pass phrase to select friends and/or family, it will be dead simple to share your Wi-Fi connection with them.

13

Sounds like everyone else here has superior router knowledge over my baby geek status. I would add one small thing though, I’ve had the WORST luck with Linksys routers (as have other people I know).

Good luck!

14

Make sure that the problem is not radio interference.

Is there a way to know if wired connections to the same router are still happy while the wireless connection is down?

Most routers come set for channel 6 out of the box. Most folks who change this go for either 1 or 11, to distance themselves from the rest of the crowd.
You can use a freeware wifi detection app to see what different wireless networks are running in your area, their signal strength, and their channels.

Note that devices such as microwave ovens do affect wifi.

About replacing the router…

What kind of Internet service do you have (cable, satellite, dsl)?
Is there another box between your current router and the service entry point in your home?

Some ISPs provide a company-branded device that contains modem + firewall + switch + wireless access point. If yours is one of these, then you cannot just replace it with your own device. You would need to talk to the ISP and see if they could provide a new box.
With such a all-in-one box, you can piggyback your own wifi router on top of it, but there are network details you would need to iron out.

I am firmly against the “hide SSID + use MAC filtering” point of view, FWIW. These are the flimsiest excuse for security and all they do is make your own life harder, while giving you a false sense of security.
As you pointed out, hiding the SSID made it difficult to configure your other devices. Indeed, I have some devices at home that won’t find the network at all unless the SSID is turned on at least for a moment.

Networking problems are challenging enough to figure out, so it makes it easier if you eliminate unneeded complexities. Imagine sending your computer to the shop for repair and then wasting four hours trying to figure why you couldn’t connect to the Internet, not considering that the new network card they swapped in would have a different MAC address?

Besides, the SSID broadcast allows you to send cute, passive-aggressive messages to your neighbors.

15

I know this is off-topic, but George Ou’s name doesn’t really help your position. He’s a writer, not a technical person, and I’ve read articles and subsequent comments that really exposed a basic lack of understanding of the topics he was writing about (one that comes to mind was about Sun T2 processor).

Edit: not disagreeing with your point, just making a point about one of the people you listed