Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


*Jono*

68 posts

Master Geek


#9175 27-Aug-2006 01:13
Send private message

Hi there guys

Just got a D-Link 604 Router and i was wondering how i go about making it more secure.

What settings should i apply? And in the D-Link Login.


Cheers
Jono

Create new topic
muppet
2291 posts

Uber Geek

Trusted

  #44758 27-Aug-2006 02:51
Send private message

Turn on at least "Wep" encryption, though if it supports "WPA" then use that (it's stronger)

Also, if your device supports adding MAC addresses to it, find out the MAC address of your laptop and put that in, then disallow all other MAC addresses from connecting.

Mark
1547 posts

Uber Geek


  #45089 31-Aug-2006 17:56
Send private message

Turn it off.

;-)

Sadly both WEP and WPA are hackable with tools off of the internet (thankyou penguin huggers!  .. sorry just poking fun :-) 

If you want to secure it use WPA, it'll be good enough for home, lock your router to specific MAC addresses (this way it will only talk the WiFi cards you own), don't use DHCP- hard set your IPs to some strange range (this way if they do get past the MAC address filtering, and break your WPA key they still have to find what IPs you are using .. might slow them down .. oooh 10 minutes ?) and turn off SSID broadcasting.  Then choose a nice long complicate key.

Like I said, if someone REALLY wants in and have the skills and tools, then there is not much you can do.

DON'T use WEP!  I was horrified how quick it took me to get access to a WEP protected access point .. using tools of the internet it took 5 minutes of gathering packets and then 2 minutes of processing to give me the WEP key!  Not good!  (PS.  I "hacked" my own access point .. wanted to see how long it took :-)



 
 
 
 


barf
643 posts

Ultimate Geek


  #45106 31-Aug-2006 20:25

a whole 10 minutes to get around a MAC address filter and static IPs? sniffing the IPs out of the packets is'nt much harder than sniffing the packets in the first place and changing your MAC address is easy with a supported chipset.

use WPA2 instead of WPA if your dlink supports it.

physically securing your access point may also be a good idea, put it in a place where the signal is only usable from within your house and not outside of it. This will upset most wardrivers who use internal antennas but, I've been able to connect to d-links with their standard omni-antenna from 1-2 kilometers away using a dish.




Sniffing the glue holding the Internet together

johnr
19282 posts

Uber Geek
Inactive user


#45107 31-Aug-2006 20:35
Send private message

Use a LAN cable turn off wifi

Can't be cracked then

DonGould
3892 posts

Uber Geek


  #45115 31-Aug-2006 22:11
Send private message

Run a nix box with ipsec tunnels behind the router.  Problem solved.

HTH

Cheers Don




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


tonyhughes
Hawkes Bay
8477 posts

Uber Geek

Mod Emeritus
Trusted
Lifetime subscriber

  #45124 1-Sep-2006 09:51
Send private message

Hi Jono. Marks reply is about the best in the list.

I have the same router.

Use WPA-PSK
Use Static IPs
Change your SSID
Enable Hidden SSID
Enable MAC Access List and add your device(s)
Put your router as far away from the roadside as possible

Thats about the best most (l)users can hope for, without using a decent router/firewall/gateway box of some sort.
A committed cracker will still get in if they want, but the same is true of ANY system. Its just how much you want to spend to delay them.







*Jono*

68 posts

Master Geek


  #45135 1-Sep-2006 13:10
Send private message

tonyhughes: Hi Jono. Marks reply is about the best in the list.

I have the same router.

Use WPA-PSK
Use Static IPs
Change your SSID
Enable Hidden SSID
Enable MAC Access List and add your device(s)
Put your router as far away from the roadside as possible

Thats about the best most (l)users can hope for, without using a decent router/firewall/gateway box of some sort.
A committed cracker will still get in if they want, but the same is true of ANY system. Its just how much you want to spend to delay them.


So do i do all this through windows or throught the D-Link Admin setup thing?

When i clicked on WPA in the D-Link setup its asks me for my server IP address and secret?

Sorry im all new to this so excuse me if i sound dumb!

 
 
 
 


Mark
1547 posts

Uber Geek


  #45167 1-Sep-2006 18:25
Send private message

Select "WPA" and "PSK String" .. there are a couple of flavours of WPA, one of them goes off and authenticates against a dedicated server .. you won't have that.

If you don't have the "PSK String" section then you might be running an old firmware on the router, D-Link have the latest/greatest on their website (make sure you get the NZ version of the firmware)

If you want I can configure things for you if you like ... send me a private message and I can run through what you need to do to give me access to your router from the outside world, I can then log in do as much tightening as possible and then log out.  Though it would be a better learning experience for you to do it your self :-)

Regards!

Create new topic




News »

Amazon introduces new Echo devices
Posted 25-Sep-2020 11:56


Mad Catz introduces new S.T.R.I.K.E. 13 Mechanical Gaming Keyboard
Posted 25-Sep-2020 11:34


Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.