Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


68 posts

Master Geek


Topic # 9175 27-Aug-2006 01:13
Send private message

Hi there guys

Just got a D-Link 604 Router and i was wondering how i go about making it more secure.

What settings should i apply? And in the D-Link Login.


Cheers
Jono

Create new topic
1984 posts

Uber Geek
+1 received by user: 742

Trusted

  Reply # 44758 27-Aug-2006 02:51
Send private message

Turn on at least "Wep" encryption, though if it supports "WPA" then use that (it's stronger)

Also, if your device supports adding MAC addresses to it, find out the MAC address of your laptop and put that in, then disallow all other MAC addresses from connecting.

1344 posts

Uber Geek
+1 received by user: 338


  Reply # 45089 31-Aug-2006 17:56
Send private message

Turn it off.

;-)

Sadly both WEP and WPA are hackable with tools off of the internet (thankyou penguin huggers!  .. sorry just poking fun :-) 

If you want to secure it use WPA, it'll be good enough for home, lock your router to specific MAC addresses (this way it will only talk the WiFi cards you own), don't use DHCP- hard set your IPs to some strange range (this way if they do get past the MAC address filtering, and break your WPA key they still have to find what IPs you are using .. might slow them down .. oooh 10 minutes ?) and turn off SSID broadcasting.  Then choose a nice long complicate key.

Like I said, if someone REALLY wants in and have the skills and tools, then there is not much you can do.

DON'T use WEP!  I was horrified how quick it took me to get access to a WEP protected access point .. using tools of the internet it took 5 minutes of gathering packets and then 2 minutes of processing to give me the WEP key!  Not good!  (PS.  I "hacked" my own access point .. wanted to see how long it took :-)



643 posts

Ultimate Geek


  Reply # 45106 31-Aug-2006 20:25

a whole 10 minutes to get around a MAC address filter and static IPs? sniffing the IPs out of the packets is'nt much harder than sniffing the packets in the first place and changing your MAC address is easy with a supported chipset.

use WPA2 instead of WPA if your dlink supports it.

physically securing your access point may also be a good idea, put it in a place where the signal is only usable from within your house and not outside of it. This will upset most wardrivers who use internal antennas but, I've been able to connect to d-links with their standard omni-antenna from 1-2 kilometers away using a dish.




Sniffing the glue holding the Internet together

19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


Reply # 45107 31-Aug-2006 20:35
Send private message

Use a LAN cable turn off wifi

Can't be cracked then

3888 posts

Uber Geek
+1 received by user: 163


  Reply # 45115 31-Aug-2006 22:11
Send private message

Run a nix box with ipsec tunnels behind the router.  Problem solved.

HTH

Cheers Don




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


Hawkes Bay
8477 posts

Uber Geek
+1 received by user: 4

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 45124 1-Sep-2006 09:51
Send private message

Hi Jono. Marks reply is about the best in the list.

I have the same router.

Use WPA-PSK
Use Static IPs
Change your SSID
Enable Hidden SSID
Enable MAC Access List and add your device(s)
Put your router as far away from the roadside as possible

Thats about the best most (l)users can hope for, without using a decent router/firewall/gateway box of some sort.
A committed cracker will still get in if they want, but the same is true of ANY system. Its just how much you want to spend to delay them.




Visit http://www.thecloud.net.nz for New Zealand based Hosted Exchange, Virtual Servers, Web Hosting, FTP Backup & more.
(1GB free FTP storage, or larger plans from $5.75)
 
 - Setup your own mailserver at home on Ubuntu Server - full step by step howto here.
 - Have you seen this: Nathan "KFC4LIFE" Dunn.




68 posts

Master Geek


  Reply # 45135 1-Sep-2006 13:10
Send private message

tonyhughes: Hi Jono. Marks reply is about the best in the list.

I have the same router.

Use WPA-PSK
Use Static IPs
Change your SSID
Enable Hidden SSID
Enable MAC Access List and add your device(s)
Put your router as far away from the roadside as possible

Thats about the best most (l)users can hope for, without using a decent router/firewall/gateway box of some sort.
A committed cracker will still get in if they want, but the same is true of ANY system. Its just how much you want to spend to delay them.


So do i do all this through windows or throught the D-Link Admin setup thing?

When i clicked on WPA in the D-Link setup its asks me for my server IP address and secret?

Sorry im all new to this so excuse me if i sound dumb!

1344 posts

Uber Geek
+1 received by user: 338


  Reply # 45167 1-Sep-2006 18:25
Send private message

Select "WPA" and "PSK String" .. there are a couple of flavours of WPA, one of them goes off and authenticates against a dedicated server .. you won't have that.

If you don't have the "PSK String" section then you might be running an old firmware on the router, D-Link have the latest/greatest on their website (make sure you get the NZ version of the firmware)

If you want I can configure things for you if you like ... send me a private message and I can run through what you need to do to give me access to your router from the outside world, I can then log in do as much tightening as possible and then log out.  Though it would be a better learning experience for you to do it your self :-)

Regards!

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

The Warehouse leaps into the AI future with Google
Posted 15-Aug-2018 17:56


Targus set sights on enterprise and consumer growth in New Zealand
Posted 13-Aug-2018 13:47


Huawei to distribute nova 3i in New Zealand
Posted 9-Aug-2018 16:23


Home robot Vector to be available in New Zealand stores
Posted 9-Aug-2018 14:47


Panasonic announces new 2018 OLED TV line up
Posted 7-Aug-2018 16:38


Kordia completes first live 4K TV broadcast
Posted 1-Aug-2018 13:00


Schools get safer and smarter internet with Managed Network Upgrade
Posted 30-Jul-2018 20:01


DNC wants a safer .nz in the coming year
Posted 26-Jul-2018 16:08


Auldhouse becomes an AWS Authorised Training Delivery Partner in New Zealand
Posted 26-Jul-2018 15:55


Rakuten Kobo launches Kobo Clara HD entry level reader
Posted 26-Jul-2018 15:44


Kiwi team reaches semi-finals at the Microsoft Imagine Cup
Posted 26-Jul-2018 15:38


KidsCan App to Help Kiwi Children in Need
Posted 26-Jul-2018 15:32


FUJIFILM announces new high-performance lenses
Posted 24-Jul-2018 14:57


New FUJIFILM XF10 introduces square mode for Instagram sharing
Posted 24-Jul-2018 14:44


OPPO brings advanced technology to the smartphone market with new device
Posted 24-Jul-2018 09:20



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.