# How to secure my home network



## wolliwuk (Feb 11, 2008)

Can someone help me to secure my home network as I seem to have a neighbour who is helping himself to my connection...

We have two apple imacs and a macbook on the network along with three xboxes a PS3, three Blackberrys and an ipod touch..

I use the PS3 as a media server and we all use xbox live on the xboxes and we all use the wifi on our Berrys and on the ipod touch so I need to be able to continue to do that easily without having to input a long password that I can never remember fifty million times a day. One of the iMacs is wired but everything else is wireless and it is a Netgear DG843G Modem router.

Can anyone help?

Thanks


----------



## griffin1907 (Mar 4, 2006)

Not familiar with the router but will be something like....
Access the router settings along the lines of 192.168.x.x in your web browser, then setup the security you want, WEP, WPA etc. Then, on each device, connect to your network again, but the difference is you'll only need to enter your new password the one time. The devices 'should' connect automatically every time then without the need to re enter the password.

You can get even better security by hiding your network (tick or untick the box that says display SSID) and you can even filter MAC addresses so only certain devices will be able to connect even if someone does get the password.

I'm sure someone a bit more knowledgable will be along with more help


----------



## Matt197 (Dec 27, 2006)

By the sounds of things you have no security setup on your router?

Type 192.168.0.1 into your browser and you will be promoted to type in a username and password, default is admin - password

On the main menu, select Wireless Settings and you are looking for the security options, you want to use at least WPA-PSK but I would be using WPA2-PSK

Enter a strong password, you will only need to enter them once on your devices like the PS3 and they will remember the settings.

For added security I would also be changing the default password you use to log into the router, so look for "Set Password" of the left menu and change it to something different.

If you run into problems have a look on the Netgears website http://kb.netgear.com/app/products/family/a_id/1288

You can setup MAC Address filtering so you don't have to enter a password but I would not recommend just relying on that as your security.


----------



## Guest (Nov 14, 2010)

Firstly change the routers access password to something difficult, upper and lower case and numbers.

Then I'd add the MAC addresses of all your kit into the routers 'Set Up access List', and turn your access list on. If the mac address isnt on that list, then it cant connect. I use that and a WEP key, 128 bit. It takes a while to set up but makes your network pretty secure from your neighbours.


----------



## jamest (Apr 8, 2008)

I also use a white list of MAC addresses and have dhcp turned off with all computers having a static ip address. But that is overkill for most people. Just enable WPA encryption and you will be fine. WEP is easy to break now so should be avoided.


----------



## John757 (Jun 11, 2009)

As previously said, don't use WEP. WEP can be broken in seconds using the right methods.


----------



## Ninja59 (Feb 17, 2009)

be careful sometimes if you use WPA2 the berrys can be funny as alot dont offer WPA2 protection as an option but if you select pre shared key (PSK) and then put your WPA2 key it will work....it will even recognize it after working as a WPA2 key but theres no option during setup of the wifi for them

edit: as above regarding use of WPA2 over WEP


----------



## centenary (Sep 5, 2010)

wolliwuk said:


> Can someone help me to secure my home network as I seem to have a neighbour who is helping himself to my connection...
> 
> We have two apple imacs and a macbook on the network along with three xboxes a PS3, three Blackberrys and an ipod touch..
> 
> ...


Netgear's are very good and simple to set up for network security.

First off make sure you use the LAN cable from the router to your laptop when making these changes.

The easiest way to do this is switch on all your pc's, laptops and xboxes that access the net.

Log into your router and find Set up Access List option. When this opens, you should see every pc, laptop and xboxes MAC address under Available Wireless Stations. Bullet the ones you want and click Add. These will then appear at Trusted Wireless Stations.

Make sure you *dont* include your free loading neighbour's pc's or laptop in this list.

If you want to check each of your pc's etc MAC address, click on the wireless icon at the bottom right of your screen (the 2 little blinking terminals) and display Network Sharing Centre.

You can either click on view full Map which should show all items connected to the network. Place the cursor on each item to display the MAC address of each.

Alternatively, open the Network sharing centre on each pc and click on View Status then Details. Each items MAC address should be under Physical address.

Now click on Turn Access Control On so a tick appears. Click Save.

Make sure all your pc's, laptops and xboxes can still access the net. They may drop the connection when you click Save but just reconnect them to the net as normal and they should be ok.

Once you're happy and confident with this, you can set the wireless security level

Set you network wireless settings as WPA2. Dont use WEP, its too easy to hack. You need to make up a 'key' preferably with a mixture of upper, lower case letters and numbers. *Write this down and keep in a safe place!*. Click Save.

My WPA key has about 30 characters in it so good luck to anyone trying to hack that!

Once you set this security, all connected pc's laptop and xboxes will be chucked off the network. This is why you need to use the LAN cable between the pc \ laptop and router while you make these changes.

Now you have to connect each pc, laptop and xbox in turn. You'll be prompted for the WPA2 'key' before each can reconnect to the net. When you enter the key, tick the box 'show characters' so you can see any mistakes.

Once you are happy with this, you can now switch off the broadcast of your network's id. ie your network work be displayed for your neighbour to try and piggyback your connection but your pc's etc should still connect to the network. Dont tick Wireless Isolation because that will switch off your wireless network!

Right, once you've done this, change the router's password and keep it safe with the WPA2 key. Writing down passwords isnt normally a good thing to do but seeing as its only your family who be able to see it, it doesnt really matter.

Log out of the router interface and disconnect the LAN cable. Now attempt to connect wirelessly with your network. You should be prompted for the WPA key. Type this in and you should connect and be ok.

If you cannot connect, it's possibly because you didnt include this pc or laptop in your trusted stations list!

Hope this helps!

Beep, beep :driver:


----------



## wolliwuk (Feb 11, 2008)

Hi Centenary I am trying to follow your instructions but you have lost me with the checking of each computers MAC address. Coz I am actually on an Apple Mac I am having difficulty finding the bit where it tells me the mac address of all the computers etc attached to the network.

Can anyone help me with this bit on a Mac?

Thanks in advance


----------



## wolliwuk (Feb 11, 2008)

How do I find the Mac address on the Macs and the Xboxes and the iPod? Am struggling as I can find the ip address the router address and the ethernet ID but not the MAC address


----------



## Kai Herb (Aug 8, 2007)

For the mac go into Network Preferences and click on the advanced tab , it will show your "Airport id" this is your Mac address


----------



## jamest (Apr 8, 2008)

On the Xbox you have to go in to the network section then advanced I think, it should list the current IP address, gateway, MAC etc.


----------



## wolliwuk (Feb 11, 2008)

Thanks to all that have helped... I have now got the MAC addresses of all my gadgets etc and added them to my wireless list. Have also stopped broadcasting the name of my network and changed the name of it to something that if someone does discover it will tell them politely what to do...lol
And have changed my password for my router ..

I am hoping that "Jonathan" is sitting at his PC tonight scratching his head wondering where his free network connection has gone....


----------



## jamest (Apr 8, 2008)

Perhaps you should make a flyer.

"WiFi from only £5 an hour."


----------



## gatecrasher3 (Jul 21, 2006)

wolliwuk said:


> I am hoping that "Jonathan" is sitting at his PC tonight scratching his head wondering where his free network connection has gone....


You should pop round next door and politely apologise that your network is currently experiencing technical issues and you hope to have them resolved shortly.

Alternatively leave it open for a bit longer before browsing through the files on his machine, deleting the odd ones here and there.


----------



## Guest (Nov 16, 2010)

I will say it: MAC filtering is a waste of time, and so is hiding your SSID 

Use WPA2 with reasonable password, wireless network is now secure.


----------



## jamest (Apr 8, 2008)

G220 said:


> I will say it: MAC filtering is a waste of time, and so is hiding your SSID
> 
> Use WPA2 with reasonable password, wireless network is now secure.


Waste of time in what sense? Doesn't take long to set up at all so hardly a waste.


----------



## Guest (Nov 16, 2010)

Because it doesn't accomplish any goals satisfactorily and in many cases only provides fractional additional security.

1) Does not encrypt data transfer so people can sniff packets
2) Does not provide through access security measure as people can employ MAC Spoofing.
3) Often does not provide sufficient information informing user why they cannot connect therefore becoming a troubleshooting inconvenience.
4) Need to access and obtain information from both router and client before it can be set up, unlike a WPA2 key that you can remember, thus no need to perform additional configuration on the router when required.

SSID: Easily obtained anyway, causes additional inconvenience when trying to establish a wireless connection initially.


----------



## jamest (Apr 8, 2008)

In the OPs case it was to stop his neighbour, I doubt he is going to be packet sniffing to try and get free internet access.

I have MAC addresses set up for static IP addresses with DHCP turned off, so you won't be getting an IP address out of me unless you somehow find out one of the devices MAC addresses and the relevant IP address.

In a bigger network I would agree with you, but a small home network where you know every device, it doesn't do any harm.


----------

