TechSpot

IP address home network security help please

By GRM100
May 4, 2005
  1. Can anyone help me with IP addressing or link to a decent tutorial in simple terms.

    My Set-up:
    I have a wireless router/modem connected to broadband.
    Both LAN PCs and a wireless laptop connect to internet successfully- WPA enabled.
    Each PC has, in addition, its own s/w firewall and AV. (Norton I.S. 2005)

    My Problem:
    I want to permit the PCs to access each other (shared folders, printers scanner, etc, etc).
    1. If I set access for a certain PC (lets say 192.168.1.1), can someone on the internet masquerade as that IP address and access my computer.
    2. If I turn my computers on in a different order, are the IP addresses the other way round if auto assigned.
    3. Should I therefore manually assign an IP address?
    4. Are IP addresses for home networks different and hence safe from those on the internet?
    5. Am I totally stupid or is this just the most confusing subject in the world.

    I have tried to read through some tutorials, but I'm struggling here folks.

    Thanks in advance for any help.
     
  2. Nodsu

    Nodsu TS Rookie Posts: 9,431

    1) No unless you have some really advanced router and you configure it to do so.
    2) IP addresses are assigned from the DHCP pool you set. They may be assigned differently each time.
    3) If you have a problem with changing LAN IP addresses then yes.
    4) Yes. The "private" IP addresses (192.168.*.*, 10.*.*.*, 172.???.*.*, 169.254.*.*) are not routed across the internet even if someone assigned them to their public interfaces.
    5) In my opinion it is not confusing so you either put the question wrong or.. :p
     
  3. Phantasm66

    Phantasm66 TS Rookie Posts: 6,504   +6

    There's your first issue if you are concerned about security.

    Read this:

    http://www.wardriving.com/

     
  4. Phantasm66

    Phantasm66 TS Rookie Posts: 6,504   +6

    You're not stupid, you have just not encountered this stuff much yet. Keep learning and reading and asking questions. None of your questions were stupid, anyway. We've all asked them before at some point, or asked questions like them before.
     
  5. StormBringer

    StormBringer TS Rookie Posts: 2,871

    If you don't know anything about configuring your router manually, just use the defaults and set the computers to obtain IP automatically, next we want to secure the wireless portion. This can be done several ways depending on the types of security supported by your router and your wireless cards. Unless you have a dedicated server you can set up for it, or unless you have a router that includes a RADIUS server(those are quite expensive) then you'll probably want to stick to WEP or WPA(PSK or TKIP) Next, I'd suggest you also use MAC filtering to supliment your wireless security. This would be a secondary line of defense. Most routers have the ability to block or allow by MAC(physical) address. This is a unique identifier for a network adapter. Each wireless computer will need to have its adapter's MAC entered into the router to be allowed.

    Some things to remember; passphrase is easy to crack because using words and phrases to genetate a key is easy to crack with dictionary attacks. You are better off either using a key you create yourself(HEX of course) or if you must use passphrase, use something like "kfjdhsjfdd dksjsikiel kfjghtyeuie" to generate it. Using real words is to easy to convert since the phrase will always generate the same key set.
    Also remember that your firewall is designed to protect what is behind it so its not going to do anything to protect your wireless, especially from people just trying to steal some internet. Good news here is, most people aren't going to take the time with any type of secured network, they will usually move on and find an unsecured one down the road unless they are looking to do more than surf for free.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.