Certification - January 2009 - (Page 16) TROUBlEshOOTING securing home Wireless Networks AVNER IZhAR Q: I’m having a problem with my wireless connection at home. Internet browsing works for a while but then goes dead — even after several reboots. Two days later, it will magically work again. The wireless router has a laptop and a desktop with a Cat5 cable connected to it. The strange thing is that the desktop, a three-year-old workstation, works. Help! – Robin A:This happened to a buddy of mine. I decided to pay him a visit, as there is only so much you can do remotely. When I took a look at the connections, I saw that his Linksys wireless router was hooked up to Vonage, a Voice Over Internet Protocol (VoIP) device. My friend said he hadn’t experienced any interruptions in phone service while his laptop Internet connection was down, which surprised me since Vonage relies on an Internet connection. Since the desktop workstation was working and there weren’t any phone issues, I figured the problem probably wasn’t related to the Internet service provider (ISP). When I powered up the laptop, I found that it was associated to a wireless SSID (service set identifier) named “Linksys” and received an IP, but would not connect to the Internet. It was able to ping the default gateway, but couldn’t get to the domain name system (DNS). Meanwhile, the desktop computer was connecting just fine. I compared the configurations side by side. Both used the same SSID, but after running the “ipconfig” command, I found they were on different IP networks. I logged in to the router’s Web interface from the wireless laptop. The router information indicated it was not the one I saw in front of me. In fact, the one I was logged into had no voice submenu. I logged on from the wired desktop and got to the correct device, which did have the voice submenu. At that point, it seemed like the puzzle was starting to make sense: There were two wireless routers broadcasting a “Linksys” SSID. The first was the one in my buddy’s apartment; the other was close by — probably in a neighbor’s house. This is very common since people buy the routers in retail shops and are told simply to plug it into their modems and start using it. Many don’t install any kind of security measures or customization. When I changed the SSID to a different name and set the laptop to join that network, it connected to the Internet and the “ipconfig” command displayed the correct address. To make sure this problem never occurs again, it’s important to secure your wireless network. The main security options are: 1. WEP (Wired Equivalent Privacy): This uses the same password all the time, which makes it relatively unsecure. You can make WEP more secure by setting a key in index two, three or four. Just don’t try to get your iPhone to join a WEP network that uses any key index other than one, as it is still not supported. 2. WPA and WPA2 (Wi-Fi Protected Access): This method addresses many of the problems of WEP. 3. MAC address filtering: This method allows you to specify who can attach to your wireless network based on his or her MAC (Media Access Control) address. It can be used by itself or can be combined with the other two methods. 4. Non-broadcast SSID: You can “hide” your wireless network from the neighbors by setting the SSID to silent mode. But you should only do this if you are very familiar with wireless technology, as it will be harder to configure all your devices in a static manner this way. My recommendation is that you use at least WPAPSK and go for WPA2 if you can. MAC address filtering can be a high-maintenance solution, and it’s not impossible for hackers to fake a MAC address. Non-broadcast SSID is a good safety net, but only for the advanced user. 8 Avner Izhar, CCIE, CCVP, CCSI, is a consulting system engineer at World Wide Technology Inc., a company that provides technology and supply-chain solutions. He can be reached at editor@certmag.com. 16 CERTIFICATION MAGAZINE January 2009
Table of Contents Feed for the Digital Edition of Certification - January 2009 Certification - January 2009 Editor's Letter Contents Data Stream Virtual Village Tech Careers Dear Techie Academic Connection Troubleshooting What We Like Look Ahead The New Convergence Formula Cybersecurity: Are You Safe? Interface Lead Applications Developer: The IT Ambassador Inside Certification Ad Index Endtag Certification - January 2009 Certification - January 2009 - (Page Intro) Certification - January 2009 - Certification - January 2009 (Page Cover1) Certification - January 2009 - Certification - January 2009 (Page Cover2) Certification - January 2009 - Editor's Letter (Page 3) Certification - January 2009 - Contents (Page 4) Certification - January 2009 - Contents (Page 5) Certification - January 2009 - Data Stream (Page 6) Certification - January 2009 - Data Stream (Page 7) Certification - January 2009 - Virtual Village (Page 8) Certification - January 2009 - Virtual Village (Page 9) Certification - January 2009 - Tech Careers (Page 10) Certification - January 2009 - Tech Careers (Page 11) Certification - January 2009 - Dear Techie (Page 12) Certification - January 2009 - Dear Techie (Page 13) Certification - January 2009 - Academic Connection (Page 14) Certification - January 2009 - Academic Connection (Page 15) Certification - January 2009 - Troubleshooting (Page 16) Certification - January 2009 - Troubleshooting (Page 17) Certification - January 2009 - What We Like (Page 18) Certification - January 2009 - What We Like (Page 19) Certification - January 2009 - Look Ahead (Page 20) Certification - January 2009 - Look Ahead (Page 21) Certification - January 2009 - The New Convergence Formula (Page 22) Certification - January 2009 - The New Convergence Formula (Page 23) Certification - January 2009 - The New Convergence Formula (Page 24) Certification - January 2009 - The New Convergence Formula (Page 25) Certification - January 2009 - Cybersecurity: Are You Safe? (Page 26) Certification - January 2009 - Cybersecurity: Are You Safe? (Page 27) Certification - January 2009 - Interface (Page 28) Certification - January 2009 - Interface (Page 29) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 30) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 31) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 32) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 33) Certification - January 2009 - Inside Certification (Page 34) Certification - January 2009 - Inside Certification (Page 35) Certification - January 2009 - Inside Certification (Page 36) Certification - January 2009 - Ad Index (Page 37) Certification - January 2009 - Endtag (Page 38)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.