Secure wireless connection
December 22, 2005 6:22 AM   Subscribe

Wi-Fi for dummies: I have a brand-new AirPort Express. My iBook already has an AirPort card, and I'm about to set up a reasonably secure wireless connection at home (I have an iBook, OSX, and a Windows 2000 IBM laptop). Online resources are either pretty dry and technical (as I said, I'm not really a computer person) and some advice seems, frankly, a bit confusing. Can you point me to a good online tutorial for setting up the network? Thanks and happy holidays.
posted by PenguinBukkake to Computers & Internet (10 answers total)
 
I'm on line a few hours a day only, but when I am I'd like to use my full download speed (T1).
posted by PenguinBukkake at 6:24 AM on December 22, 2005


If i'm not mistaken, a T1 is a 1.54 Mbps connection, and your wireless setup will be 54 Mbps, so you should have no problem utilizing your total bandwidth. As for online tutorials, I think the instructions over in Apple's support forum should be good enough, no? Have you read those already? (I assume you've looked at the sites that show up when you search for "secure wireless connection"?)
posted by chunking express at 6:42 AM on December 22, 2005


chunking, thanks, that's the first place I looked, but, see, technical lingo such as
if you have a WDS network set up to use either no security, or 40 or 128-bit WEP, and you decide to change the network security settings to WPA Personal, you will need to reset all of the base stations on the network, and then set up the WDS network again.
flies over my head. my fault, I know, but still, it's not really "for dummies", do you know what i mean?
posted by PenguinBukkake at 6:58 AM on December 22, 2005


One of the things you can do to create a secure connection is:

Click on the Change Wireless Security button.

Select WPA Personal from the dialog box and create a password.

If you are going to be the only one connecting to the base station, in the Access Control tab, click the + button to add your machine to the list by clicking the "This computer" button. This way, only your MAC address (the specific address of your wireless card) can connect.

That should be enough security, unless you are fort knox!
posted by _zed_ at 7:12 AM on December 22, 2005


In other words, you can ignore the things that you are unfamiliar with (i.e. WDS, etc.) and just go with WPA!
posted by _zed_ at 7:13 AM on December 22, 2005


Steve Gibson and Leo Laporte's weekly "Security Now" podcast did a whole series on Wireless Security, and NAT Routers. Part one covered WEP and MAC address filtering and part two was all about WPA. Probably not a bad place to start.

ps. If you don't want to listen they have transcripts of all the shows on the site.
posted by Captain_Science at 7:22 AM on December 22, 2005


Well, I'm not sure where you can find a simple tutorial, but here are the things you need to do if you want a secure connection.

Turn off "broadcast SSID". I'm not sure if it is called something else in an Airport router, but that is basically the name of your wireless connection.

Turn on WPA, which is what will secure your connection. You need to pick a password, which you will enter when you try and connect with your Mac and PC.

(You can also filter Mac addresses, but this isn't such a big deal.)
posted by chunking express at 7:24 AM on December 22, 2005


Ok, this is a relatively simple problem; you don't really have to do that much to get this running. I believe all you have to do is plug in the AirPort, and run the automatic setup program on the Mac, to get it running in a basic form.

Use a throwaway password and WPA key when you first configure it, because the initial setup appears to be done over an unencrypted link. Once you have it running encrypted, then change the password and WPA key again to what you really want. Or configure it via wired cable, but when I first got mine (very first shipment) they didn't support configuration via anything but wireless. Getting it running on a Windows machine, at the time, was....um, interesting. :)

I don't have time to do a full writeup, but make sure to use WPA or WPA2. (these are encryption protocols). Do not use WEP. WEP, the old encryption method, is now completely insecure and can be broken in under five minutes by anyone with a clue... they can drive up outside your house/apartment, and be into your network almost immediately. WPA and WPA2 are, at present, not known to be insecure. This is the best you can get with wireless... you are, after all, broadcasting a detectable signal to everyone within a couple of miles.

WDS is for wireless bridging, and since you have only one base station, you can ignore all references to it. If you're in a big building, it can be handy to have more than one access point, and WDS is how you mesh separate APs into a single network. (This hurts throughput though, because everything one AP hears is broadcast to the other... this at least halves your network speed.)

Basically, the Setup Assistant should lead you through getting it running in a basic form pretty easily... as long as you then switch to WPA2 security with a long key, and the Airport has a good strong password, you should be in pretty good shape.
posted by Malor at 7:28 AM on December 22, 2005


Not broadcasting SSID doesn't do very much good anymore, and Windows was having big trouble with that at one time. I'm not sure whether or not they fixed it, but XP would regularly disconnect and reconnect if you didn't broadcast SSID, making long downloads impossible.

Anyone with a clue can sniff your SSID anyway. Don't worry about broadcasting it. Whatever you choose, just make sure it's not very descriptive so people don't know who the AP belongs to.
posted by Malor at 7:29 AM on December 22, 2005


I'd mark each and every as best; thanks, really: let's say that Malor is the recipient of "Best Answer in a Leading Role", and takes the prize ex aequo with the other posters.
posted by PenguinBukkake at 11:29 AM on December 22, 2005


« Older I'm thinking of joining the Na...   |  Occasionally our university we... Newer »
This thread is closed to new comments.