stop stealing my wireless!
February 3, 2007 1:19 PM Subscribe
I can't figure out how to get people to stop stealing my internet because I am computer-stupid.
I have a mac and my husband has a mac, and we have wireless internet, and I can't for the life of me figure out how to password protect my internet so that all my neighbors will stop stealing it. My network is listed as "default," and none of the software that came with my modem or router will work on my computer. I looked through askmefi, but couldn't find the answer. Help me.
I have a mac and my husband has a mac, and we have wireless internet, and I can't for the life of me figure out how to password protect my internet so that all my neighbors will stop stealing it. My network is listed as "default," and none of the software that came with my modem or router will work on my computer. I looked through askmefi, but couldn't find the answer. Help me.
Of course, to make the mac "just work" requires the mac base station. Then you'd be able to use the that nifty "Airport Admin" utility in your Applications folder.
posted by chota at 1:25 PM on February 3, 2007
posted by chota at 1:25 PM on February 3, 2007
cschneid is spot on, but since you claim computer-retard status, let me clarify what he's saying.
your router has a control panel that you can access by typing its "local address" using one of the computers hooked up to your "default" wifi signal.
once your in there, go to your security settings and try to set up some kind of protection - in the form of a key or password that will from that point on, be required to log in. so when you select your network, a window will pop up and ask you for the password.
the most problem-free way of doing this might be to use an ethernet cable to connect hardwire to the router to avoid any bullshit. this is because when you apply your new security settings, the wireless signal may drop.
posted by phaedon at 1:34 PM on February 3, 2007
your router has a control panel that you can access by typing its "local address" using one of the computers hooked up to your "default" wifi signal.
once your in there, go to your security settings and try to set up some kind of protection - in the form of a key or password that will from that point on, be required to log in. so when you select your network, a window will pop up and ask you for the password.
the most problem-free way of doing this might be to use an ethernet cable to connect hardwire to the router to avoid any bullshit. this is because when you apply your new security settings, the wireless signal may drop.
posted by phaedon at 1:34 PM on February 3, 2007
Best answer: cschneid is correct. The router's IP address (192.something) is also available in the mac GUI. In the network preferences panel, select "show: airport" from the top menu, then click the tcp/ip button. The router is shown there.
You should probably google on how to secure a wireless network but a brief summary for bare minimum security would be:
Connect to the router via a cable. You'll be changing the wireless settings, so managing it via wireless is not going to work.
Change the SSID to something other than the default it came with.
Change the administrator password on the router.
Enable WPA or WPA2. Pick a non-obvious password. You could use WEP, an older encryption standard, but it is very weak and actually harder to set up than the newer WPA standard.
I also suggest you change the SSID to something essentially random. So don't use your name, your address, or anything that identifies it as yours. Used something like "Grover" or "Moocow". It's a privacy thing.
Once you've set up a new SSID, new admin password, better encryption, and encryption password, you'll need to reattach your macs, which should be pretty straightforward.
If you want to get very serious about security, you can also disable SSID broadcast and use MAC locking, but let's not talk about that till you do the basics.
posted by chairface at 1:36 PM on February 3, 2007 [1 favorite]
You should probably google on how to secure a wireless network but a brief summary for bare minimum security would be:
Connect to the router via a cable. You'll be changing the wireless settings, so managing it via wireless is not going to work.
Change the SSID to something other than the default it came with.
Change the administrator password on the router.
Enable WPA or WPA2. Pick a non-obvious password. You could use WEP, an older encryption standard, but it is very weak and actually harder to set up than the newer WPA standard.
I also suggest you change the SSID to something essentially random. So don't use your name, your address, or anything that identifies it as yours. Used something like "Grover" or "Moocow". It's a privacy thing.
Once you've set up a new SSID, new admin password, better encryption, and encryption password, you'll need to reattach your macs, which should be pretty straightforward.
If you want to get very serious about security, you can also disable SSID broadcast and use MAC locking, but let's not talk about that till you do the basics.
posted by chairface at 1:36 PM on February 3, 2007 [1 favorite]
Yes, per cschneid's comment, you need to access your settings through your web browser. One thing to note is that a few routers out there don't work perfectly with Safari. So if you are using Safari and it gives you problems, try again with Firefox.
One thing you also should do is to to disable wireless SSID Broadcast (this is the name of your router that you see in the Airport menu list). You'll be required to type it in manually on the Mac to connect the first time you use it, but for all but the most persistent, it will be invisible to your neighbors who are just joining open connections they see being broadcast. Definitely change the name and add a WPA (if you can) or WEP password. If you don't, they'll still be able to connect even if you stop broadcasting the SSID.
Once you get in through the web page, the manual that came with your router should be able to show you what to do to secure it.
posted by qwip at 1:41 PM on February 3, 2007
One thing you also should do is to to disable wireless SSID Broadcast (this is the name of your router that you see in the Airport menu list). You'll be required to type it in manually on the Mac to connect the first time you use it, but for all but the most persistent, it will be invisible to your neighbors who are just joining open connections they see being broadcast. Definitely change the name and add a WPA (if you can) or WEP password. If you don't, they'll still be able to connect even if you stop broadcasting the SSID.
Once you get in through the web page, the manual that came with your router should be able to show you what to do to secure it.
posted by qwip at 1:41 PM on February 3, 2007
Response by poster: I'm using firefox. Safari blows. I'm not sure still how to set up the password, but I can get in through that IP address. Does the password go to the internet, or to the wireless connection? shouldn't it be the wireless? I'll give it a go.
posted by bash at 1:45 PM on February 3, 2007
posted by bash at 1:45 PM on February 3, 2007
Response by poster: It works! I feel like a wizard!
posted by bash at 1:47 PM on February 3, 2007 [1 favorite]
posted by bash at 1:47 PM on February 3, 2007 [1 favorite]
Can you help us with the brand and name of the wireless router? Without that it can be very difficult to help
posted by KimG at 1:50 PM on February 3, 2007
posted by KimG at 1:50 PM on February 3, 2007
Response by poster: it's a trendnet wireless router. I think it works now. I can't really tell. There's so many places you can put a password.
posted by bash at 1:54 PM on February 3, 2007
posted by bash at 1:54 PM on February 3, 2007
Response by poster: oh wait. It really works. I did an wpa password or something? is there a way to change the name of my network from default to something else? there are several default networks around here. Thanks everyone.
posted by bash at 1:56 PM on February 3, 2007
posted by bash at 1:56 PM on February 3, 2007
Response by poster: I just figured it all out. I would die without askMeFi. Or at least not be able to watch movies online on account of everyone stealing my internet. Thanks smart internet people. God, I LOVE the internet. It's so awesome. Thanks again.
posted by bash at 2:01 PM on February 3, 2007
posted by bash at 2:01 PM on February 3, 2007
What brand and model is your router? Knowing that can help us a lot, along the lines of what cschneid has suggested.
posted by concrete at 2:01 PM on February 3, 2007
posted by concrete at 2:01 PM on February 3, 2007
If you want to get very serious about security, you can also disable SSID broadcast and use MAC locking
Aaargh! Stop spreading such nonsense. WPA2 + PSK is all you need, forget the snake oil.
posted by Rhomboid at 2:06 PM on February 3, 2007 [2 favorites]
Aaargh! Stop spreading such nonsense. WPA2 + PSK is all you need, forget the snake oil.
posted by Rhomboid at 2:06 PM on February 3, 2007 [2 favorites]
Thanks for calling me stupid via a link. I appreciate it. Sadly, Ou's article doesn't say how to secure a network. It's just unhelpful criticism that is easy to dish out.
posted by chairface at 2:11 PM on February 3, 2007
posted by chairface at 2:11 PM on February 3, 2007
There's no reason to disable SSID broadcast. There are several ways that your system identifies itself anyway. All disabling SSID broadcast does is remove the network from the initial browse list of remote clients. Any nefarious person can still tell it's there and can still break in if it's insecure.
Never use WEP. It can be broken in under five minutes by an average laptop in a car outside on the street. WPA and WPA2 are much more secure, but be sure to use a good, long password. There are brute-force password attacks starting, and because it's all wireless, you can't see them happening. A long passphrase (twenty or more characters) will make you much more difficult to attack that way, and you only have to type it in one time per computer.
posted by Malor at 2:16 PM on February 3, 2007
Never use WEP. It can be broken in under five minutes by an average laptop in a car outside on the street. WPA and WPA2 are much more secure, but be sure to use a good, long password. There are brute-force password attacks starting, and because it's all wireless, you can't see them happening. A long passphrase (twenty or more characters) will make you much more difficult to attack that way, and you only have to type it in one time per computer.
posted by Malor at 2:16 PM on February 3, 2007
Sadly, Ou's article doesn't say how to secure a network.
If you read the article at the bottom he provides a link to his Wireless LAN security guide.
posted by Rhomboid at 2:41 PM on February 3, 2007
If you read the article at the bottom he provides a link to his Wireless LAN security guide.
posted by Rhomboid at 2:41 PM on February 3, 2007
Hiding your SSID just makes things more difficult for legitimate users. The only security it provides is blocking casual bandwidth stealers, something much better solved by actually turning on WPA. MAC filtering is just the same.
posted by Good Brain at 4:45 PM on February 3, 2007
posted by Good Brain at 4:45 PM on February 3, 2007
When I was talking to Apple tech support when I recently set up a new wireless network with an Airport Express he said that WEP is good if you want people who come over to your house with their computers to be able to access your network. WPA is more appropriate when you don't plan on allowing anyone new into the network. Is that right?
posted by Taken Outtacontext at 5:43 AM on February 4, 2007
posted by Taken Outtacontext at 5:43 AM on February 4, 2007
Taken Outtacontext, the only way I can think that would be true is if your visitors have older hardware that doesn't work with WPA. Some older wireless cards, and specifically their drivers, don't support WPA. I'd guess that anything sold within the past two years or so should support WPA (except some consumer electronics with built-in wifi, like media players and whatnot). That's just a guess, though, and it might be commonly supported in even older equipment, too.
Otherwise, WPA-PSK (WPA using a password) is exactly like WEP: you enter the password once and you're connected. I've put visitors on my WPA-protected network and joined others' networks with no problems.
posted by whatnotever at 9:06 AM on February 4, 2007
Otherwise, WPA-PSK (WPA using a password) is exactly like WEP: you enter the password once and you're connected. I've put visitors on my WPA-protected network and joined others' networks with no problems.
posted by whatnotever at 9:06 AM on February 4, 2007
When I was talking to Apple tech support when I recently set up a new wireless network with an Airport Express he said that WEP is good if you want people who come over to your house with their computers to be able to access your network. WPA is more appropriate when you don't plan on allowing anyone new into the network.
The only reason I can think he would say that is that WPA is a newer standard, and some cards that are, say, two years old or older might not support it. Otherwise, they both require a password, but WEP is trivially easy to crack. It's like giving your friend a key to your house, but your WEP house has a door that you just jiggle a little to open, while a WPA house has sturdy doors with deadbolts and maybe bars on the windows.
posted by dirigibleman at 9:22 AM on February 4, 2007
The only reason I can think he would say that is that WPA is a newer standard, and some cards that are, say, two years old or older might not support it. Otherwise, they both require a password, but WEP is trivially easy to crack. It's like giving your friend a key to your house, but your WEP house has a door that you just jiggle a little to open, while a WPA house has sturdy doors with deadbolts and maybe bars on the windows.
posted by dirigibleman at 9:22 AM on February 4, 2007
Taken Outtacontext, I'd say that in many ways, WPA is more appropriate for an environment where you might want to give access to friends. WEP doesn't define standards for using passwords/phrases as keys, so in many cases, you have to enter a hex code into any new device you want to join the network. WPA lets you use a passphrase, which is usually easier to remember, communicate, and type.
posted by Good Brain at 11:29 AM on February 4, 2007
posted by Good Brain at 11:29 AM on February 4, 2007
I think what they were getting at is that in order for WPA to be truly secure, you really have to pick a password that is a long string of truly random characters. Here is an example of a site that can generate such passwords. It's not very practical to tell your visiting friend, "okay the password is "}Xv5bqV%d#hu.p8Gbg1]nOhyzS[(8XzH)4lH|$>V2E>>^(MO-yo{6ZVoVV3u9*" so instead it's common to put it on a floppy or USB thumb drive which can be handed to the person. This is a bit more work, but it's truly easy once you've done it a few times, and it's not that much of a big deal if you want real security. Using WEP or using a "regular" WPA password (4 - 8 alphanumeric characters) is not true security.
posted by Rhomboid at 2:15 PM on February 4, 2007
posted by Rhomboid at 2:15 PM on February 4, 2007
It works! I feel like a wizard!
That is the cutest thing I have read on AskMe in a long time.
posted by Famous at 12:58 AM on February 5, 2007
That is the cutest thing I have read on AskMe in a long time.
posted by Famous at 12:58 AM on February 5, 2007
It did seem odd to me that he'd say that. Thanks for the info.
posted by Taken Outtacontext at 4:17 AM on February 10, 2007
posted by Taken Outtacontext at 4:17 AM on February 10, 2007
This thread is closed to new comments.
Try typing in http://192.168.1.1 or http://192.168.0.1
If you get a password dialog, the username password pair is some combination of:
admin/admin
admin/password
admin/
Once you get into the config page, what you want to enable is 'WEP' (or WPA if you have it), and then give it a password that matches what it needs. Also, to change from default to something else, you need to change the setting 'SSID'.
Most routers have lots of help pages on the config screens to tell you what the options mean, you don't need 90% of the options. Good luck finding what you need.
posted by cschneid at 1:22 PM on February 3, 2007