ok....

just installed the beginnings of a wireless network.

Got a Linksys 11b router and a Linksys 11b card for the Windows (parents) machine.

started locking down the network aspect.

couldn't get 128-bit WEP to work with WinXP until I upgraded the drivers and firmware, switched to channel 11, and entered the key in Hex. But I finally got it working.

I restricted MAC address to just the Windows (parents) machine's wireless card allowed. when I get my wireless card I'll add in mine later.

turned off SSID broadcasting.

changed the SSID to something not completely obvious.

Allow only the required number of DHCP users (I would just hardcode in the IP's and block everything else, but the router is too cheap to let me, it basically requires DHCP), and set DHCP expiry date to maximum.

used a strong password for the router and turned off all extraneous shit.

now I'm locking down the parents computer since they are putting it on the wireless network for the first time (used to just be a modem-using machine).

router has a NAT "firewall", wish I had gotten the ones with SPI (aka stateful filtering) but you can't get everything if it's cheap.

I've pretty much done everything right, right? Besides getting a real router like a REAL Cisco, which I can't afford, or using a cheap Unix box as a more flexible router/access point, which I also can't afford...

what's your opinion on the security level T0ki and warez? (if you're reading)

I know it won't stop any truly serious badass, but mainly, I'm just trying to keep people from jacking my connection or getting in easily. Make wardrivers go to someone else's house instead of mine.

and 128-bit WEP should stop most people from doing anything... I mean, not like people are gonna park in a neighbor's driveway without attracting suspicion in my neighborhood... and I really doubt my neighbors are 31337...

ttt

Well, the only thing you didn't do is put it behind a VPN. lol

As long as your parents don't download any trojans, they should be fine. lol

Rob, just curious, but there isn't a POS machine lying around you could turn into a router using a unix/linux distro like astaro or something like that?

If you're interested, check out a program called Airsnare. It allows
you to quickly detect any wardrivers or unauthorized connections.

"Rob, just curious, but there isn't a POS machine lying around you could turn into a router using a unix/linux distro like astaro or something like that?"

I have an old 450mhz PIII, but I'm still using it.

"If you're interested, check out a program called Airsnare. It allows you to quickly detect any wardrivers or unauthorized connections."

I'm checking it out.. thanks!

Good thread Rob.

I used it to set up security on my Linksys.

Gracias, muchacho!