Author Topic: How to Protect your wifi-Lan  (Read 121144 times)

Offline Triplejolt

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 437
Re: How to Protect your wifi-Lan
« Reply #15 on: December 21, 2006, 07:12:06 AM »
Found this article on ZDnet. Explains what GRE tunnels are and their use (you link was down, pandlouk ;)).

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: How to Protect your wifi-Lan
« Reply #16 on: December 27, 2006, 10:49:52 AM »
Found this article on ZDnet. Explains what GRE tunnels are and their use (you link was down, pandlouk ;)).

Thanks. I corrected the link  :D

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: How to Protect your wifi-Lan
« Reply #17 on: February 03, 2007, 10:32:37 PM »
I updated the guide How to Protect your wifi-Lan

Offline d_squared

  • Newbie
  • *
  • Posts: 3
Re: How to Protect your wifi-Lan
« Reply #18 on: February 06, 2007, 06:58:58 PM »
Please look at the subnetting information again.  The last octet isn't supposed to be manipulated in that manner.

Assuming classical routing

1 computer & the router means that you need 2 IP's in addition to the network and broadcast, so you need to unmask the last 2 bits => 11111100 (255.255.255.252)

2 computer & the router (plus network and broadcast) means that you need to unmask the last three bits =>  11111000 (255.255.255.248),  and this means that you have room in the subnet for one more node (computer, printer, NAS, whatever attaches to the network

4 nodes & the router means that you need to unmask the last 4 bits => 11110000 (255.255.255.240),  this allows for up to eight total IP's to be in the subnet.

Normally this should be as far as you would need to go in a regular household.  Granted if you have more that 8 nodes and less than 16 the 224 subnet is what you need.

my 2 cents.  (too much cisco stuck in my head, I guess that means the Prof did a good job....)

 (R)

P.S. Of course if you throw out the classical rules and go VLSM or CIDR then all the rules change.  you no longer need to reserve two IP's.

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: How to Protect your wifi-Lan
« Reply #19 on: February 06, 2007, 07:47:39 PM »
Thanks for the info. I corrected it. ;D

Offline Triplejolt

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 437
Re: How to Protect your wifi-Lan
« Reply #20 on: February 07, 2007, 04:56:30 AM »
Don't forget IP Unnumbered, which allows IP traffic without an IP address... :)
 (:NRD)

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: How to Protect your wifi-Lan
« Reply #21 on: February 08, 2007, 08:11:39 PM »
Don't forget IP Unnumbered, which allows IP traffic without an IP address... :)
 (:NRD)
Thanks Triplejolt,
but the problem is that if I add the IP unnumbered configuration how will I explain it at the novice users? 88)

Offline d_squared

  • Newbie
  • *
  • Posts: 3
Re: How to Protect your wifi-Lan
« Reply #22 on: February 08, 2007, 10:57:11 PM »
For most home user that have a factory firmware in their wireless router, I don't think that they would even be able to select the option.  And those that are using aftermarket firmware probably know how to handle that particular scenario.

Using a WRT54GS as an example, all of the subnets that it will allow can be selected via a drop down menu.  So going into IP Unnumbered is not even an option.

Offline Triplejolt

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 437
Re: How to Protect your wifi-Lan
« Reply #23 on: February 09, 2007, 04:49:58 AM »
Don't put IP unnumbered in there Pandlouk... I was just trying to be funny :)
IP unnumbered is a feature used by Cisco to be able to conserve IP addresses. Normally, home DLS routers don't support this as this rely on tunneling protocols and Layer 2 capability.
« Last Edit: February 21, 2007, 03:06:18 AM by Triplejolt »

ocky

  • Guest
Re: How to Protect your wifi-Lan
« Reply #24 on: March 01, 2007, 08:12:29 AM »
Is it correct to say that my ADSL router's firewall also protects my wife's
laptop which connects to the net via a wireless access point ? The access
point is connected to my aforementioned router. Her wireless AP is  secured
with WPA2-PSK encryption key and uses the AES encryption algorithm.
Strong passwords were used for both the AP login and the encryption key.
Plus SSID is not broadcast and MAC access control (only my router's LAN port).
We are not networked i.e. no sharing is allowed and both have software firewalls etc.
Is my wife's laptop secure ?  :P
PS. I have the free Comodo Pro PF   :) and wife still uses Sygate 5.5    :(
« Last Edit: March 01, 2007, 08:31:31 AM by ocky »

Offline Triplejolt

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 437
Re: How to Protect your wifi-Lan
« Reply #25 on: March 01, 2007, 08:45:51 AM »
Is it correct to say that my ADSL router's firewall also protects my wife's
Yes. You are both "protected" by the routers firewall. The computer firewall is another matter :)

Offline sputnik365

  • Newbie
  • *
  • Posts: 10
Re: How to Protect your wifi-Lan
« Reply #26 on: April 08, 2007, 12:45:56 PM »
disable wireless management

Offline Triplejolt

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 437
Re: How to Protect your wifi-Lan
« Reply #27 on: April 11, 2007, 07:16:25 AM »
Why?

Offline imsoc

  • Newbie
  • *
  • Posts: 2
Re: How to Protect your wifi-Lan
« Reply #28 on: April 25, 2007, 12:34:58 PM »
Could someone please explain step #3 in a bit more detail?

My current network setup is as follows:

PC #1 - ethernet connection to wireless router (and modem)

PC #2 - wireless connection

PC #3 (my computer) - wireless connection

How do I isolate my computer from the other two, using the network zones and/or the firewall rules?
« Last Edit: April 25, 2007, 12:40:12 PM by imsoc »

Offline Eric Cryptid

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2932
  • Security Saskquatch
Re: How to Protect your wifi-Lan
« Reply #29 on: April 29, 2007, 05:16:58 AM »
Ok... One quick question on the subnet mask thingy. I'm using a Linksys WAG354G (Annex A) Wireless Gateway as my router. When I try to change the Subnet to 255.255.255.252 it says:

DCHP Start IP Address with Lan isn't in the same network


What am I doing wrong?

Moderator: Any concerns? PM me and/or review the Forum Policy
System: 64 bit Win 10
Realtime Protection:CIS 12

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek