I've had broadband for quite a while now and I thought it was about time I got myself a WiFi router/modem. It wasn't really that much of an issue in the past as I had my PC connected directly via a USB modem. However, since my usage of the laptop had become more apparent (as I couldn't be arsed sitting at the desk), and the neighbours' network connection varying in strength, I decided it was time I played fair.

I'd bought a WiFi router in the past for the family home and as it was a decent bit of kit I decided to go for one for myself. It's the Belkin ADSL2+ Modem with High-Speed Mode (125Mbps) Wireless-G Router (Not one to say after a few bottles of Magners) full description found here.


Click to view larger image (+)

Now, this little item cost me £79.99 from Staples, and yes, I know I could have got it cheaper (£73.04 from Dabs.com), but I took two factors in to consideration. 1. You've generally got postage to pay on online orders. If it's free then it's anyone's guess as to when it will arrive. Or if not, it's an extra fiver or so. 2. Staples is literally round the corner from my flat and it's sort of on my way home from work, which helped with my spur-of-the-moment purchase decision. Besides, I love the technical abilities of the staff that work at Staples - hah!

After unpacking and plugging in the power, I switch it on via the power switch at the back of the router. I connected up my main PC into one of the ethernet ports (I chose port No.1 just for the hell of it). Normally I would have used the installation CD, but as I've done it before, I couldn't be bothered. The CD basically presents you with the HTML page for the router config, but I knew already that the default IP would be 192.168.1.1.

There is a 'Setup Wizard', but I hate wizards. I'd much rather sit down and choose the options manually, that way should there be a problem later on down the line, then I know where to look for the correct settings to change. Before I do any config setup, I take a little visit down to 'System Settings' at the bottom. Add a password and sort the time and date out. Apply changes and it's back to the top again. 'LAN Setup' then 'LAN Settings' this time. You should always change the IP address of the router (I simply changed it to *.2.1 for this example - see below), as I've already seen a list of router default settings (IP, Password, SSID, etc) on the web. It just add another layer of security. Tescos, every little helps. Everything else can stay default.

Next it's off to 'Internet WAN' and start off with 'Connection Type'. Options are:

PPPoE

PPPoA

Dynamic IP (1483 Bridge)

Static IP (IPoA)

Modem only (Disable Internet sharing)

The top two are as follows: PPPoE - Point-to-Point Protocol over Ethernet & PPPoA - Point-to-Point over ATM (Asynchronous Transfer Mode). Forget the rest.

I went for PPPoA. Click 'Next' and you are presented with the ISP settings. Enter your ADSL username and password and the VPI / VCI (Virtual Path Identifier / Virtual Channel Identifier). I put mine to 38, but I know that Tesco.net, for example, uses 37. It's best you check with your ISP. Everything else can be left, unless you have a static IP. Click 'Next' and then 'Save/Reboot'.

On reconnection you should be prompted for a password (which you've just added), enter it and choose 'Channel and SSID' under the 'Wireless' section. Give your SSID a new name and uncheck the 'Broadcast SSID' option. Another level of security as it won't be visible to other parties. Click 'Apply Changes'.

Next step is to click on 'Security' under the 'Wireless' section. Pick your 'Security Mode' of choice. I'd strongly recommend WPA-PSK (Wireless Protected Access - Pre-Shared Key), however, all of the mainstream encryption methods can be cracked with relative ease providing you have the right setup. So although WPA-PSK is harder to get past than WEP it is still possible. If not already picked, choose 'TKIP' (Temporal Key Integrity Protocol) as the 'Encryption Technique'. TKIP scrambles the keys using a hashing algorithm and also ensures that the keys haven’t been tampered with. AES (Advanced Encryption Standard) is more secure - used by the US DoD - but it might not be compatible with your WiFi adapter. My PDA doesn't support it, for instance.

What I would recommend is take a visit to https://www.grc.com/passwords.htm and go for either '63 random printable ASCII characters' or '63 random alpha-numeric characters (a-z, A-Z, 0-9)'. Both are suitable for the 'Pre-Shared Key (PSK)' section. Picking one of the randomly generated passwords as a key increases the security levels. From the website:

"Every one is completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again."

Click 'Apply Changes'.

I then setup a 'Virtual Server' (or Port Forwarding) under the 'Firewall' section for Remote Access to my PC. It's really easy to do and even gives you pre-defined options, so you don't have to mess around with ports. To add a bit more security, you can filter the MAC (Media Access Control) address of the devices connecting to the router under 'MAC Address Filtering', funnily enough. There are two ways to find the MAC address of the PCs:

1. Click Start > Run and type 'cmd'. Next type, 'ipconfig/all' and you should get something like:

The MAC address is under the 'Physical Address' - 00-90-4B-FA-18-6D in this example. However, a much simpler and more efficient way is to use the web interface for the router. Under 'LAN Setup' click 'DHCP Client List' and you will be presented with all the devices connecting to the router, their IP Address, Host Name and MAC Address. It will store details of devices which have connected in the past, but are not necessarily currently connected, which is useful.

So that's about it, really. The manufacturers make it very simple to get Wireless up and running as the default settings are generally the ones you'd pick anyway, unless you are doing some serious customisations. Routers like these have firewalls in place, which are much more effective at stopping intruders than software based ones. Although it's better to have both the Windows firewall and the router firewall enabled, I have chosen to just stick with the hardware variety to save on resources.