Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
Proxim Symphony HomeRF Cordless Gateway
Author: Tim Higgins Review Date: 7/2/2001
- Range like you wouldn't believe! - Easy to set up - Supports bridging, wireless routing, or both! - Relatively inexpensive
- Broadband users may run out of bandwidth - Can't make any NAT firewall adjustments
Internal antenna, with no ability to attach "booster" antenna
Since HomeRF has been losing the wireless networking standards battle to 802.11b, I'd put off opening up the Symphony Cordless Gateway and PC card that Proxim had sent me months ago for review. Guilt, however, finally got to me, and now I'm kicking myself for not checking out HomeRF sooner! Read on to see why...
HomeRF!? Why bother?
Proxim's non-HomeRF Symphony products were one of the first wireless networking products that I tested. As that review shows, I was impressed by the ease of installation and product capabilities, but not impressed by the price, which was about $350 for the Gateway product.
A lot of wireless data has flowed through the PracticallyNetworked test lab since then, and the industry has seen the 802.11b / WiFi standard become the dominant wireless networking standard. Proxim has evolved along with the industry, developing a broad line of "enterprise-grade" wireless networking products including:
RangeLAN2 - Based on the 1.6Mbps Open Air standard
RangeLAN-DS - 802.11b based
Stratum - Building-to-building high speed network bridges from 10Mbps half duplex to 100Mbps full duplex!
Harmony - multi-standard wireless platform which can integrate their Open Air and RangeLAN-DS products, as well as support the integration of future wireless technologies.
Proxim has evolved on the consumer-focused side of their business, too, adding lower priced HomeRF based members to their Symphony product line. (They're also hedging their bets on the 802.11b consumer side, acquiring Farallon and their SkyLine 11Mb products.) They'll soon have products based on the 10Mbps HomeRF2 standard and I hope to be among the first to get a look at them when they're ready in a few months.
Meanwhile, I thought since I've never tested HomeRF products, that I probably should since they're widely available from Proxim and Intel (yes... Intel continues to sell their AnyPoint wireless USB and PC card... at least until they deplete their inventory). I'd also be able to quantify the performance differences between 802.11b and present HomeRF products, and have a basis of comparison to the 10Mbps HomeRF2 products when they're available.
Quick Feature review
Since the Cordless Gateway is the HomeRF equivalent of the Cordless Ethernet Bridge that I reviewed last year, I'll just do a quick feature review. Check out the other review if you need more details.
You can tell that the Gateway has been cost-reduced in order to be sold for about $160 vs. $280 for the older Ethernet Bridge. The enclosure is plastic vs. metal, but more significantly, the external antenna is gone, replaced by something that looks like a little metal mushroom growing out of the circuit board (I had to pop open the case to check out the antenna). "This isn't going to help their range", I thought. (Note: As you'll see, what I don't know about RF design would fill volumes!) Proxim thoughtfully added a second, reverse-wired ("uplink") 10BaseT connector to make it easy to connect the gateway to whatever Ethernet device you desire, without the need for a crossover cable. They even ship the Gateway with a plastic plug in one of the Ethernet connectors, a clear sign that only one at a time is to be used!
Kudos to Proxim for this small, but important feature! I wish all manufacturers whose equipment contains shared Normal and Uplink connectors would do this! I've burned many an hour wondering why my network was acting flaky only to find that I'd connected to both the normal and uplink versions of the same hub / switch port!
Note that the HRF Gateway will handle either the older "Open Air" based Symphony products, the newer HomeRF products, but not both at the same time.
The installation and admin processes are virtually the same, with small improvements, such as "Teach" and "Learn" buttons on the Gateway that make setup even easier than before. In addition to handling both client adapter and Gateway configuration and testing, the "Maestro" configuration tool handles File and Printer sharing setup and has a "Location Switcher" function that allows you to create multiple network profiles and switch among them... very handy for laptop users!
Note: You can only administer the Gateway from a wireless client.
Choose your mode
As shown in the screen shot above, the Gateway can operate in three modes:
Mode 1: Wireless Router
Mode 2: Wireless-to-Ethernet Bridge
Mode 3: Both (default)
Note that the Gateway does not route (share) Ethernet clients! This means that if you want to share your broadband Internet connection, the Gateway will handle sharing for up to 10 wireless clients only. In the third mode, the wireless and Ethernet clients will be able to share files and printers, but since they'll be on different subnets (the Gateway uses 10.X.X.X for its routed clients) you'll need to install NetBeui or IPX/SPX on each machine, since File and Printer Sharing doesn't work across subnets.
If you already have a router, then just use Mode 2, and the Gateway will act like an Access Point and extend your Ethernet subnet onto the wireless network. If you don't have a router, you can use either the included Proxim "Conductor" sharing software installed on one of your LAN computers, or another software NAT program like Microsoft's ICS, Sygate, WinProxy, etc.
Note: Proxim says that you can have only 8 Ethernet clients attached to the same network as the Gateway. This is due to the depth of the routing table in their firmware.
The wireless NAT router is pretty much a "black box", with no ability to map ports, control access, log traffic, etc. All wireless clients will be behind a NAT firewall, so the usual problems with gaming, VPN, teleconferencing, and other "advanced" applications will apply!