Part 4: Practice and Projects

A Real-World Example

Now that I've explained the general steps for setting up security, let's now go through it with real screens. The example below focuses on probably the single most popular Wi-Fi device there is: The Linksys BEFW11S4 wireless residential gateway. For the client adapter, I'll use the Orinoco Gold PCMCIA card.

The gateway's configuration system is Web-based. There's an embedded Web server inside the gateway, and you enter a non-routable IP address into your Web browser to bring it up:

http://192.168.1.1/

(This is the address my own unit uses. Check your product documentation to make sure this is the same address used by yours!) Figure 14.2 is a portion of the configuration screen.

click to expand
Figure 14.2: The Linksys BEFW11S4: configuration screen.

If you have WEP disabled (as it is by default) the Disable radio button will be checked and the WEP Key Settings button will be grayed out. Once you check Mandatory, the WEP Key Settings button will come to life. Click on it. A child window will appear over the first, and it will look a lot like Figure 14.3.

click to expand
Figure 14.3: The WEP Key Settings Screen.

The first time you bring it up, the passphrase field will be blank, and the keys will be all zeroes. Type in your chosen passphrase (Let's just say that I recommend against using the one shown here!) and click the Generate button. The four key fields will be filled with the generated keys, all in hexadecimal.

If all your Wi-Fi client adapters are from Linksys as well, you don't have to write down the four keys. For any given passphrase, the key generator from the same manufacturer will (almost always) generate the same keys. Key generators are not standard across all manufacturers, however. If your client adapters are from other manufacturers, write down the four keys. Check them digit-by-digit against what's on the screen. One digit off, and the connection will not work.

Once your four keys are safely written down, click the Apply button. The child window will clear, and you'll see the message 'Settings are successful' with a Continue button. Click Continue. If you didn't change anything on the main configuration screen, you can close your Web browser. If you did change something, click the Apply button at the bottom of the main screen, click Continue, and then close your browser.

That's it! WEP is now operating on your gateway.

Now you have to enable WEP with those same keys on all other wireless clients in your network. If you have Linksys client adapters, the process will be similar, and you can use the same passphrase in the client adapter key generators. Otherwise, you will have to type in the keys manually.

For this example, I'm going to use the Orinoco Gold PCMCIA card, as it's very common and characteristic of those client adapters that do not provide key generators.

To begin, run the Orinoco Client Manager, which was installed with the Orinoco Gold card. The main screen is shown in Figure 14.4.

click to expand
Figure 14.4: The Orinoco Client Manager.

Pull down and select the Actions | Add/Edit Configuration Profile menu item. This will bring up a child screen allowing you to select a profile to edit. See Figure 14.5.

click to expand
Figure 14.5: Selecting a Profile to Edit.

Make sure the profile that you want to change is shown in the pull-down list. (Here it's called 'Home.') Click the Edit button. This will kick off a five-screen wizard, of which the Set Security screen is #3. You move from screen to screen by using the Back and Next buttons at the bottoms of the screens. The Set Security screen is shown in Figure 14.6.

click to expand
Figure 14.6: The Set Security Screen.

To enable security, you must check the Enable Data Security check box, and then enter the four keys. Also make sure you check the Use Hexadecimal check box, for compatibility with other equipment. Orinoco allows the use of alphabetic characters in its keys, which is something most other manufacturers do not support.

There is no passphrase support like the Linksys BEFW11S4 gateway has, so you'll have to manually enter the four keys generated by the gateway. Check your typing twice. Once you have all four keys entered and checked, click next until you reach the final screen, which has the Finish button at the bottom. Click the Finish button, and you're done!

Make sure you test the new WEP-enabled connection. Once you've finished configuring WEP for your first client machine, do the same for any additional client machines. At that point, you've done virtually everything useful in terms of security for a home office or small office wireless network. Other measures like virtual private networks can be very useful, but require an 'other end' using expensive server software. If you have the ability to do this (generally through your work location) you'll know it.

Setting Up WEP Using Windows XP's Built-In Wi-Fi Support

Whenever possible, I prefer to use the client utility that comes with a Wi-Fi client adapter to set up its various configuration options, including WEP. There are a few client adapters that won't install a client utility under Windows XP, but instead rely on the built-in Wi-Fi support that XP offers. If you install the drivers for your client adapter under Windows XP and discover that the install CD hasn't also installed a client utility, you can still set up WEP right from Windows XP.

To set up WEP using XP's built-in support, follow these steps:

  1. Open the Network Connections applet from Control Panel. The applet is shown in Figure 14.7.

    click to expand
    Figure 14.7: The Windows XP Network Connection Applet.

  2. Your Wi-Fi client adapter should be listed as one of the wireless network connections (probably the only one) in the main pane. Right click on it and select Properties. The Properties window will appear. Click the Wireless Networks tab at the top of the window. On the Wireless Networks tab is a list of available networks, also known as the 'site survey.' What you see will look something like Figure 14.8. Your network (named by its SSID) should be present in the list of available networks. Other networks may be there as well, if you're close enough to them. These would include networks owned by your neighbors or companies in nearby offices.

    click to expand
    Figure 14.8: The Windows XP Site Survey Window.

  3. Click on your network in the list of available networks to highlight it, and then click the Configure button. You'll see a window something like that in Figure 14.9.

    click to expand
    Figure 14.9: The Association Configuration Window.

  4. 4. Un-check the item labeled 'The key is provided for me automatically.' That may be true someday (after the new Wi-Fi Protected Access standard is implemented) but it's not true yet. You need to enter the key manually. When you un-check the item, the window will change, and the Network Key field will become live (see Figure 14.10).

    click to expand
    Figure 14.10: Entry of WEP Keys.

  5. Type in the first of your four network keys. You'll need to type it twice, as the key is not echoed (except as generic dots) when you type it, and Windows needs to be sure that you typed it correctly. If both entry attempts don't match, an error will be displayed and you'll be required to enter the key again. In most cases, one key is all you need, but if you are using multiple keys (Wi-Fi supports up to four) you enter additional keys by incrementing the Key Index field to the next higher key index and entering subsequent keys.

  6. When you've entered all the keys you'll be using, click OK. It will take a few seconds for Windows XP to negotiate the connection, but within thirty seconds you will either have an encrypted connection or know that something is wrong. If you're reading WEP keys written down on paper, make sure they're correct-typing the wrong key twice isn't any better than typing the right key once!

That's all you need to do to enable WEP for Windows XP, using XP's built-in Wi-Fi support.



Jeff Duntemann's Drive-By Wi-Fi Guide
Jeff Duntemanns Drive-By Wi-Fi Guide
ISBN: 1932111743
EAN: 2147483647
Year: 2005
Pages: 181

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net