Recommendations for file sharing and cable modem sharing

[Bill]

Make sure to collect the frequent-flying-miles Gary S.

[cdub1988]

Gary -

Take this for whatever it's worth to you (which may not be much).

I suggest to anyone who has a dedicated connection to setup a router to sit behind.

Even if all I'm doing is file sharing, I'd rather protect the data.

Port forwarding will likely be the worst thing you have to deal with unless you're pulling the cable yourself, in which case, it's not always fun.  

But that aside, with the built-in webmin interfaces on most all routers, you can setup the network quite easily to run DHCP or static on the backside of the router (your network) and have the router configured to get its IP via DHCP from the cable co.

<rant>

As far as wireless, well, that's up to your preference.

Personally, I still have many issues with it.

I don't think it's near as secure as many think.

Case in point: my pastor (25+ years experience in the MS world) goes out to setup a new laptop on a Bell DSL line that is using a wireless access point.

He can't for the life of him get the laptop to access the 'net via the DSL connection in his friend's house and then, lo and behold, it starts working.

That's FANTASTIC, right?

WRONG.

Came to find out that pastor had hit the access point in the neighbor's house and was using his pipe, with full-browse capabilities via Network Neighborhood.

Not a nicetie of the wi-fi scenario.

But then again, maybe your setup would be different.

I know for me, it will be hard wired or not at all.

Cat5 is still the way to go. I don't care if I have to walk to my box to do something.

But hey, if it works, by all means, use it.

By the way, if you think that it can't happen to a Classic box,  think again. It's not perfect, though much more secure than Windows.

That site has multiple password-level hacks for Classic, as well as much more.

I fear X will soon follow suit.

That's the world we live in.  

</rant>

Seriously, though, Gary, I'd at least entertain the hardwire fix sitting behind a router.

Just precautionary, if nothing else.

What was that Boy Scout motto again........  

Take care, Gary.

If I can help in any way, let me know.

Chris

[Gary S]

Chris,

Thanks for the heads up.

Ah...........I'll be definitly getting a router!    

You just helped me make the decision.    

I have to go about 35' to where the other computer will be.
I figured I'd buy 50' of Cat5 and a router and that should do me.
I wish these maple floors weren't so hard. Drilling through them and the tounge and groove sub-floor isn't the easiest. I better make sure I have a sharp drill bit.        

Any recommendations on router brands? I've been reading comments here and of course everybodies got an opinion- some good some bad.

 DealTime

[cdub1988]

Gary,

I've seen several brands.

I've read decent things about the SMC Barricades, as well as the D-Links.

I used to be a big Linksys fan till I suggested the BEFSR-41 to pastor and it blew up on them on the DSL at church.

He went to CompUSA I think and bought one of their stock off-the-shelf ones for like $45 with no worries.

Works like a champ.

The brand name will definitely vary the price, but I'd feel comfortable personally with an SMC or D-Link.

Hope that helps.

Take care, Gary, and let us know how it all comes out.

Chris

[cdub1988]

Haven't used it personally, but I've had GREAT luck with all the Belkin stuff I've used.

A  quick look at a Belkin.

 More comparisons.

Might check around to verify pricing differences between the stores.

Spoke to the tech support at MicroCenter where we purchased our eMac for the office here and the guy told me about  this brand (Hawking) and raved about it.

Said it was probably one of the best brands they carry.

Hope that helps, Gary.

Chris

[Gary S]

Thnks for the links Chris. I'll let you know how it shakes out.

[kps]

Gary, the tech at charter is probably right, I haven't thought of cable, I based my answer on my personal experience with DSL. With a hub alone I couldn't bet it to connect through PPPoE.

Chris, invading someone elses wireless network is the result of bad configuration of the router. The first thing is to change the name of the network. Many routers ship with the name default, so if the owner does not change it, and someone else has that set in the wireless config then they could access any network who's name is 'default'.

Next, you can set the WEP encryption key, which would prevent access even if someone guessed the name and connected to your Wi-Fi network.

In my case, I know for a fact that none of my neighbours (within 200') have any sort of Wi-Fi, most don't even know what it is.

[Mayo]

Security has been covered elsewhere on this forum, but I would like to mention quickly that WEP encryption can be easily broken using readily-available software, so it is not a panacea.

In fact, all of the easily-implemented, common ways to secure a wireless LAN can be defeated if someone wants to do so.  Most people would be surprised to find out just how easy it is to gain access to even a so-called "closed network."

These common security procedures are the digital equivalent of a padlock, which everyone knows only keeps honest people honest...

The only sure way to be secure is to encrypt all traffic, whether it is being transmitted between computers on your LAN or e-mail/surfing on the Internet.

I don't mean to sound paranoid...these are just the facts as I understand them.  Individuals have to examine their own risk and plan accordingly.
 
 [ 03-13-2003, 11:42 PM: Message edited by: Mayo ]

[kps]

Personally, I have a very high comfort level with my set up. The chances of someone coming within range of my signal, locating my network, connecting to my network, decrypting my WEP key, is practically non-existent.

Wireless is the only way to go, IMHO. I wouldn't do it any other way. Even if someone would take all that time to find me, break 128bit encryption (same as secure browsers through which you send in your credit card numbers), get an IP (since DHCP would be turned off) to connect with, all they would get is an internet connection. To steal any files they would have to login to one of my machines (provided they were on in the first place) as a legitimate user. How much time would a hacker spend on trying to break into a home machine? Answer: 0 There is nothing to gain. OTOH, if you leave the door wide open by not setting up your router properly...

Some basic tips:

Asign static IPs to your machines and deny all others by disabling DHCP on your router.

Enable the highest encryption level allowed by your router.

With OS X, to share files you need a user name and password. In other words you need to login.

[Mayo]

Like I said, it all depends on your comfort level.  I just wanted to make sure that people understand that wireless is less secure than many people think.

The tips KPS offers are good ones.  Unfortunately, many people don't even bother to enable WEP, much less opt for static IP addresses vs. letting the router assign addresses via DHCP.  In my mind the whole point of this discussion is to alert people to the idea of using the security features that are available.

If I understand it correctly, breaking the WEP encryption is an entirely different undertaking than going after 128-bit encryption used by browsers.  It is much easier and entails using free software that monitors packet traffic on a wireless LAN.

The nitty-gritty details on how to accomplish this is available in the security chapter in "The Wireless Networking Starter Kit."  The Inadequate WEP encryption is just one of a number of holes in wireless networks.

While turning-off file sharing will keep people from manipulating files on a Mac, the unencrypted traffic can be intercepted, whether they be graphic files or plain text.  For example, unless you are using SSL-enabled e-mail transfers, authenticated SMTP (outbound) or APOP (inbound), your e-mail account password is transmitted as plain text...

Depending on how a wireless network is configured it can be ridiculously easy to hack or more of a bother.  And while it is probably not likely that someone will be attempting to get into a typical home wireless network, I would think that the chances increase if you live in an urban area.

Just keep in mind that your typical wireless gateway transmits an omni-directional signal that can be picked-up by a directional antenna or someone driving around with a portable computer or sitting on the roof of a central buliding in a city.

The information to crack the WEP encryption can be gathered without anyone having to actually monitor the computer running the snooping program.  Eventually the WEP key will be captured, and the time it takes to do is only dependent on the amount of data that is transferred on the monitored LAN and how the WEP key was created.

And with the increasing push by Intel and other companies to get people using WiFi, I wouldnt' take too much comfort in assuming that there aren't any other wireless LANs nearby.

I'm still hoping that someone will read the article for which I posted a link earlier in this thread.  Apparently data packets can be intercepted on a cable LAN using the same or similar readily-available software used to monitor wireless traffic.  Now THAT'S scarry!
 
 [ 03-14-2003, 02:53 AM: Message edited by: Mayo ]

[kps]

Mayo, you're quite right about the difference between a 128 bit WEP key and 128 bit encryption in a browser, I screwed up...

You make many valid points that  need to be considered when persuing this kind of an endevour. I'm willing to use the padlock until something better comes along.

[Mayo]

I am not the kind of person who wants people to become even more fearful...Gawd Knows a heck of a lot of very poor decisions are made because people are told to be fearful of, well...just about everything.

It sure is having an effect on our physical and mental health in the good ol' USA...

The padlock security level is probably fine for most folks, as long as they invoke those basic controls.  It is quite easy to securely encrypt sensitive data on those occasions when a padlock may not seem like enough protection.  I routinely encrypt certain files when using my wireless LAN to share files.

Most people assume a basic level of personal privacy exists because they do not know just how easy it is to gain access to things like computers, portable phones, and even baby-room monitors.

I assume any data sent via a wireless transmitter is the equivalent of a postcard sent in the mail, and that it is up to the individual to decide how much information they are willing to share with the world.