Figure 1 Back panel of Linksys router
Revised: August 26, 2005
By Richard G. Baldwin
File: FwlProj030.htm
This laboratory project was prepared specifically for the benefit of my students who are enrolled in ITNW 1351, Fundamentals of Wireless LANs.
The project was designed under the assumption that students enrolled in the course have successfully completed the prerequisite course, ITNW 1325, Fundamentals of Networking Technologies.
The project design also assumes that the students are actively studying the material in the prescribed textbook for this course, which explains such complex topics as the IEEE 802.11g wireless specification.
Another browser window
I recommend that you open another copy of this document in a separate browser window so that you can easily view the discussion and the figures at the same time.
The purpose of this project is to show you how to implement simple WEP encryption.
Not the strongest encryption
Although WEP encryption isn't the strongest type of wireless encryption available, it is the easiest to implement, and it is relatively universal. Most equipment in most wireless networks will support WEP, which can't be said for the newer and stronger types of wireless encryption.
Strong enough for many purposes
Furthermore, unless your neighbor in the apartment next door is skilled at breaking into wireless computer networks, WEP encryption should be sufficient to keep your neighbor from tapping into your Internet access and using it without your permission.
No in-depth coverage of encryption in this project
This project does not provide in-depth coverage of wireless encryption. Future laboratory projects will explore wireless encryption in considerably more depth.
The following equipment is required (some is optional) to complete this laboratory project:
Not an in-depth exploration of wireless security
This laboratory project is not intended to be an in-depth exploration of wireless security.
By completing this project you will learn the mechanics of implementing simple WEP encryption on your wireless Linksys router.
The project will concentrate on mechanics, and you will not learn any of the theory behind WEP encryption simply by completing this project.
WEP is a weak form of encryption
While WEP encryption is not as strong as other forms of encryption that are available for wireless networks, it is relatively universal in the wireless network world.
(For example, there may be machines on your network that are not capable of supporting the stronger forms of encryption but they probably will support WEP.)
What will WEP encryption accomplish?
WEP encryption should be sufficient to:
What will WEP encryption not accomplish?
Note, however, that if your neighbor is skilled in the black art of breaking into wireless networks, he will probably be able to defeat your WEP wireless encryption and break into your network as well.
What will you do in this project?
In this project, you will:
Access to administrator panel is required
In order to implement WEP encryption, you will need to access the administrator panel on your router as described in the earlier project entitled Connectivity and Security ...
Use either cable or wireless connection to the router
You can implement WEP encryption by accessing the administrator panel either via a patch cable, or via a wireless connection to the router.
However, the process may be a little cleaner if you access the administrator panel using a patch cable.
If you access via wireless ...
If you access the administrator panel via a wireless connection and implement WEP encryption during that session, you will be automatically disconnected from the router as soon as you implement the encryption.
It will then be necessary for you to reconnect to the router via wireless, this time providing the encryption password in order to be able to reconnect.
If you access via a cable ...
If you access the administrator panel and implement WEP encryption using a cable connection, you will be allowed to exit the administrator panel more gracefully.
This is because the implementation of wireless encryption doesn't impact your ability to access the router using a cable.
Reset the router
Press the Reset button on the back panel of the router and hold it down for at least five seconds to assure that the router is reset to the factory configuration.
The Reset button is a small recessed brown button, which is shown on the left side of Figure 1.
|
Connect a cable to the router
Connect a regular RJ-45 patch cable between the wired NIC connector on your computer and one of the four wired network connectors labeled 1 through 4 on the back of the router in Figure 1.
(As explained above, this is an optional approach. You can also achieve the objectives of this project by making a wireless connection to the router as described in the earlier project entitled Connectivity and Security ...)
Browse to the router
Once you are connected to the router, either via cable or via your wireless NIC, open your browser and point it to http://192.168.1.1/. This should produce a login dialog similar to that shown in Figure 2.
(The actual appearance of the dialog will depend on the browser being used. The dialog shown in Figure 2 was produced by a Firefox browser.)
|
Enter the password
Leave the user name blank, enter the default password admin, and press the OK button.
The administrator panel should open
This should open a web page on the router that looks like Figure 3.
This is the Linksys router administrator panel.
|
Navigate to the page where you will set the encryption password
Select the Wireless tab in Figure 3. This will take you to the page shown in Figure 4.
|
Select the Wireless Security tab in Figure 4. This will take you to the page shown in Figure 5.
|
(Note that the web page in Figure 5 has been scrolled to the right to expose the important information in this narrow publication format.)
Select WEP and Key 1
Make sure that WEP is selected in the pull-down list near the top of the client area in Figure 5.
Also make sure that the radio button labeled 1 is selected as the Default Transmit Key.
Select the encryption level
For WEP encryption, you can select either:
For the strongest form of WEP encryption, select 128 bits as shown in Figure 5.
Enter a hex encryption password
Enter an encryption password in the Key 1 text field consisting of 26 characters made up of a random selection of the numerals 0 through 9 and the letters A through F.
Make it more random than Figure 5
Note that the key shown in Figure 5 isn't very random. You should make your key much more random that the key shown in Figure 5.
Whatever you make it, however, you will need to remember it in order to be able to log into your Linksys wireless router after you save it as described below.
Save the encryption password
Click the Save Settings button to save the new encryption password. This should produce the result shown in Figure 6.
|
Press the Continue button
If you are working with a cable connected to the router, pressing the Continue button should make it possible to for you to continue working in the administrator panel, because setting a wireless encryption password has no impact on access via a cable.
However, if you are working via a wireless connection to the router, pressing the Continue button should result in something similar to Figure 7, because you have just been automatically disconnected from the router.
|
Switch over to wireless access
If you have been connected to the router using a cable connection, it is time to:
Note, however that when you attempt to connect to the router via your wireless NIC now, you will be required to provide the encryption password a discussed later.
If you were previously connected using a cable connection, you can skip ahead to the heading that reads Connect to the linksys network.
Reconnect to the router
If you have been connected to the router via your wireless NIC, and you were automatically disconnected when you saved the encryption password as described above, the Wireless Network Connection dialog should now look something like that shown in Figure 8.
(Note the annotation on the linksys network that reads "limited or no connectivity".)
|
Refresh the network list
Click the Refresh network list link in the upper left of Figure 8.
Select the linksys network and then click the Disconnect button.
The dialog should change to look something like Figure 9.
|
Connect to the linksys network
Select the linksys network in Figure 9 and click the Connect button.
At this point, you will be presented with a dialog in which to enter and then confirm your encryption password. Enter and confirm the encryption password and then click the Connect button in Figure 10.
|
Success!!
The Wireless Network Connection dialog should change to look similar to Figure 11, indicating that you are connected or reconnected to your wireless network via your wireless NIC.
|
Security-enabled wireless network
Note in particular the notation in Figure 11 that indicates that the linksys network is a Security-enabled wireless network.
Encryption password required for login
From this point forward, you will be required to enter the encryption password each time you attempt to connect to the wireless network.
Lock out the mooching neighbor
In addition, your neighbor in the apartment next door won't be able to connect to your wireless network without knowing (or somehow discovering) the required encryption password.
In-depth wireless security considerations not covered
To reiterate, the purpose of this project was to teach you the mechanics for securing your wireless network against unsophisticated attackers. It is recommended that you provide at least this level of protection before installing a wireless network in your home or in your office.
Future projects will provide more in-depth information regarding wireless security including ways to protect against all but the most sophisticated attackers.
Copyright 2005, Richard G. Baldwin. Reproduction in whole or in part in any form or medium without express written permission from Richard Baldwin is prohibited.
Richard has participated in numerous consulting projects and he frequently provides onsite training at the high-tech companies located in and around Austin, Texas. He is the author of Baldwin's Programming Tutorials, which have gained a worldwide following among experienced and aspiring programmers. He has also published articles in JavaPro magazine.
In addition to his programming expertise, Richard has many years of practical experience in Digital Signal Processing (DSP). His first job after he earned his Bachelor's degree was doing DSP in the Seismic Research Department of Texas Instruments. (TI is still a world leader in DSP.) In the following years, he applied his programming and DSP expertise to other interesting areas including sonar and underwater acoustics.
Richard holds an MSEE degree from Southern Methodist University and has many years of experience in the application of computer technology to real-world problems.
-end-
Figure 2 Router login dialog box
Figure 3 Linksys router administrator panel.
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11