PDA

View Full Version : Linksys Router Configuration.



ChuckWagon
06-29-08, 01:50 AM
Standalone single desk-top computer, average home user, WinXP Pro SP3.
Linksys Router Model Number: WAG200G

According to the user guidelines there are some security precautions to be
implemented:-

[quote]
Security Precautions:
The following is a complete list of security precautions to take (at least
steps 1 through 5 should be followed):

1. Change the default SSID.
2. Disable SSID Broadcast.
3. Change the default password for the Administration account.
4. Enable MAC Address Filtering
5. Change SSID periodically.
6. Use the highest encryption algorithm possible. Use WPA if it is
available. Please note that this may reduce tour network performance.
7. Change the WEP encryption keys periodically.
[unquote]

Since I am on a "Wired Connection" can the Wireless Network mode be set to
"Disabled" and don't have to worry about "Wireless Connection to a
Computer"; Therefore, can I ignore 1,2 and 6 & 7 and *only* points 3
and 4 are applicable?

Also, can I disable IGMP Proxy (don't know what is is) and Management via
WLAN?
(My desktop has a wired connection).
Both are enabled by default.

And, when trying to upgrade the Firm Version a window pops-up displaying:-
"Continue? All existing Internet connections will be terminated."
I want to be prepared; What can I expect after pressing OK?
Will I be able accessing the Internet without any troubles or do I need to
reconfigure the complete set-up of the router?

Finally, I've read a number of posts in various n/groups recommending to use
Linksys BEFSR41.
Is BEFSR41 a superior model or am I fine with WAG200G ?

f/fgeorge
06-29-08, 05:35 AM
On Sun, 29 Jun 2008 13:50:57 +0700, "ChuckWagon"
<ChuckWagon@not-available.net> wrote:

>Standalone single desk-top computer, average home user, WinXP Pro SP3.
>Linksys Router Model Number: WAG200G
>
>According to the user guidelines there are some security precautions to be
>implemented:-
>
>[quote]
>Security Precautions:
>The following is a complete list of security precautions to take (at least
>steps 1 through 5 should be followed):
>
>1. Change the default SSID.
>2. Disable SSID Broadcast.
>3. Change the default password for the Administration account.
>4. Enable MAC Address Filtering
>5. Change SSID periodically.
>6. Use the highest encryption algorithm possible. Use WPA if it is
>available. Please note that this may reduce tour network performance.
>7. Change the WEP encryption keys periodically.
>[unquote]
>
>Since I am on a "Wired Connection" can the Wireless Network mode be set to
>"Disabled" and don't have to worry about "Wireless Connection to a
>Computer"; Therefore, can I ignore 1,2 and 6 & 7 and *only* points 3
>and 4 are applicable?
>
>Also, can I disable IGMP Proxy (don't know what is is) and Management via
>WLAN?
>(My desktop has a wired connection).
>Both are enabled by default.
>
>And, when trying to upgrade the Firm Version a window pops-up displaying:-
>"Continue? All existing Internet connections will be terminated."
>I want to be prepared; What can I expect after pressing OK?
>Will I be able accessing the Internet without any troubles or do I need to
>reconfigure the complete set-up of the router?
>
>Finally, I've read a number of posts in various n/groups recommending to use
>Linksys BEFSR41.
>Is BEFSR41 a superior model or am I fine with WAG200G ?
>
Yes you can turn off the wireless mode, and if you have no wireless
connections it is an excellent idea.
Do NOT upgrade the firmware unless you are experiencing problems or
specifically want a new feature! The old saying goes "if it ain't
broke, don't fix it"!

ChuckWagon
06-29-08, 08:57 AM
"f/fgeorge" <ffgeorge@yourplace.com> wrote in message
news:sj7e64pdihvt38lebrdjp589hd2766mf6u@4ax.com...
> On Sun, 29 Jun 2008 13:50:57 +0700, "ChuckWagon"
> <ChuckWagon@not-available.net> wrote:
>
>>Standalone single desk-top computer, average home user, WinXP Pro SP3.
>>Linksys Router Model Number: WAG200G
>>
>>According to the user guidelines there are some security precautions to be
>>implemented:-
>>
>>[quote]
>>Security Precautions:
>>The following is a complete list of security precautions to take (at least
>>steps 1 through 5 should be followed):
>>
>>1. Change the default SSID.
>>2. Disable SSID Broadcast.
>>3. Change the default password for the Administration account.
>>4. Enable MAC Address Filtering
>>5. Change SSID periodically.
>>6. Use the highest encryption algorithm possible. Use WPA if it is
>>available. Please note that this may reduce tour network performance.
>>7. Change the WEP encryption keys periodically.
>>[unquote]
>>
>>Since I am on a "Wired Connection" can the Wireless Network mode be set to
>>"Disabled" and don't have to worry about "Wireless Connection to a
>>Computer"; Therefore, can I ignore 1,2 and 6 & 7 and *only* points 3
>>and 4 are applicable?
>>
>>Also, can I disable IGMP Proxy (don't know what is is) and Management via
>>WLAN?
>>(My desktop has a wired connection).
>>Both are enabled by default.
>>
>>And, when trying to upgrade the Firm Version a window pops-up displaying:-
>>"Continue? All existing Internet connections will be terminated."
>>I want to be prepared; What can I expect after pressing OK?
>>Will I be able accessing the Internet without any troubles or do I need to
>>reconfigure the complete set-up of the router?
>>
>>Finally, I've read a number of posts in various n/groups recommending to
>>use
>>Linksys BEFSR41.
>>Is BEFSR41 a superior model or am I fine with WAG200G ?
>>
> Yes you can turn off the wireless mode, and if you have no wireless
> connections it is an excellent idea.

Thanks for response.
Okay, just to clarify, I can disable both "IGMP Proxy" and "Management via
WLAN" ?
Also, I forget to ask: How can I enable "MAC Address Filtering" ?

I already changed default user name and default password and disabled UPnP
function.

> Do NOT upgrade the firmware unless you are experiencing problems or
> specifically want a new feature! The old saying goes "if it ain't
> broke, don't fix it"!

Herein lies the question. I don't experience any problem with this newly
purchased
router nor do I know if the feature(s) of the upgrade is/are required.
Here is the info (looks crucial to me but then again I am not a techie).

1.01.06
- Fixes security issue with XSS and CSRF.
- Fixes issue with UPnP crash when opening 10+ port forwarding.
- Fixes issue with port 5190, 5566, 4443 opening.
- Fixes issue with DSL performance degradation when running P2P program for
long time.
- Fixes issue with Access Restriction
- Use new Cisco/Linksys Logo.
- Added Single Port Forwarding entries to 20.

Appreciate your response.

David H. Lipman
06-29-08, 09:23 AM
From: "ChuckWagon" <ChuckWagon@not-available.net>

< snip >


| Herein lies the question. I don't experience any problem with this newly
| purchased
| router nor do I know if the feature(s) of the upgrade is/are required.
| Here is the info (looks crucial to me but then again I am not a techie).

| 1.01.06
| - Fixes security issue with XSS and CSRF.
| - Fixes issue with UPnP crash when opening 10+ port forwarding.
| - Fixes issue with port 5190, 5566, 4443 opening.
| - Fixes issue with DSL performance degradation when running P2P program for
| long time.
| - Fixes issue with Access Restriction
| - Use new Cisco/Linksys Logo.
| - Added Single Port Forwarding entries to 20.

| Appreciate your response.

XSS -- Cross-Site Scripting.
http://en.wikipedia.org/wiki/Cross-site_scripting

This is a vulnerability that can lead to a malware infected. Thus the FirmWare can be
considered broken.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

f/fgeorge
06-30-08, 05:04 AM
On Sun, 29 Jun 2008 20:57:16 +0700, "ChuckWagon"
<ChuckWagon@not-available.net> wrote:


>Thanks for response.
>Okay, just to clarify, I can disable both "IGMP Proxy" and "Management via
>WLAN" ?
>
YES you WANT to turn off the mangement via WLAN, that lets anyone that
can figure out your name and password the ability to change the
settings.
I don't know what the IGMP Proxy is.

>Also, I forget to ask: How can I enable "MAC Address Filtering" ?
>
It is under the Wireless settings, Why would you want to turn this on
if you disabled wireless access? Anyway if you do turn it on and then
leave ALL the boxes blank only wired connections can connect. MAC
filtering ONLY effects wireless connections.

>I already changed default user name and default password and disabled UPnP
>function.
>
These are good things, now WRITE THEM DOWN or you will be resetting
the router to its defaults in the future!

ChuckWagon
06-30-08, 07:44 AM
Thanks again, f/fgeorge.
(In-line response)

"f/fgeorge" <ffgeorge@yourplace.com> wrote in message
news:ivpg64lgn16m2rd3ev505rj828fo6hq6e2@4ax.com...
> On Sun, 29 Jun 2008 20:57:16 +0700, "ChuckWagon"
> <ChuckWagon@not-available.net> wrote:
>
>
>>Thanks for response.
>>Okay, just to clarify, I can disable both "IGMP Proxy" and "Management via
>>WLAN" ?
>>
> YES you WANT to turn off the mangement via WLAN, that lets anyone that
> can figure out your name and password the ability to change the
> settings.

Will do.

> I don't know what the IGMP Proxy is.

Never mind, I'll keep on investigating.

>>Also, I forget to ask: How can I enable "MAC Address Filtering" ?
>>
> It is under the Wireless settings, Why would you want to turn this on
> if you disabled wireless access?

Didn't realize that MAC was related to Wireless connections.

> Anyway if you do turn it on and then leave ALL the boxes blank only wired
> connections can connect. MAC filtering ONLY effects wireless connections.

Since I am on a phone connection, I won't turn it on.

>>I already changed default user name and default password and disabled UPnP
>>function.
>>
> These are good things, now WRITE THEM DOWN or you will be resetting
> the router to its defaults in the future!

Will do.

ChuckWagon
06-30-08, 07:44 AM
Thanks again, f/fgeorge.
(In-line response)

"f/fgeorge" <ffgeorge@yourplace.com> wrote in message
news:ivpg64lgn16m2rd3ev505rj828fo6hq6e2@4ax.com...
> On Sun, 29 Jun 2008 20:57:16 +0700, "ChuckWagon"
> <ChuckWagon@not-available.net> wrote:
>
>
>>Thanks for response.
>>Okay, just to clarify, I can disable both "IGMP Proxy" and "Management via
>>WLAN" ?
>>
> YES you WANT to turn off the mangement via WLAN, that lets anyone that
> can figure out your name and password the ability to change the
> settings.

Will do.

> I don't know what the IGMP Proxy is.

Never mind, I'll keep on investigating.

>>Also, I forget to ask: How can I enable "MAC Address Filtering" ?
>>
> It is under the Wireless settings, Why would you want to turn this on
> if you disabled wireless access?

Didn't realize that MAC was related to Wireless connections.

> Anyway if you do turn it on and then leave ALL the boxes blank only wired
> connections can connect. MAC filtering ONLY effects wireless connections.

Since I am on a phone connection, I won't turn it on.

>>I already changed default user name and default password and disabled UPnP
>>function.
>>
> These are good things, now WRITE THEM DOWN or you will be resetting
> the router to its defaults in the future!

Will do.

ChuckWagon
06-30-08, 08:09 AM
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:_LedndXYofR7B_rVnZ2dnUVZ_j2dnZ2d@giganews.com...
> From: "ChuckWagon" <ChuckWagon@not-available.net>
>
> < snip >
>
>
> | Herein lies the question. I don't experience any problem with this newly
> | purchased
> | router nor do I know if the feature(s) of the upgrade is/are required.
> | Here is the info (looks crucial to me but then again I am not a techie).
>
> | 1.01.06
> | - Fixes security issue with XSS and CSRF.
> | - Fixes issue with UPnP crash when opening 10+ port forwarding.
> | - Fixes issue with port 5190, 5566, 4443 opening.
> | - Fixes issue with DSL performance degradation when running P2P program
> for
> | long time.
> | - Fixes issue with Access Restriction
> | - Use new Cisco/Linksys Logo.
> | - Added Single Port Forwarding entries to 20.
>
> | Appreciate your response.
>
> XSS -- Cross-Site Scripting.
> http://en.wikipedia.org/wiki/Cross-site_scripting
>
> This is a vulnerability that can lead to a malware infected. Thus the
> FirmWare can be
> considered broken.
>
Thanks.
I don't understand all this technical stuff in relation to Cross-site
scripting. Since (acc. to 1.01.06) upgrading of the firmware will fix this
security issue I am going to proceed accordingly.
Do you know (or anybody else reading this post) if precautionary measures
have to be implemented prior upgrading of the firmware?
Will I be able to connect to Internet or will the router have to be
reconfigured after completion of upgrading?

ChuckWagon
06-30-08, 08:09 AM
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:_LedndXYofR7B_rVnZ2dnUVZ_j2dnZ2d@giganews.com...
> From: "ChuckWagon" <ChuckWagon@not-available.net>
>
> < snip >
>
>
> | Herein lies the question. I don't experience any problem with this newly
> | purchased
> | router nor do I know if the feature(s) of the upgrade is/are required.
> | Here is the info (looks crucial to me but then again I am not a techie).
>
> | 1.01.06
> | - Fixes security issue with XSS and CSRF.
> | - Fixes issue with UPnP crash when opening 10+ port forwarding.
> | - Fixes issue with port 5190, 5566, 4443 opening.
> | - Fixes issue with DSL performance degradation when running P2P program
> for
> | long time.
> | - Fixes issue with Access Restriction
> | - Use new Cisco/Linksys Logo.
> | - Added Single Port Forwarding entries to 20.
>
> | Appreciate your response.
>
> XSS -- Cross-Site Scripting.
> http://en.wikipedia.org/wiki/Cross-site_scripting
>
> This is a vulnerability that can lead to a malware infected. Thus the
> FirmWare can be
> considered broken.
>
Thanks.
I don't understand all this technical stuff in relation to Cross-site
scripting. Since (acc. to 1.01.06) upgrading of the firmware will fix this
security issue I am going to proceed accordingly.
Do you know (or anybody else reading this post) if precautionary measures
have to be implemented prior upgrading of the firmware?
Will I be able to connect to Internet or will the router have to be
reconfigured after completion of upgrading?

David H. Lipman
06-30-08, 03:37 PM
From: "ChuckWagon" <ChuckWagon@not-available.net>

< snip >

| Thanks.
| I don't understand all this technical stuff in relation to Cross-site
| scripting. Since (acc. to 1.01.06) upgrading of the firmware will fix this
| security issue I am going to proceed accordingly.
| Do you know (or anybody else reading this post) if precautionary measures
| have to be implemented prior upgrading of the firmware?
| Will I be able to connect to Internet or will the router have to be
| reconfigured after completion of upgrading?



Rule of thumb is to always write down the settings of the Router prior to upgrading the
FirmWare. This way you can restore the same settings after the new FirmWare upgrade has
completed if the settings changed.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

ChuckWagon
06-30-08, 06:33 PM
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:v9mdnYFBcMSa2fTVnZ2dnUVZ_rvinZ2d@giganews.com...
> From: "ChuckWagon" <ChuckWagon@not-available.net>
>
> < snip >
>
> | Thanks.
> | I don't understand all this technical stuff in relation to Cross-site
> | scripting. Since (acc. to 1.01.06) upgrading of the firmware will fix
> this
> | security issue I am going to proceed accordingly.
> | Do you know (or anybody else reading this post) if precautionary
> measures
> | have to be implemented prior upgrading of the firmware?
> | Will I be able to connect to Internet or will the router have to be
> | reconfigured after completion of upgrading?
>
>
>
> Rule of thumb is to always write down the settings of the Router prior to
> upgrading the
> FirmWare. This way you can restore the same settings after the new
> FirmWare upgrade has
> completed if the settings changed.
>
Thanks, I'll be guided accordingly.