McAfee Security Center shows five other users on our wireless network other than my wife. I can not remove them or figure out how to activate the encryption features for the router. The router is a Belkin PreN ADSL wireless router. After finding these unauthorized users, I see my wife's other protections are also elapsed and she has 1500 spyware contaminations....

Any advice on how to shut out these unwanted users (other than my wife) would be appreciated.

Fred

Shut everything down, including the router and computers and then start everything up again.

Make sure some of these other connections are not ones you have accidentally set up. I have seen that happen before.

IF they are 5 UNwanted connections, your first try should be WEP (Wireless Encryption Protocol)

It is easy, but make sure you write down any passwords or keys generated, because there is no way you will remember them if you have a power outage and things need to be reset.

One of many links for this is below.

http://www.iinet.net.au/support/wireless/guide/wireless_security.html

It does look complicated, but if you follow it step by step you should be fine.

If something goes wrong, you can either unplug the router or there is a small reset on it that can put it back to factory setup.

If the people continue to show up, you may need to go as far as MAC address filtering.

Hopefully, WEP is enough. Once you set up the computer with the password, you dont have to type it again. And other users will be prompted for it, so you should have it handy if you ever have guests or kids that need to use your Internet.


Jim

I'm not familar with Belkin but assuming they've implemented the draft-N standard, you've got the next level of wireless security built into your router. Now, it's just a matter of finding it when navigating the router's built in settings.

First, find the IP address you need to specify in the browser. This is generally documented in the doc that came with the H/W. Should be something similar to 192.168.0.1.

Next, make sure you have a hardwire system connected to the router. Launch a browser and put that IP address in the field used for URLs -- you should see some kind of admin log on dialog. Passwords for the router admin user are generally not set -- blanks are used.

Make sure you don't have any needs to support systems for a while -- if your wife or any one esle is using the router -- wired or wireless -- either get them off your LAN or wait until later.

First, find the broadcast SSID setting and change it to "no" or "don't broadcast". This is a fig leaf but it might take care of the immediate issue of others in the area piggy backing on your LAN.

Now, you'll have to change all of the network settings for any system that uses your LAN wirelessly. You'll need to change each system's wireless settings so that you explicitely tell the PC trying to access the LAN what the SSID should be.

Do this first and only do this step so that you are not completely out of the water if you have problems. If you do have problems you can always enable the broadcast SSID to get back to a known functional configuration.

If this works, you can then read the Belkin manuals about WPA security. If you've not done a set up before of a wireless LAN it might seem confusing and daunting -- it is a little. Just understand that you are adding pieces of secret information on both the router and the PCs that need to be the same. I recommend using keys that are hexidecimal. Again, remember what you had set up before taking the next step in case some part goes badly. You can always put things back the way they were before so you can have a usable LAN.

Thanks for the advice. We have a wee virus problem, too. I have installed the Avast virus software and there were at least three in memory. At 6% complete, I have seen hundreds. As soon as the scan is done, I will shut the machine down and institute some of the recommended controls. Appears to be a handful...

Fred

Make absolutely sure that whatever tool you are using it will examine and clean the Master Boot Record. Viruses love to live there and if you don't exorcise those, you'll be doing nothing but fighting a reappearing virus.

Worse case -- you end up having to perform a destructive reinstallation of the OS -- and make sure you rewrite the MBR. Of coarse, anything that's on the HDD will be lost, so, back ups and having the original installation CD/DVDs and/or download files will be absolutely essential. And if you do have to go this extreme route, be careful of any media you will be using to recover applications and data -- scan those things for virus' too.

Sorry you have had this happen to you.

Hopefully, WEP is enough.WEP is just this side of using unencrypted wireless so it is definitely not enough unless you trust the neighborhood you live in. All decent home routers support WPA and some support WPA2, both of which provide better security. I know that Windows XP SP2 supports WPA and I believe that SP3 supports WPA2.

I agree that you should change the name of the SSID, disable SSID broadcasts, and you should enable MAC filtering to get the most wireless security.

WEP is just this side of using unencrypted wireless so it is definitely not enough unless you trust the neighborhood you live in.


Unless you trust the neighborhood you live in.

WOW! You must live in a really rough town my friend! :eek:

A simple lock on the front door isn't enough in most neighborhoods either. If I suspected my neighbor was going to rob my house, I guess I could also board up all my windows and get some steel doors.

But seriously, the whole point of security is to keep it simple for the User. That is where Vista dug a huge hole. Everyone is turning off the security because they cannot use it themselves.

I could suggest DES, VPN, or WPA but that would be similar to suggesting using Oracle instead of Access. There are lots of people who won't even tackle Access and spend hours in Excel.

SURE, change the SSID name, disable broadcasting, enable MAC filtering, and hopefully something doesn't happen where you cannot even use your own Internet. Seen it happen many times to people. Security is great for those who understand it, just like Oracle is great for a database for those who understand it.

Good luck Fred, hope you get things going! :ThmbUp:

Jim

Unless you trust the neighborhood you live in.

WOW! You must live in a really rough town my friend! :eek:

A simple lock on the front door isn't enough in most neighborhoods either. If I suspected my neighbor was going to rob my house, I guess I could also board up all my windows and get some steel doors.

But seriously, the whole point of security is to keep it simple for the User. That is where Vista dug a huge hole. Everyone is turning off the security because they cannot use it themselves.

I could suggest DES, VPN, or WPA but that would be similar to suggesting using Oracle instead of Access. There are lots of people who won't even tackle Access and spend hours in Excel.

SURE, change the SSID name, disable broadcasting, enable MAC filtering, and hopefully something doesn't happen where you cannot even use your own Internet. Seen it happen many times to people. Security is great for those who understand it, just like Oracle is great for a database for those who understand it.

Good luck Fred, hope you get things going! :ThmbUp:

JimYou're sending mixed messages here.

Whether or not the end user understands or even likes security is not the point. DES and VPN are not pertinent to the discussion.

If you want to be absolutely certain about who's on your LAN, you'll not use wireless and all computers will have a wired connection.

OUTSTANDING!

Three Avast passes were needed to clear all of the viruses from memory and elsewhere. I noted at least eight unique virus names.

Used Malbytes to remove spyware. Spyware Doctor found 1500 issues, but upgrade was required to remove the issues. Malbytes removed them for free.

I changed the network name to "Police" which is a strong deterrent in this country.

The address was 192.168.2.1 Easy enough to find and the software interface shows a lot of additional functionality in case I need it. The security functions were found disabled. I enabled them.

I unchecked the SSID broadcast box which knocked off my wife's laptop she uses as a replacement for the desktop. The "neighbors" still showed on the system using McAfee, even after refresh (as did my wife who I knew was off).

There was a WPA-WPA2-Personal (PSK) option which I selected. I then selected WPA-PSK and TKIP. I entered my preshared key.

I entered the same key on my wife's laptop and her connection was restored.

I reset the router and turned my wife's machine off.

These other machines (Ali, Nasser and others) still show on the McAfee Security Center. I am hoping they will drop in a few hours as they are no longer able to connect.

Thanks so much for the help.

Fred

Nice job Fred! You are about as secure as you can be with wireless. Best of luck.