# Wifi Questions



## campntn (Feb 20, 2005)

I need some wifi info. My son has a nintendo DS with wifi. Today, he was playing with the settings on it and low and behold, he was playing against someone else WORLDWIDE.???
Setup, Home, cable, Linksys router hardwire to desktop pc with xp pro and Zonealarm.
new laptop with Vista, firewall enabled. 
Network magic coordinating these.

So on the network, he showed a Nintendo connection and he played with them. Lost, but he played.

I live in the middle of 18 acres, so I don't have encryption and the network is open. I realize it's not secured, but I didn't think I needed it. 
I am confused #1 as to how the kid's Nintendo just tapped into the network with 2 firewalls and Network magic. 
#2 I assume it's dangerous. You know, someone can steal my Coke recipe or the Bushe's baked beans recipe. haha, No big stuff here, just want to make sure all is ok. If I enable, WEP (is that right) thru the router, that will probably throw everything off??? I dunno.??
Thanks!


----------



## kyoutback (Jul 12, 2004)

One of the easiest and best things you can do is go into the router wireless configuration and just change the SSID name of the network. Then you have to know the name to get connected. Also make sure you change the default admin and password. This will stop all but the most dedicated intruders.


----------



## campntn (Feb 20, 2005)

But see, that's the part I'm not getting. HOW does that intruder get thru the firewalls?? XP PRO is on, Zone alarm is on, Vista is on.
Is he INSIDE THE ENTIRE network?? or just on that Nintendo???


----------



## California Jim (Dec 11, 2003)

The most common way is to set-up your router with a "key" which is nothing more than a password.

Your Nintendo found the open internet connection at the router and well.....connected! It sounds like you don't have an intruder, you're just seeing others on the game field when your Son's Nintendo connects to the internet.

Lock it down with a password and you will be fine.


----------



## kyoutback (Jul 12, 2004)

It sounds like your firewalls are setup on a pc not on the router. Coming into the network he is connecting to the router, if he tried to get to the computer with the firewall then he should be stopped. Home networks really don't need a firewall before the router. IMO Just some basic security precautions as previously stated.


----------



## huntr70 (Jul 8, 2005)

An unsecured network is just that, anyone with a wireless connection can get on it.

Fierwalls only work on the hardware they are attached to.

Our laptop works the same way as your son's Nintendo, it will search for all wireless networks in the area and list them as secured or unsecured. If they are unsecured, you can use access them with no problem.

Doesn't mean I could steal anything from your computer, just means I can use your network as an access point for internet.

Steve


----------



## LarryTheOutback (Jun 15, 2005)

To summarize:

His Nintendo connected to the Internet directly because the wireless access point (router) to which the Nintendo associated is connected directly to the Internet. There is no firewall between the Nintendo and your Internet connection; each of your firewalls protect the PC they are on, but do not protect anything connecting wirelessly to the access point.

Internet ---> Router/AccessPoint ---> PC[Firewall ---> Windows]
..................................................---> Laptop[Firewall ---> Windows]
..................................................---> Nintendo

Note in the third line there is NO firewall between the Nintendo and the Internet.

You have a few options; here are just three:

(1) Turn off WiFi on the Nintendo and, given that people have to get physical access to your property to use your wireless network, ignore wireless security.

(2) Reconfigure your network so that one of your computers acts as a "gateway" to the Internet. In this way, the firewall on that computer "protects" the rest of the network.

Internet ---> PC[Firewall --> Windows] ---> Router/AccessPoint ---> Laptop

(3) Enable some security on the router/access-point such as WEP. If you don't give the Nintendo the WEP key (or whatever mechanism you use) then it can't access the network.

Good luck!

Ed


----------



## CamperAndy (Aug 26, 2004)

Your son is on the inside of your wireless local network looking out. Your firewall is not designed to protect for that, it protects from attacks to your IP address from the net.

You need to active WEP on the wireless router to lock him out if that is what you want. If you don't mind him playing world wide he can not hurt anything and people trying to hack in by back tracking to your sons DS will be stopped by the firewall.


----------



## skippershe (May 22, 2006)

yikes!


----------



## Bill H (Nov 25, 2006)

You don't want to screw around with WEP..... Disable SSID broadcast and change the SSID from LINKSYS. If you can't see it, not very easy to connect. You just need to manually set the network in the PC's.


----------



## N7OQ (Jun 10, 2006)

Are you sure your son was on your network and not someone else's. I was at a hotel at Ft Bragg and was able to connect to another hotel a half mile away. I keep my wireless hub locked down I don't want anyone else in it and I have seen my neighbor try to get into it. I use WEP in-coding this generates several keys and you must enter this key to get in. I also don't transmit my SSID so you have to know my SSID to get in then I turned on mac address filter. Every network device has a unique mac address so you have to be on my list to get in.

BTW my neighbor came over one day half drunk and wanted to know were my network went, I said don't know







I connect to it everyday so must be a problem on your end and left it at that then said to have a nice day and closed the door. My neighbor thinks he should get everything for free, when they were still building housed in our subdivision he would take his wheelbarrow to a job site and get a load of decorative bark, he told me they don't care. His son brags to me about the things he hacks into. So not someone I want on my hub.

I have scanned the area here and see several wifi networks and most are open I told one of my neighbors and he said he didn't mind sense his computers with all the sensitive stuff on it is on a separate network. He said if I ever need it feel free to connect. His Son is keyed in to my network because my Son the His come over and play games all the time.


----------



## campntn (Feb 20, 2005)

Thanks folks. I really don't mind him PLAYING against someone, no chat, just playing nintendo is fine. So, are you guys saying that his Nintendo is connecting thru the router. Ok, so then it's not thru the pc. Well, given the current setup, and I let him wifi Nintendo, is there a chance anyone could get (hack) into my pc and launch a rocket??


----------



## OregonCampin (Mar 9, 2007)

I know this person (who will remain name less







) that was able to get on to an insecure network and on to the computer that was up and running - granted this person had no malicious intent and actually tracked down the person and showed them how to secure their network, but the point is, no matter where you live, it should be secured because if your nintendo can get in anyone can get in which now means your computer (and network) is not safe....online banking, passwords, etc... get it locked down!


----------



## 2500Ram (Oct 30, 2005)

campntn said:


> I know this person (who will remain name less
> 
> 
> 
> ...


The internet connection isn't safe but the computer with the firewalls are "safe" read my above post, anything is possible so when in doubt just shut it down.

Bill.


----------



## Lmbevard (Mar 18, 2006)

It is important to change the name (SSID), user name and password of your router, should be the first thing that everyone does when they hook up a wireless router. With out doing this I could come pass, hook up to your router, change the seating on it so I could take over your network and lock you out. Then I could at my leisure work on your computer and laptop to get anything off of it, eventhough you have a firewire. The firewire is probley set up right now to allow the laptop to get into the desktop and visa versa, and also set up to allow the router in, so if I have control of the router, I can get in. If you have set up anything on the computers to share, I could do that too, including seeing and changing your information and printing dirty pictures on you printer.

I would also lock down the system with WEP so you can control who gets in to the network by controling the key. It is a pain to set up some times, but then you are sure that no one is getting in that you don't want.

As far as your kid connecting to the internet with the DS, like others have said they are only going through the computer to get to the internet, something that your firewall is already set up to allow. I could come pass your house with my laptop and do the same thing and you would not know that I was doing it.

I would lock down your system no matter what just to protect your self.


----------



## campntn (Feb 20, 2005)

Lmbevard said:


> that I was doing it.
> 
> I would lock down your system no matter what just to protect your self.


Ok, "Lock down" means.......??

I logged into the router settings, found security mode, then found WEP, whatever that means.
I selected it outta dropdown, save changes then get a prompt to enter a "key".

I sure hate to seem stupid, just don't know anything bout this end of pc.
Thanks


----------



## justinsnow0 (Feb 5, 2007)

Here is a gamers perspective on this.

I have many video game systems, from the original Atari to the Xbox 360.

If you are running a linksys wireless router my opinion is NOT to set the WEP or use any security key. UNLESS of course you don't want your son/daughter on line with it. The reason being is that the DS does not have the capability of using keys. It will not do it.

So what I recommend is to just set it so that only certain MAC addresses may access your router. All wireless systems have MAC addresses but not all gaming systems allow you to use WEP or keys.

The DS is very safe online. You cannot freely type messages you can only select "sayings" in a drop down menu.


----------



## H2oSprayer (Aug 5, 2006)

My network includes my desktop (windows xp), laptop (windows xp), both protected by ZoneAlarm Pro, and a couple of Soundbridge M1001 network music players, all connected by a Linksys wifi router, and all working in harmony via Network Magic. One of the simple things that Network Magic can do is not allow other (new) IP address from entering your network without you knowing. If you click on "Network Map", click on your router, and on the right will be a list of "tasks" that you can preform. Select "change wireless protection", is there a check mark next to "enable network lock"? If not, DO THIS!! Then, if someone attempts to join you network (you sons game console), an advisory will pop up and you will need to check a box in order to allow it to join. Next to the "network lock" tab is a "network name" tab. Do you have a check mark next to "hide network name"? If not, DO THIS. By doing this, you keep your SSID hidden from a "casual observer". These are just a few easy functions of these programs. As it sounds like we kind of have the same setups, feel free to PM me if you have any more questions.

Chris


----------



## LarryTheOutback (Jun 15, 2005)

Lmbevard said:


> It is important to change the ... user name and password of your router, should be the first thing that everyone does when they hook up a wireless router.


Absolutely! You need to do this. While you are at it, add a WEP key (or stronger).

Ed


----------



## CamperAndy (Aug 26, 2004)

For 64 bit WEP (which is plenty strong enough) you need a 10 number key. So pick a number that you can remember. Once you set this on the router you will have to enter it on all the wireless devices that use that router.

Now all of this said, considering your location you have almost a ZERO chance of a drive by snoop hacking into your system. Lots more fertile ground to look at around apartment buildings.


----------



## bentpixel (Sep 2, 2006)

A word of caution about WEP: this protocol dose not start the encryption process until *after* the *user name* and *password* have been transmitted. This means that in densely populated areas someone might be able to sniff out your sign-on name and PW. By using WPA or WPA2 the password will be unreadable to the would be hacker. 
By turning off SSID broadcast the network name will not show up to an outside user. Setting the MAC filter limits access to only your machines. I use this setup to secure the paths for three laptops and a PDA. Each has access to the Internet, the shared printers, and a shared drive on the hardwired computer. Each laptop has its own firewall.

There is nothing wrong with running an unsecured network, until you want to transmit person identity information or sensitive banking or financial info that security becomes a hot point. The game consoles have no info and it may be possible to configure your wifi to have and open network for the gamer only.

For your setup, campntn, your probably OK. I would echo what others have said and suggest at least turning off SSID. Those of us that have neighbors eight inches away have to be more careful.

Happy Networking,
Scott


----------



## NJMikeC (Mar 29, 2006)

A Variety of you folks are certainly on the correct path.

You have to understand the call flow or more correctly stated the Session control. Nintendo created a session where it asked to get out to the internet. The Firewall in this particular case is protecting inbound traffic, "Sessions".

WEP is protecting only the side of the connection from the Router to the PC or Nintendo, e.g Wireless Encryption Protocol. Note that it is only limiting access to the air interface yet it still doesn't due Authentication, whereby you Authenticated the user on the system, e.g. behind the Router.

If you really want to establish more security you establish a "Gateway" by a variety of ways but usually using a Router configured as a Gateway. Then you still have to be able to control the establishment of "Sessions" being created by the application, "Nintendo" or have the gateway control those sessions by limiting either access by the MAC code (Media Access Control) to the internet but more easily by disabling that function with in the application (Nintendo).

Once again there are easy ways, and hard ways. In this case disable Nintendo's ability to access the internet.


----------



## campntn (Feb 20, 2005)

Ok, thanks guys. As I said, in my case, considering the remote area that I live in, center of 18 acres, I'm ok with leaving the wep off. I mean nobody ever comes to our house that we don't know and our neighbors are reaaaaalyy far from us, acres and acres.
I guess, after sifting thru all of this, the bottom line question is:
_With firewalls on each pc turned on, wep off on the router, is it possible for someone to go thru a Nintendo, enable with wifi, and interact in any way with the pc's with firewalls that are on the network? _ Thanks


----------



## bentpixel (Sep 2, 2006)

I do not know of a path that a game console could use to interact w/ your PC.

At the risk of repeating my self, if all your visits to secure websites ( sites starting w/ https:// or have a lock icon) are on the hardwired computer then your info is secure. The open wifi broadcasts to anyone listening







your banking user names and passwords. Sorry if I'm too strong on this point, but we just ran a news story where people had their bank and stock broker accounts hacked after using an open net at a hotel or coffee shop and lost thou$and$ of dollar$









Again, I think your setup is fine.








I'm a little jealous 'cause I wish I had time to play.









Scott


----------



## LarryTheOutback (Jun 15, 2005)

campntn said:


> _With firewalls on each pc turned on, wep off on the router, is it possible for someone to go thru a Nintendo, enable with wifi, and interact in any way with the pc's with firewalls that are on the network? _


No. The Nintendo adds nothing to make your network more insecure.

Ed


----------



## campntn (Feb 20, 2005)

bentpixel said:


> I'm a little jealous 'cause I wish I had time to play.
> 
> 
> 
> ...


haha, me too! that's a 10 year old's life. not mine.
Issue settled, and maybe we've all learned something.
Thanks guys!
Mark


----------



## ED_RN (Jun 25, 2006)

I agree;
I've not an expert but have set up several systems for freinds and family. This how I do it.
1.change the admin password to get to the router settings, the default is usually 'admin". WRITE IT DOWN SOMEWHERE. If you forget it though you can press the reset button on the router and it will go back to the default setting. All your other settings will reset also. 
2. Change the name of the network, default will be Lynksys
3. Enable WPA, the router will assign a passkey if you want or you can pick any combination of 16 numbers and letters. WRITE IT DOWN SOMEWHERE. You can assign a different key to each device if you want. This works if you have freinds coming over and accessing your network. You can give them a separate passkey then if you don't want them on the system you can go in and delete that passkey without having to change the passkey on your laptop.
4.Have your laptop find the "new netwok" then enter the passkey when asked.
5. Go back to the router software on the PC and disable the SSID.

My guess is if you want to allow the nintendo to access the net through the router there is probably a way the ener the passkey into the game system just like you have to do on your laptop.


----------



## hartmri (Apr 12, 2006)

ED_RN said:


> I agree;
> I've not an expert but have set up several systems for freinds and family. This how I do it.
> 1.change the admin password to get to the router settings, the default is usually 'admin". WRITE IT DOWN SOMEWHERE. If you forget it though you can press the reset button on the router and it will go back to the default setting. All your other settings will reset also.
> 2. Change the name of the network, default will be Lynksys
> ...


I don't know about the Wii, but the Xbox 360 allows access to WPA-protected networks - I just upgraded my home network from an antiquated "b" to a "g/n-capable" network and redid all the security, from WEP to WPA. Internet isn't really faster since it's limited by the cale connection, but equipment seems more stable.


----------



## justinsnow0 (Feb 5, 2007)

lol, you are right about MAC addresses not being secure, as it's not a security feature but if you or anyone else wants to be within 100 feet of my house with a lap top just for internet access..... Then they have issues. You can't hack my network due to firewalls and other security established on the computer itself. So the only reason to sniff my MAC's is to access my internet. If thats the case, goto a McDonalds parking lot or almost any hotel, because it's free anyway.....

Let's be honest here, nobody cares enough about anybody on here to go through the trouble of hacking into someones wifi. It just doesn't happen.

I have done and been part of securing highly classified network systems for the government and really, the normal homeowner has nothing to worry about when it comes to using some neighbors wifi network.

yes, the larger consoles allow you to use WEP and stuff but the handhelds do not. Like the DS.

Also, on a linksys router you can decide how many IP's it will issue and you can even assign IP,s if you want. It's very easy and menu driven. You can do alot of stuff with it. It also (on the newer models) has built in firewall on the router side if thats what you want. I wouldn't rush out and buy software that you don't really need.



campntn said:


> Ok, thanks guys. As I said, in my case, considering the remote area that I live in, center of 18 acres, I'm ok with leaving the wep off. I mean nobody ever comes to our house that we don't know and our neighbors are reaaaaalyy far from us, acres and acres.
> I guess, after sifting thru all of this, the bottom line question is:
> _With firewalls on each pc turned on, wep off on the router, is it possible for someone to go thru a Nintendo, enable with wifi, and interact in any way with the pc's with firewalls that are on the network? _ Thanks


Short answer is yes.

Anything can be countered when it comes to computers. Thats why companies spend millions of dollars to always keep ahead. But in all honesty, you have to ask yourself. Who really cares that much about ME to do this... It's alot of work and it's mostly just companies and stuff that get targeted on these things.


----------

