If your router has the option, you could use MAC address control,
limiting access to only your two NICs.
Rick Stevens wrote:
> As part of the security on my wireless router, I have restricted the IP
> addresses to 2 and staticly assigned them to the 2 devicese on my network.
>
> Is this a good idea or are there other factors to consider.
>
> I have already done the other usual things such as used WPA-PSK TKIP
> enclryption, changed the default IP range, and changed the admin password.
>
> TIA
>
> Rick
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in
news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
> As part of the security on my wireless router, I have restricted the
> IP addresses to 2 and staticly assigned them to the 2 devicese on my
> network.
"DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
news:Xns9899B1C249CA8thisnthatadelphianet@194.177. 96.78...
> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
> news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
>
>> As part of the security on my wireless router, I have restricted the
>> IP addresses to 2 and staticly assigned them to the 2 devicese on my
>> network.
>
> How did you restrict the addresses to 2 ?
Theres an option in the DHCP menu of my router IP range start & finish -
just specified a range of 2 e.g. 192.168.0.2 to 192.168.0.3 - then
statically assigned them to the 2 mac addresses on the network - it seems
happy enough, I'm just not sure if it has any other implications, or causes
any problems
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in
news:Znrgh.7535$493.6425@newsfe4-gui.ntli.net:
>
> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
> news:Xns9899B1C249CA8thisnthatadelphianet@194.177. 96.78...
>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>> news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
>>
>>> As part of the security on my wireless router, I have restricted the
>>> IP addresses to 2 and staticly assigned them to the 2 devicese on my
>>> network.
>>
>> How did you restrict the addresses to 2 ?
>
> Theres an option in the DHCP menu of my router IP range start & finish
> - just specified a range of 2 e.g. 192.168.0.2 to 192.168.0.3 - then
> statically assigned them to the 2 mac addresses on the network - it
> seems happy enough, I'm just not sure if it has any other
> implications, or causes any problems
>
>
>
Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't set
my laptop to a 192.168.0.10 and try connect to your network.
"DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
news:Xns989A52B8ADBFCthisnthatadelphianet@194.177. 96.78...
> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
> news:Znrgh.7535$493.6425@newsfe4-gui.ntli.net:
>
>>
>> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
>> news:Xns9899B1C249CA8thisnthatadelphianet@194.177. 96.78...
>>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>>> news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
>>>
>>>> As part of the security on my wireless router, I have restricted the
>>>> IP addresses to 2 and staticly assigned them to the 2 devicese on my
>>>> network.
>>>
>>> How did you restrict the addresses to 2 ?
>>
>> Theres an option in the DHCP menu of my router IP range start & finish
>> - just specified a range of 2 e.g. 192.168.0.2 to 192.168.0.3 - then
>> statically assigned them to the 2 mac addresses on the network - it
>> seems happy enough, I'm just not sure if it has any other
>> implications, or causes any problems
>>
>>
>>
>
> Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't set
> my laptop to a 192.168.0.10 and try connect to your network.
Sorry Dan but I don't understand, am I missing something??
If I specify a range of 2 IP addresses and statically assign them to 2
devices, how can anything else gain an address?
On Fri, 15 Dec 2006 17:54:56 GMT, "Rick Stevens"
<rick-stevens@ntlworld.com> wrote:
>> snipped
>>Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't set
>> my laptop to a 192.168.0.10 and try connect to your network.
>
>Sorry Dan but I don't understand, am I missing something??
>
>If I specify a range of 2 IP addresses and statically assign them to 2
>devices, how can anything else gain an address?
>
Rick,
What Dan is saying that there nothing to stop anybody sniffing your
network and then manually setting an IP address.
"nemo2" <me2@privacy.net> wrote in message
news:kpu5o25k5ijtvpvei3a0ujr79mhfjjacer@4ax.com...
> On Fri, 15 Dec 2006 17:54:56 GMT, "Rick Stevens"
> <rick-stevens@ntlworld.com> wrote:
>>> snipped
>>>Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't
>>>set
>>> my laptop to a 192.168.0.10 and try connect to your network.
>>
>>Sorry Dan but I don't understand, am I missing something??
>>
>>If I specify a range of 2 IP addresses and statically assign them to 2
>>devices, how can anything else gain an address?
>>
> Rick,
>
> What Dan is saying that there nothing to stop anybody sniffing your
> network and then manually setting an IP address.
>
> regards
>
> nemo2
I understand the part about people sniffing the network and possibly finding
the IP start (e.g 192.68.0.x) part Nemo, but if there are only 2 available
IP addresses and they are both taken, I dont understand how another addresss
can be accepted by the router, sorry if I'm being thick, I'm only just
learning about networking.
To clear things up, i was under the impression that if you set an IP range,
DHCP could only assign a device an IP address within that range,once all the
addresses were assigned, no more devices could log on to the network, hence
my network (along with the other precautions I have taken that were listed
in my original post) would be secure from intruders.
On Fri, 15 Dec 2006 17:54:56 GMT, in alt.internet.wireless , "Rick
Stevens" <rick-stevens@ntlworld.com> wrote:
>"DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
>>
>> Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't set
>> my laptop to a 192.168.0.10 and try connect to your network.
>
>Sorry Dan but I don't understand, am I missing something??
You have only restricted the range of IPs available to clients using
DHCP.
>If I specify a range of 2 IP addresses and statically assign them to 2
>devices, how can anything else gain an address?
Someone can still assign a static address by simply changing their
computer's IP configuration manually.
> As part of the security on my wireless router, I have restricted the IP
> addresses to 2 and staticly assigned them to the 2 devicese on my network.
>
> Is this a good idea or are there other factors to consider.
>
> I have already done the other usual things such as used WPA-PSK TKIP
> enclryption, changed the default IP range, and changed the admin password.
After enabling WPA and changing the default password and SSID, fiddling
with IP (or MAC) addressing provides, at best, only miniscule additional
security benefits that aren't worth the hassle.
As others have pointed out, shrinking the pool of addresses handed out
by the DHCP server doesn't really restrict the number of IP addresses
that can use your network. To do that, you need to alter the subnet
masks of the router and other devices. For a two-device network (a
router and one computer), you'd use a subnet mask of 255.255.255.252.
The next smallest standard subnet (with a continuous range of addresses)
you can create is for six devices with a mask of 255.255.255.248.
> To clear things up, i was under the impression that if you set an IP range,
> DHCP could only assign a device an IP address within that range,once all the
> addresses were assigned, no more devices could log on to the network, hence
> my network (along with the other precautions I have taken that were listed
> in my original post) would be secure from intruders.
>
> Have I got this wrong?
Yes, you got it wrong. Most routers will serve any clients in their
subnet, no matter how they acquired their IP addresses. The router only
ignores IP addresses outside its subnet mask, not outside its DHCP
address pool.
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in
news:tcDgh.11783$KT2.2200@newsfe2-win.ntli.net:
>
> I understand the part about people sniffing the network and possibly
> finding the IP start (e.g 192.68.0.x) part Nemo, but if there are
> only 2 available IP addresses and they are both taken, I dont
> understand how another addresss can be accepted by the router, sorry
> if I'm being thick, I'm only just learning about networking.
>
> To clear things up, i was under the impression that if you set an IP
> range, DHCP could only assign a device an IP address within that
> range,once all the addresses were assigned, no more devices could log
> on to the network, hence my network (along with the other precautions
> I have taken that were listed in my original post) would be secure
> from intruders.
>
> Have I got this wrong?
>
> Rick
>
>
Yes, this is wrong.
The DHCP scope does not define what addresses can be used. That is the
job of the subnet mask. DHCP only hands out an available IP address to a
device that asks for an IP address.
The router IP of 192.168.0.1 with a subnet mask of 255.255.255.0 defines
the subnet that can communicate within itself as 192.168.0.1 thru .254.
Just because the the DHCP server only has 2 IP's in it's scope, it does
NOT limit usable IP's, only the IP's it hands out.
As Neil pointed out, is the router SNM is set to 255.255.255.252 instead
of 255.255.255.0, then that subnet only has 4 IP's. .0 being the subnet
ID, .1 & .2 are usable, & .3 is the broadcast.
You have the rtr, and 2 IP devices, which is 3, so it won't fit in a .252
subnet. The next size subnet is .248. Subnet ID of 0, usable IP's of .1 -
..6 and a broadcast of .7.
So there will always be usable IP's that are available in your system.
That is why the rtr needs to be locked down with the other features &
tools it provides.
I also do see why people use DHCP, maybe because that how it is by
default, but on a home network, totally unnecessary. It's not hard to
keep track of less than static 10 IP's.
"DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
news:Xns989AD8982BE42thisnthatadelphianet@194.177. 96.78...
> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
> news:tcDgh.11783$KT2.2200@newsfe2-win.ntli.net:
>
>
>>
>> I understand the part about people sniffing the network and possibly
>> finding the IP start (e.g 192.68.0.x) part Nemo, but if there are
>> only 2 available IP addresses and they are both taken, I dont
>> understand how another addresss can be accepted by the router, sorry
>> if I'm being thick, I'm only just learning about networking.
>>
>> To clear things up, i was under the impression that if you set an IP
>> range, DHCP could only assign a device an IP address within that
>> range,once all the addresses were assigned, no more devices could log
>> on to the network, hence my network (along with the other precautions
>> I have taken that were listed in my original post) would be secure
>> from intruders.
>>
>> Have I got this wrong?
>>
>> Rick
>>
>>
>
> Yes, this is wrong.
>
> The DHCP scope does not define what addresses can be used. That is the
> job of the subnet mask. DHCP only hands out an available IP address to a
> device that asks for an IP address.
>
> The router IP of 192.168.0.1 with a subnet mask of 255.255.255.0 defines
> the subnet that can communicate within itself as 192.168.0.1 thru .254.
>
> Just because the the DHCP server only has 2 IP's in it's scope, it does
> NOT limit usable IP's, only the IP's it hands out.
>
> As Neil pointed out, is the router SNM is set to 255.255.255.252 instead
> of 255.255.255.0, then that subnet only has 4 IP's. .0 being the subnet
> ID, .1 & .2 are usable, & .3 is the broadcast.
>
> You have the rtr, and 2 IP devices, which is 3, so it won't fit in a .252
> subnet. The next size subnet is .248. Subnet ID of 0, usable IP's of .1 -
> .6 and a broadcast of .7.
>
> So there will always be usable IP's that are available in your system.
> That is why the rtr needs to be locked down with the other features &
> tools it provides.
>
> I also do see why people use DHCP, maybe because that how it is by
> default, but on a home network, totally unnecessary. It's not hard to
> keep track of less than static 10 IP's.
>
Ahh I see, thanks for explaining that, I didnt realise that the subnet was
that important.
So realistically even if I drop the subet to 248, Im not going to gain
anything security wise as there are still usable addresses.
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in message
news:oWOgh.7889$493.4243@newsfe4-gui.ntli.net...
>
> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
> news:Xns989AD8982BE42thisnthatadelphianet@194.177. 96.78...
>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>> news:tcDgh.11783$KT2.2200@newsfe2-win.ntli.net:
>>
>>
>>>
>>> I understand the part about people sniffing the network and possibly
>>> finding the IP start (e.g 192.68.0.x) part Nemo, but if there are
>>> only 2 available IP addresses and they are both taken, I dont
>>> understand how another addresss can be accepted by the router, sorry
>>> if I'm being thick, I'm only just learning about networking.
>>>
>>> To clear things up, i was under the impression that if you set an IP
>>> range, DHCP could only assign a device an IP address within that
>>> range,once all the addresses were assigned, no more devices could log
>>> on to the network, hence my network (along with the other precautions
>>> I have taken that were listed in my original post) would be secure
>>> from intruders.
>>>
>>> Have I got this wrong?
>>>
>>> Rick
>>>
>>>
>>
>> Yes, this is wrong.
>>
>> The DHCP scope does not define what addresses can be used. That is the
>> job of the subnet mask. DHCP only hands out an available IP address to a
>> device that asks for an IP address.
>>
>> The router IP of 192.168.0.1 with a subnet mask of 255.255.255.0 defines
>> the subnet that can communicate within itself as 192.168.0.1 thru .254.
>>
>> Just because the the DHCP server only has 2 IP's in it's scope, it does
>> NOT limit usable IP's, only the IP's it hands out.
>>
>> As Neil pointed out, is the router SNM is set to 255.255.255.252 instead
>> of 255.255.255.0, then that subnet only has 4 IP's. .0 being the subnet
>> ID, .1 & .2 are usable, & .3 is the broadcast.
>>
>> You have the rtr, and 2 IP devices, which is 3, so it won't fit in a .252
>> subnet. The next size subnet is .248. Subnet ID of 0, usable IP's of .1 -
>> .6 and a broadcast of .7.
>>
>> So there will always be usable IP's that are available in your system.
>> That is why the rtr needs to be locked down with the other features &
>> tools it provides.
>>
>> I also do see why people use DHCP, maybe because that how it is by
>> default, but on a home network, totally unnecessary. It's not hard to
>> keep track of less than static 10 IP's.
>>
>
> Ahh I see, thanks for explaining that, I didnt realise that the subnet was
> that important.
>
> So realistically even if I drop the subet to 248, Im not going to gain
> anything security wise as there are still usable addresses.
>
> Thanks Guys and sorry for being so thick
>
> Rick
from the depth of thickness comes knowledge.
asking improves your knowledge.
those that do not ask and learn, are the thick ones in life.
those that do not try to understand are the thick ones.
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in
news:oWOgh.7889$493.4243@newsfe4-gui.ntli.net:
>
> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
> news:Xns989AD8982BE42thisnthatadelphianet@194.177. 96.78...
<SNIP>
>>
>> You have the rtr, and 2 IP devices, which is 3, so it won't fit in a
>> .252 subnet. The next size subnet is .248. Subnet ID of 0, usable
>> IP's of .1 - .6 and a broadcast of .7.
>>
>> So there will always be usable IP's that are available in your
>> system. That is why the rtr needs to be locked down with the other
>> features & tools it provides.
>>
>> I also do see why people use DHCP, maybe because that how it is by
>> default, but on a home network, totally unnecessary. It's not hard to
>> keep track of less than static 10 IP's.
>>
>
> Ahh I see, thanks for explaining that, I didnt realise that the subnet
> was that important.
>
> So realistically even if I drop the subet to 248, Im not going to gain
> anything security wise as there are still usable addresses.
>
> Thanks Guys and sorry for being so thick
>
> Rick
>
>
Not being thick. If you don't do computer/technology stuff for work, or
as a hobby, or learn it by taking courses, it can be very confusing and
seem very complex since there's so many details.
Hopefully you were able to undestand my ramblings, I did have a link to
an article about subnetting that for some reason or another, was
extremely well written and made everything very clear and easy to
understand. It was only 2 or 3 pages. As usual though I can't find the
link.
"Rick Stevens" <rick-stevens@ntlworld.com> wrote in message
news:QjBgh.10257$UC.9831@newsfe5-win.ntli.net...
>
> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
> news:Xns989A52B8ADBFCthisnthatadelphianet@194.177. 96.78...
>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>> news:Znrgh.7535$493.6425@newsfe4-gui.ntli.net:
>>
>>>
>>> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
>>> news:Xns9899B1C249CA8thisnthatadelphianet@194.177. 96.78...
>>>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>>>> news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
>>>>
>>>>> As part of the security on my wireless router, I have restricted
>>>>> the
>>>>> IP addresses to 2 and staticly assigned them to the 2 devicese on
>>>>> my
>>>>> network.
>>>>
>>>> How did you restrict the addresses to 2 ?
>>>
>>> Theres an option in the DHCP menu of my router IP range start &
>>> finish
>>> - just specified a range of 2 e.g. 192.168.0.2 to 192.168.0.3 - then
>>> statically assigned them to the 2 mac addresses on the network - it
>>> seems happy enough, I'm just not sure if it has any other
>>> implications, or causes any problems
>>>
>>>
>>>
>>
>> Just because the DHCP scope is limited to 2 IP's, doesn't mean I
>> can't set
>> my laptop to a 192.168.0.10 and try connect to your network.
>
> Sorry Dan but I don't understand, am I missing something??
>
> If I specify a range of 2 IP addresses and statically assign them to 2
> devices, how can anything else gain an address?
>
Rick Stevens wrote:
> "nemo2" <me2@privacy.net> wrote in message
> news:kpu5o25k5ijtvpvei3a0ujr79mhfjjacer@4ax.com...
>> On Fri, 15 Dec 2006 17:54:56 GMT, "Rick Stevens"
>> <rick-stevens@ntlworld.com> wrote:
>>>> snipped
>>>> Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't
>>>> set
>>>> my laptop to a 192.168.0.10 and try connect to your network.
>>> Sorry Dan but I don't understand, am I missing something??
>>>
>>> If I specify a range of 2 IP addresses and statically assign them to 2
>>> devices, how can anything else gain an address?
>>>
>> Rick,
>>
>> What Dan is saying that there nothing to stop anybody sniffing your
>> network and then manually setting an IP address.
>>
>> regards
>>
>> nemo2
>
> I understand the part about people sniffing the network and possibly finding
> the IP start (e.g 192.68.0.x) part Nemo, but if there are only 2 available
> IP addresses and they are both taken, I dont understand how another addresss
> can be accepted by the router, sorry if I'm being thick, I'm only just
> learning about networking.
>
> To clear things up, i was under the impression that if you set an IP range,
> DHCP could only assign a device an IP address within that range,once all the
> addresses were assigned, no more devices could log on to the network, hence
> my network (along with the other precautions I have taken that were listed
> in my original post) would be secure from intruders.
>
> Have I got this wrong?
>
> Rick
>
>
On Thu, 14 Dec 2006 06:54:38 +0000, Rick Stevens wrote:
> As part of the security on my wireless router, I have restricted the IP
> addresses to 2 and staticly assigned them to the 2 devicese on my network.
>
> Is this a good idea or are there other factors to consider.
>
> I have already done the other usual things such as used WPA-PSK TKIP
> enclryption, changed the default IP range, and changed the admin password.
>
> TIA
>
> Rick
WPA-PSK/AES is a better option than TKIP. WPA2 is considered even better.
You didn't mention how long your passphrase is but it should be 20+
characters.
> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
> news:Znrgh.7535$493.6425@newsfe4-gui.ntli.net:
>
>>
>> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
>> news:Xns9899B1C249CA8thisnthatadelphianet@194.177. 96.78...
>>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>>> news:Oy6gh.1828$v4.479@newsfe3-win.ntli.net:
>>>
>>>> As part of the security on my wireless router, I have restricted the
>>>> IP addresses to 2 and staticly assigned them to the 2 devicese on my
>>>> network.
>>>
>>> How did you restrict the addresses to 2 ?
>>
>> Theres an option in the DHCP menu of my router IP range start & finish
>> - just specified a range of 2 e.g. 192.168.0.2 to 192.168.0.3 - then
>> statically assigned them to the 2 mac addresses on the network - it
>> seems happy enough, I'm just not sure if it has any other
>> implications, or causes any problems
>>
>>
>>
>
> Just because the DHCP scope is limited to 2 IP's, doesn't mean I can't set
> my laptop to a 192.168.0.10 and try connect to your network.
He should be able to restrict his network to X number of host adresses
using a subnet mask.
On Sat, 16 Dec 2006 09:23:32 +0000, Rick Stevens wrote:
> "DanS" <t.h.i.s.n.t.h.a.t@a.d.e.l.p.h.i.a.n.e.t> wrote in message
> news:Xns989AD8982BE42thisnthatadelphianet@194.177. 96.78...
>> "Rick Stevens" <rick-stevens@ntlworld.com> wrote in
>> news:tcDgh.11783$KT2.2200@newsfe2-win.ntli.net:
>>
>>
>>>
>>> I understand the part about people sniffing the network and possibly
>>> finding the IP start (e.g 192.68.0.x) part Nemo, but if there are
>>> only 2 available IP addresses and they are both taken, I dont
>>> understand how another addresss can be accepted by the router, sorry
>>> if I'm being thick, I'm only just learning about networking.
>>>
>>> To clear things up, i was under the impression that if you set an IP
>>> range, DHCP could only assign a device an IP address within that
>>> range,once all the addresses were assigned, no more devices could log
>>> on to the network, hence my network (along with the other precautions
>>> I have taken that were listed in my original post) would be secure
>>> from intruders.
>>>
>>> Have I got this wrong?
>>>
>>> Rick
>>>
>>>
>>
>> Yes, this is wrong.
>>
>> The DHCP scope does not define what addresses can be used. That is the
>> job of the subnet mask. DHCP only hands out an available IP address to a
>> device that asks for an IP address.
>>
>> The router IP of 192.168.0.1 with a subnet mask of 255.255.255.0 defines
>> the subnet that can communicate within itself as 192.168.0.1 thru .254.
>>
>> Just because the the DHCP server only has 2 IP's in it's scope, it does
>> NOT limit usable IP's, only the IP's it hands out.
>>
>> As Neil pointed out, is the router SNM is set to 255.255.255.252 instead
>> of 255.255.255.0, then that subnet only has 4 IP's. .0 being the subnet
>> ID, .1 & .2 are usable, & .3 is the broadcast.
>>
>> You have the rtr, and 2 IP devices, which is 3, so it won't fit in a .252
>> subnet. The next size subnet is .248. Subnet ID of 0, usable IP's of .1 -
>> .6 and a broadcast of .7.
>>
>> So there will always be usable IP's that are available in your system.
>> That is why the rtr needs to be locked down with the other features &
>> tools it provides.
>>
>> I also do see why people use DHCP, maybe because that how it is by
>> default, but on a home network, totally unnecessary. It's not hard to
>> keep track of less than static 10 IP's.
>>
>
> Ahh I see, thanks for explaining that, I didnt realise that the subnet was
> that important.
>
> So realistically even if I drop the subet to 248, Im not going to gain
> anything security wise as there are still usable addresses.
>
> Thanks Guys and sorry for being so thick
>
> Rick
Turn off your DHCP server and set your subnet mask to allow only 2 hosts.
That way no one can dynamically obtain an address from your network.
"johnny" <johnny@nowhere.us> wrote in
news:aoghh.563$pQ3.527@newsread4.news.pas.earthlin k.net:
>>>
>>> I also do see why people use DHCP, maybe because that how it is by
>>> default, but on a home network, totally unnecessary. It's not hard
>>> to keep track of less than static 10 IP's.
>>>
>>
>> Ahh I see, thanks for explaining that, I didnt realise that the
>> subnet was that important.
>>
>> So realistically even if I drop the subet to 248, Im not going to
>> gain anything security wise as there are still usable addresses.
>>
>> Thanks Guys and sorry for being so thick
>>
>> Rick
>
> Turn off your DHCP server and set your subnet mask to allow only 2
> hosts. That way no one can dynamically obtain an address from your
> network.
I have this application on my PC's, laptop, palm, PDA, and cell phone.
<http://www.wildpackets.com/products/free_utilities/ipsubnetcalc/features>
<http://www.wildpackets.com/products/free_utilities/ipcalc_palm/features>
or the kitchen sink:
<http://www.wildpackets.com/products/free_utilities/net_calc/features>
"johnny" <johnny@nowhere.us> wrote in message
news:dighh.558$pQ3.74@newsread4.news.pas.earthlink .net...
>
> WPA-PSK/AES is a better option than TKIP. WPA2 is considered even better.
> You didn't mention how long your passphrase is but it should be 20+
> characters.
Do you mean the WPA key?
It asked me for 13 charcters - I'll have a look and see if it will accept
more
Wireless Router Security 
Linear Mode
