Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: hubsonfire on April 15, 2008, 12:10:44 PM
-
Having got my vid card issue resolved, having cleared the house of the Fiber installmonkeys, I need to get a LAN set up. It has been so long since I had a network, that I'm pretty much back at square one, so I thought I would see if there was a consensus on hardware.
Is there a brand/model of router that is usually more reliable than others, and conversely, are there those which are often garbage? Can I get by with a router alone, or do I need a separate firewall as well? What are some features I should look for and avoid?
This PC is pretty much my web browsing/gaming/daily communications box, but the other PC(s) are for the family business, and having them secure (or at least as secure as one can reasonably be while connected) is important. I probably wouldn't bother with them, except that I have to have access for Quickbooks, and a networked printer would also greatly simplify things, since I have to periodically do the cable shuffle to get some obscure thing or another printed.
Any recommendations, or can I just run down to the nearest bigboxstore and grab the first thing I see on the shelf? Also, what are some things I need to do once I'm set up? Change passwords, settings for AH port usage, anything else? Your advice and experiences are appreciated.
-
Netgear DG834, fast, cheap, good wireless reception, easy setup, plenty of features for when you need them later (eg builtin VPN server) :aok
if you've got a few people using the net while you're playing, maybe have a look at a "gaming" router with QoS so your connection wont be lagged out by other people. haven't tried em but I've heard good reports on D-Link gaming routers. you will pay extra for it though...
-
I've got your basic Linksys wireless router. I've got 2 desktop PC's and a network printer wired to it and have a laptop connected wirelessly. It's been running for 5-6 years now. I did have the same router before this and had an issue with the power cable but this one's worked fine.
It's got a NIT firewall built in and you can set up passwords and either 64 or 128 Bit encription if you want (I do for my laptop connectivity).
It's also very easy to share resources across the network but data transfer rates from machine to machine are a little on the slow side so you don't want to move large amounts of files this way through copy/paste. Connectivity to the Internet is not slowed by the router though.
-
It's got a NIT firewall built in
:D
Got a headlice problem baldeagl?
hubs what budget, and what features are you looking for?
-
I have a POS D-link router (I know, I know.. but's it's been working great).
I have three computers connected wirelessly, all three with el-cheapo 'generic' wireless PCI cards. Might not be the most desirable setup, but it's been working fine for me, and until things start to break I really don't see the need to change them.
Keep in mind... internet speed is typically much slower than the fastest LAN speeds (even for wireless), so don't worry about this limiting your speeds. Example... my router is capable of 100Mbps wired, 54Mbps wireless. My internet is 10Mbps. No problems there.
Your router will need to be configured with a public AND a private IP address. The public is what you are assigned by the ISP (it'll typically be something like 10.200.41.163). If you are assigned a "dynamic" IP through your ISP, you have to set the router up as such. The private IP is what the computers in your house will see, and it will be set to something like 192.168.1.1.
If you want security, set up WPA or WEP encryption in your router, turn off DHCP, and configure each computer manually. Your IP Address contains network AND client information.
Example: 192.168.1.1
192.168.1 is the network identifier (on a typically class C network which is probably what you'll want to build)
the last .1 is the computer identifier (this must be different on each computer).
So if you use, for example, 192.168.1.1 for your router's IP, then the computers will have to be something like..
#1 192.168.1.2
#2 192.168.1.3
#3 192.168.1.4 etc...
(I have mine set to .101, .102, .103 to make it a bit easier to remember).
Each number between the dots has to be between 1 and 254.
Personally I preferred to change the default IP of my router to a different address (Something like 192.168.123.1).. but as long as all the computers follow the same number scheme, that's all that matters.
If the printer has a network connector, you can just plug it in and assign it a similar IP address, but if you have to connect it to one of the computers you have to SHARE it, and assign a share name to the printer... then on the other computers add a network printer to the computer's IP it is connected to, and it's share name (Example.. 192.168.1.200/printer). The only drawback to this is the computer the printer is connected to has to be booted up for other computers to print to it.
DNS... assign the PRIMARY DNS address of each computer to the same private address of the router (192.168.1.1 for example). Assign the SECONDARY DNS addresses to the ISP's DNS settings (same thing you'll set the router to if it's not dynamic).
GATEWAY... assign the GATEWAY address of each computer to the router's private address (again.. example.. 192.168.1.1)
SUBNET MASK... this number determines which values of the IP address refer to the network.. and the computer's parts. 255.255.255.0 (considered a class "C" network) means that ALL of the first three numbers are network identifier numbers, and all of the last number is for the computer identifier. Make sure, for the public settings on the router, you match the specifics the ISP gives you (unless this is dynamic)... it gets complicated, but a mask of 255.255.128.0 and 255.255.255.0, even with the same IP address, can mean something completely different. On the private router settings, set this to 255.255.255.0, and on all of the computers set this to 255.255.255.0
SECURITY... like I said.. keep everything as non-DHCP as possible. DHCP gives the router the ability to assign each computer their own network settings automatically, which is convenient.. but typically not necessary on a home network, unless you use laptops at work and at home.. or constantly have different computers in the home... or use devices that require DHCP (Example.. I use VONAGE phone service, and my phone modem requires DHCP). In my example I set up a rule in my router to enable DHCP, but only with one single IP address to give out (192.168.123.200 for example), and also to ONLY assign this IP adress to the specific MAC address of the phone modem.
A "dynamic" internet connection between your ISP and your router is basically them using DHCP to give your router the applicable settings. With this setting, your router's public IP address, DNS settings, GATEWAY settings, etc... can change each time you get on the internet (or even while already on!)
Also on each computer, set up a user password... even if there is only one user in it. This way, if someone manages to get through your router to a specific computer, they still need the password at that point (yes I know there are ways around this as well.. but if someone wants into your network SPECIFICALLY, it gets very difficult and at times expensive to secure it further... this is just one more step to make it more difficult for them).
Following these steps, as well as enabling WEP or WPA encryption on your router, is typically enough to deter the vast majority of hacking threats out there. If you want to take steps further you can turn off ping returns at your router, shut the doors on all of the ports (and open as you need to), and install software firewalls on each computer, but personally I've found this to be more of a pain than it's worth, for the most part.
Ever hear the saying "If you don't want your car broken into, don't keep anything expensive inside of it"? Well the same thing applies here. There's nothing on my computer that I can't afford to lose, so keep this in mind.
-
:D
Got a headlice problem baldeagl?
hubs what budget, and what features are you looking for?
I'm looking at Netgear's RP 614. Readily available here in town, cheap, 2 firewalls. I'm not looking to go wireless at this time, due to cost, and the lack of available card slots in the business PC. The printer I have currently is hooked up to the business PC (until I upgrade printers), and the PCs are only about 8' apart- simple matter to plug a cable into both, and sharing the printer isn't difficult to do, IIRC. I think I'm going to put the 3rd box on a KVM switch, and tie it to the other PC, so that's not really a concern now. As long as the thing performs consistently, and I can easily set it up and make some basic adjustments, I'm not really sure which other features I should be looking for. We're not doing anything too serious on these PCs, so anything that offers us more security than a direct connection, and a little more functionality than a simple switch, and doesn't cost a great deal will probably be more than sufficient. Anything too sophisticated will be wasted on me at this point in time. :confused:
-
In all honesty, you can toss away a lot of the security issues by simply tossing the use of Internet Explorer. Even better would be to load up Firefox with an extension called NoScript.
-
Hub, these things are pretty simple. Whatever you get will probably be just fine.
When I set mine up I just ran the software and it walked me right though it. No problems.
Isn't the HW firewall called a NIT firewall? I might be wrong but it's something like that.
-
If you're looking for a hub with wireless, then I'd recommend the D-Link DIR-625. Do not buy the D-link DIR-615, it's not very good. The DIR-625 has excellent reviews. It has nat protection, Runs 'N', 'G', and I believe also 'B' and 'A', if ya need the older wireless.
Goes on sale quite often for $79.00, (usually $99.00). NewEgg has it for $71.99, with FREE 3-day shipping currently, but that may not last long.
http://www.newegg.com/Product/Product.aspx?Item=N82E16833127220&Tpk=dir-625
I have heard some complaints about their tech support, being not as good for beginners and non-tech types, but if you feel comfortable setting up your own network, I suspect you won't have any problems.
I've been using Linksys for years, and I've been getting more and more frustrated with their performance. I strickly run a wired-network, but some of my clients run the wireless. I've noticed more and more connection drops by the linksys routers, which made me look into another brand for my next upgrade.
Do a review search on the D-Link DIR-625 and you can get a pretty good idea of how it runs for yourself.
Wabbit
-
I've been using Linksys for years, and I've been getting more and more frustrated with their performance. I strickly run a wired-network, but some of my clients run the wireless. I've noticed more and more connection drops by the linksys routers, which made me look into another brand for my next upgrade.
Thats the very nature of wireless though, what do you expect from a half-duplex contended medium where hundreds of other devices use the same chunk of airspace?
NAT is a given on any router, if a product 'upsells' NAT protection as a feature then it makes me wonder then that product probably sucks.
SPI (Stateful Packet Inspection) is what you should look for as a minimum, even better if the product is ICSA rated.
Wireless N is snakeoil, B/G are OK, A is for awesome.
-
This (http://www.newegg.com/Product/Product.aspx?Item=N82E16833122008&Tpk=rp614) is what I'm thinking. No need for or, interest in, going wireless at this point- as mentioned, the PCs aren't going anywhere, aren't far apart, and wired would be a good bit cheaper.
-
This is the one I'm using. It looks to be similarly priced to the one you're looking at but will give you wireless capability down the road if you ever want it.
http://www.newegg.com/Product/Product.aspx?Item=N82E16833124010 (http://www.newegg.com/Product/Product.aspx?Item=N82E16833124010)
-
These are good little boxes: http://www.amazon.com/U-S-Robotics-USR8200-Firewall-VPN/dp/B0000A1EES/ref=sr_1_70?ie=UTF8&s=electronics&qid=1208394680&sr=1-70
Those netgear ones look underpowered.
-
These are good little boxes: http://www.amazon.com/U-S-Robotics-USR8200-Firewall-VPN/dp/B0000A1EES/ref=sr_1_70?ie=UTF8&s=electronics&qid=1208394680&sr=1-70
Those netgear ones look underpowered.
Vulcan,
Those specs look quite good, but the user reviews at Amazon are all 1 out of 5 stars. Do you have personal experience with this model?
-Llama
-
These days I have been getting clients a Linksys WRT54GL (the linux-based firmware version) for around $70 at newegg, and then replacing the firmware with the Open Source DD-WRT (http://www.dd-wrt.com/) firmware, which adds the features of a much more expensive router to the humble Linksys.
Its what I run at home these days too, and I've very VERY happy with its performance and feature set.
I wish it was Draft-N, but that's pretty much the only drawback. It allows for IPSecVPN (or Open VPN), a SSH secure proxy server, CPU overclocking, increasing the radio wattage to almost 10 times the default settings (add a heatsink if you go that high!), SPI of course, and even esoteric features like setting up a public open WiFi hotspot that doesn't touch your local LAN. Heck, you can even telnet/SSH into it and modify settings from the command line, but it has an excellent web GUI too.
I can have several torrents running on one machine, run a webserver and mailserver on another, have my wife buying itunes music on her machine, and play AH on the gaming machine with narry a blip or hiccup.
Good stuff.
-Llama
-
Vulcan,
Those specs look quite good, but the user reviews at Amazon are all 1 out of 5 stars. Do you have personal experience with this model?
-Llama
LOL didn't notice those, yeah we distribute them in NZ. I don't delve into the low end stuff that much, but feedback I got was that it was extremely good for connections greater than 5Mbps. People had complained about the vpn performance, but any low end box without a cryptographic accelerator is going to struggle (wtf do they expect for that price?).
I like the fact it has ALG's as well.