Welcome to another great episode
right here on ITPRO.TV. You're watching
the CompTIA IT fundamentals. I'm your host Ronnie Wong, and today, we are in a part two on
configuring a wireless router. That means we've already gotten at
least the connection that we need, and that we know that we can get
access into the configuration page. But now to help us set that up,
is gonna be mister Don Pezet. Don, welcome to the show. And thanks for joining me back, Ronnie, and you know we have a laundry
list of chores to do in this episode. [LAUGH] In part one, we got, well we plugged the router in,
which was exciting, phenomenal activity there. [LAUGH] And we managed to get to the administration web page, right? And we verified that technically,
it is up and running. We've got a wireless network,
we've got all that. The only problem was by the end of
the episode all this stuff was done, but it was all at the default values. And unfortunately if we
stopped right there, we would actually be stopping at the same
place as many people throughout the world. And our system would be extremely
vulnerable to attack and misused. So we need to get in here and
tweak some of these default settings, change them to ways that allow
us to browse the web safely, securely, and
with the highest performance possible. So that's all stuff that we're
gonna look at right here in this episode. All right, so Don we've talked about some of
the different configurations that we need to go through, right? Before the show began, but where do we
want to start here and does the order matter in terms of the way that we start? So, if you're in the middle of nowhere and
you're the only person configuring, then your order really doesn't matter,
you can configure however you want. But, for me and for most people you're probably configuring this in
an office building, in apartment complex, or you have neighbors nearby, and
all of a sudden the order does matter. Because the moment
a wireless network pops up, there's plenty of people that are out
there saying I want free Internet. Let me try this wireless network and everybody has some kind
of wireless device. So for me,
job number one is securing the router so someone else can't take it over, right? And that sounds weird, if somebody else
were to join this wireless network right now, it is a default administrative
password that is the word admin. I know it, you know it, from watching this
show and tens of thousands of network administrators across the U.S.
and across the globe all know it as well. Any one of them could try it as
a default password and try and get in. So to me, that's job number one,
that's always the first thing I do. I just got into this router,
let me go change the admin password. If I were to stop there just
change the admin password, an attacker could still get into
my wireless network, right? They could use my Internet but
they couldn't take over the router. And from there I can start to make
other configuration changes and get things tied up. So that's mission number for
me is change that admin password. Now when you go into your router, you'll likely see a summary
screen like I'm seeing here. The summary screen is
great cuz it lets you know whether the connections are working and
so on. Most of them will have links on the left
side that say something like basic setup and advanced setup. And changing the administration password
is typically under the basic setup. On this particular router, it's actually in a different spot,
it's down under Connectivity. In fact, the majority of
the settings I want to configure, are all under this connectivity menu. So it may not be something that you
just stumble through and figure out. I might not think admin password,
that's under connectivity. It's weird, and
that's where having the user manual for your router comes in really handy. All right, so
I'm gonna go under connectivity. And what we're gonna see here
are things that Linksys considers the bare minimum to get
your router configured. But a lot of the stuff that I'm talking
about is all right here on this one page even,
where I can go jump in and set that up. The admin password is
down here at the bottom. So it's telling me,
I can set a router password. And right now it is, apparent eight stars. [LAUGH] Well, it's not eight stars, it's just obscuring what
is actually typed in there. I can change that password. And so I'm gonna choose edit and I'm
gonna set that to a different password. Now you can make this an easy password,
a hard password, you can make it complex. The key thing here is that, one,
you're the only one who knows it, and two, you don't forget it, right? Cuz if you forget the password,
you won't be able to get in here anymore. And your only option to that point,
will be the reset the router. You reset the router you
lose all your settings. You can still use the router though,
you can never truly lock yourself out of a router,
you'll be able to get back in there. You might just lose your configuration
after you do that, right? Not the end of the world. So I'm gonna type in a password. And I'm gonna use Ronnie's
standard password. And as you're typing it in, notice how this one doesn't
ask me to verify the password? So if I make a typo here,
I can be about to lock myself out. Fortunately they give me a little
eyeball so I can see what I typed and make sure that it's actually
typed the way that I want. You wanna make sure nobody is staring
over your shoulder while you do that, if you're in your home you're fine. And then you can set a password hint and
so I'll set mine to Ronnie's password,
so that I can remember it. If I was using a Linksys smart Wi-Fi
account, it's tied to your email address, so you could always do a password
reset with your email. But here, this is just on the router
itself, there's no way for me to reset the password,
other than factory resetting the device. Now on most routers,
when you make a change like that, and you close the window, you might
think that change has taken effec. But these routers,
they have the bare minimum hardware and impossible to do the job,
that's why they're so inexpensive. They're computers, they have a processor,
memory, storage, motherboard, all of that. But they're cheap because
they have very little memory, they're like at bare minimum. So when you make configuration
changes like these, they typically don't
take effect right away. You need to look on screen for
a couple of buttons, and mine are down here towards the bottom,
where it says, OK, Cancel, Apply. If I say Cancel, it's gonna throw
away that password I just put in. If I say OK, it's going to apply
the password and close this window. If I hit Apply,
it's gonna apply the password and it's not going to close this window. So if I'm gonna continue doing work
in here, I'll want to just hit Apply. And that way the password takes effect and
I stay in this screen and I can keep doing work. So look for those. If you bought a really cheap router,
right, like let's say it's one that's under $50,
when you hit apply it will likely reboot. And that's because the really inexpensive
ones only load their configuration at boot time. And so it reboots, and every little change
you make might be a 30 seconds delay in between, it's super frustrating but
just be aware that does happen. This is actually a pretty nice router,
I believe it costs around $150 or $200 so it's kind of on
the high end of home routers. And so it just applies right away,
but that is a different behavior, you might experience out there. >> Is there another type of password
that we might also need to
think about configuring? There are some other things. Now I was lucky, I should say lucky cuz
I planned it, that when I plug in my Internet connection,
it just started working, right? And if you have fiber internet or cable broadband internet, if you have
metro ethernet or something like that, the odds are you just plug it in and
it works, right? But if you have DSL,
a lot of DSL connections don't just work. When you plug them in,
there's a little bit more to it. Some of them require an internet password. You have a user account
with that provider. So if I get AT&T DSL I have to log in
with my AT&T account to make it work. I can plug in the DSL conncetion,
it'll make the light light up but I won't be able to send any
data over it until I log in. If your connection requires that, than it'll be over here
under Internet settings. If you go under Internet settings, see how mine just says
automatic configuration DHCP. That's what most of us are gonna use. If you have cable, fiber, metro ethernet, they all are just gonna be auto
configured DACP and that's it. On many DSL connections,
it's gonna be the same. That's why this is the default. It works for the most people. But if I edit that,
you'll see it creates a drop-down box, and one of the options in there is PPPoE. That's the point to point
protocol over Ethernet. And a lot of DSL systems will use that,
or you'll actually see another entry in there,
this one just calls it PPPoE, where it actually says PPPoDSL, or
PPPoA, which is PPP over Analog. But there's a couple of different names. But it's all basically the same thing. It's saying, look,
you're gonna connect to the system, but you're gonna provide a username and
a password as well. And so I would put in my AT&T account,
which I don't have. But whatever that account is and
then whatever that password is. And once I've got that in place,
I'll save that, and now it's gonna send that username and
password to AT&T and they'll authorize me relaying
data through that connection. So you may have to configure that. I don't in my scenario,
most people don't, and so we stick with automatic DHCP,
all right? There's a lot of other modes in
there that vary based on router. If you wanna learn more about those, and the Network Plus series really
go into depth on those. But here in IT fundamentals,
usually it's gonna be DHCP or PPPoE. Those are kind of the two. Now technically, I didn't change
anything on this screen, right? But I like to hit Cancel down at the
bottom just to be on the safe side to make sure that I don't save
the changes that I made. I hit Apply earlier when I changed the
password, so if I hit Cancel now, it'll close that window and undo any change that
I made that I hadn't already applied, so I'll just use Cancel to do that. All right, so Don, now that we've actually got that part and
those two passwords, your ration as a wireless network
that's been existing out there and you said we need to change name for that. Sure. And also secure it too. All right, yep, so right now, it's already got wireless up and
running, and I can see that right here
in the connectivity screen. I've got a 2.4 gigahertz and
a 5 gigahertz network, right? What's the difference? The gigahertz, right, [LAUGH] so 2.4 gigahertz is considered a high
frequency RF communication. It's used by several different standards. We talked about these in an earlier
episode, 802.11, A, B, G. Well, actually, wait a minute,
B uses not 2.4. It is 2.4, okay, so and A is 5 gigahertz. Well, anyhow, different standards
use different frequencies. 5 gigahertz is faster, so it can move
more data, but it's got a shorter range. And 2.4 gigahertz is slower,
but it's got a longer range. So depending on where
you are in your home, you might connect on one frequency or
another. Most devices these days support both. You might have older devices
that only support 2.4, or you might have something
that's locked into 5. But usually, it's just about signal
strength, is what it comes down to. So I see these two different networks. And see how Linksys has
given them different names? They don't have to have different names. You can change that. But the default name is pretty generic,
Linksys 06209. An attacker's gonna see that and say here's somebody who doesn't
know how to change the default. That's a network I wanna connect to and
try and guess the default password. Well fortunately, they gave me a default
password here that's fairly complex. So nobody's gonna guess that, right? Unless that's the default password
they use on all Linksys routers. I don't know, maybe it is, right? So I'm gonna wanna get in there and
change those to values that I know. And then I can choose who
I wanna share that with. So I can hit Edit up here, and
I can come in and I can change the name. Now the 2.4 and the 5 gigahertz networks,
they don't have to have different names. You can give them the same name. If you want people to be able to
automatically switch between one and another, if you give
them the same name and same password,
most systems will be able to do that. If they're a different name and
password, people will have to pick. Do they wanna go 2.4 or
do they wanna go 5? And maybe you want that, right? Maybe you've got one of those little
boxes on your TV that's doing Netflix, and you're wanting to do
the ultra HD on the 4K, right? And it's over wireless, so you want it to
be on the 5 gigahertz because it's faster, and you know it's nearby to the router. But then for your cellphone, you wanna
be able to roam all over the house and you're not really worried
about it being super fast. So you might want it to be on the 2.4. If you give them separate names, it makes it easier to pick which
one you're connecting to, okay? So I might come in here and
call this DonsWiFi-2.4. Actually, I don't remember if
it'll let me do a period or not. Well, you know what, we'll try. And then the other one, I might
choose to rename that DonsWiFi-5, or you know what, I might call it Fast and
Slow, or something like that. You know what, whatever it is that
you wanna call it, it's up to you. You can actually do a lot
of things in the name. I mentioned that I might
not be able to do a period. I can't remember if I can do a period or
not. You can do spaces. In fact, just looking at some of the
wireless networks in our own building up here, which I've turned my WiFi off,
so let me turn that back on. But if you look at some of the WiFi
networks here in our own building, like Gainesville Dev Academy,
it's a pretty long name. Whoops, [LAUGH] it's a pretty long name,
and it's got spaces in it. ITProTV-Guest has a hyphen in it. You'll see JR Companies, where they've
actually got that 5GHz one showing up. So it's kind of up to you what
you wanna put in that name. You just wanna make it
where it's recognizable so that you'll know which is which. So you can name those and
then the password. The passwords can be the same. They can be different. That's up to you. So I might make mine password123,
probably not the best password to use. But I'll go ahead and punch that in there. So now when somebody wants
to get on my network, I can share that password with them,
and it's not the default password. It's not what Linksys set or
Netgear set or whatever, it's one that I
set the way that I want it. So I'm gonna get that put in place, and
I'm gonna come down here and hit Apply. And it's giving me a warning here
that I'm about to change my network. Now, why is it giving me
a warning when it didn't before? Well, this is the first change I've made
that could potentially disconnect me from the router. If I'm connected to the wireless
network already and that's on configuring it,
what's gonna happen when the name changes? I'm gonna get disconnected, so
it's reminding me of what those settings should be, right, and
just letting me know. It's what I chose, so
I'll just say yes to that. And it's gonna take effect. Now it says your router's
applying changes. It might have to reboot. In my case I don't think it actually
reboots, cuz it's a little too fast. I think it's just turning the antennas
off and turning them back on, but many routers will reboot at this point. So it could take 30 seconds
before that takes effect. How do I know it works? Well, I can watch the lights on
the front of the router I suppose. Eventually this webpage will refresh,
right now the webpage is kinda stuck. I can also go back out here and just
watch for the wireless networks, right? Eventually, these Linksys
ones will go away, and there's DonsWiFi-Fast showing up, right? So there's those new networks popping up. And I can even try and connect. So if I connect to that network,
it's gonna prompt me for the password. And I'll punch in password, whoops,
I will try and type password123. And make sure I typed that right. And then I'm gonna go ahead and join it. And once I get connected, I'll see my
little wireless symbol up here go solid, assuming that it works, and
then I'll know that I'm connected. There we go, and so now I'm on it. And I only saw DonsWiFi-Fast a moment ago. Now I see DonsWiFi-Slow is showing up. And the other old Linksys networks,
they've disappeared, right, so I know my change took effect. I'm able to connect, and if I jump back
over here to the router, there we go, now my user interface is moving again. It finished that reset and
I'm back in business. So now I've got a different
admin password, and I've reconfigured my Wi-Fi to use my own
name and password that I wanted to use. And now I've got a device that I don't
have to worry about strangers jumping on or attackers taking over. We're in a pretty good spot. All right, Don, now, as we have actually now seen that
we've got everything fairly secured. You had mentioned in the previous
episode that we might also in our initial configuration Have to
think about the firmware updates. How important is this? All right, so this is also pretty important. I mentioned we're in
pretty good shape here, attackers can't compromise my router. Well, they can't if they're doing
things the normal way, right? But hackers don't do
things the normal way. They always try to find flaws, weaknesses,
vulnerabilities in our hardware, some way to be able to get in, right? And that happens there is bugs in
some routers, the little problems and the hackers figure those out
then they're able to get in and we need to be able to protect from that. Also sometimes it's just other general
issues like maybe a new law comes out the FCC passes some statute,
and all of a sudden, the router manufacturers have to
change some setting on the router. And so they will frequently push
out updates, firmware updates or software updates, that either fix problems
or improve the security of your router. And the reason I mentioned it in the last
episode is back here on my homepage, there's a little status window here
that's showing me that I am connected to the Internet. And it's alternating between two pages, the second page is telling me there's
a firmware update available, right? It's telling me there's something new for
this router and I can click here to learn more. And if I click over here it's checking for a firmware update and it's telling
me there is a new firmware, right? Now it's available,
I can install it if I wanted. I'm running 2.0.1.182461, and now there's a 2.0.2.188405, it is a long version. That is. So really it's going from 2.0.1 to 2.0.2. The first two, that's a major version, it would be a big deal if we were
going to three point something. Then you have a minor version, right? If we were going from 2.0 to 2.1, that's usually like adding features,
but this is 2.0.1.something. That is considered a subversion and subversions are normally bug fixes and
security fixes and these are important. A bug fix'll make sure the router
is working most of the time, that it's not like rebooting randomly or
dropping connection when it shouldn't be. Security fixes are fixing
little back doors or flaws that attackers have found
to keep your device secure. Now, I'll be honest with you most people
can figure a router, turn it on, and never look at it again as long as it works,
maybe they reboot it once in a while. They never do firmware updates. Many, many people are running
routers that are two years old, never been updated a single time. It's easy to forget about it. So a lot of vendors have started doing
this, building in automatic updates. Where the router will automatically
reach out and download updates. But even when you do that,
the router is normally waiting for sometime when the network is idle right? Usually in like in the middle of
the night, it will reach out and do that update. But if your trying to use the router and
all a sudden it reboots for an update you lose connectivity. So you've gotta make a choice, do you want
the convenience of automatic where it updates itself or
do you wanna do it manually? And then you have to remember every so often to log in and do the updates,
where I find that I generally forget. So if you wanna be on the safe side,
you can check out for automatic and now it's going
to periodically reach out and if it finds enough data it
will automatically apply it. And then it will reboot when it sees
the network at its lowest utilization or some of them allow you to set a time. You might actually see a field down here
and you could say I wanna do it at 3 AM and so when you enable that
setting you then pick the time. This one doesn't it just looks for
idle time, remember all your traffic is going through the router, so it knows when
the network is idle and when it isn't. It's got a pretty good idea of that and
it can make sure to do that accordingly. So for me I can just choose that, I could
actually go and install this update. Now I don't really know
anything about this update, it's possible this update doesn't
fix anything I care about. Here in the United States, a lot of the
time we'll see these firmware updates and it'll say, adjusted the antenna for Canadian carrier bell or
something like that, right? And it'll be some Canadian law or setting that's important if you're in
Canada, not important if you're in the US. And somewhere in Canada there is
an IT instructor who's delivering the same course and saying. We get these updates in Canada,
and half the time, it's fixing something over in the US,
right? So that happens, these routers
are sold in more than one country. But just as often as that, it will be
a security fix that everybody cares about. If I click to install it, it's just gonna
jump right in and try and do the install. If I wanna learn more about
that firmware update, that's where I need to
go the vendor's website. Remember back in part one, I talked
about going and getting the manual. Well, here is the manual,
I went to the Linksys support web page and I pulled it up and here's the PDF. Right beside it is downloads/firmware. And if I had chosen that it would take
me to a page where I could start to see the various versions of firmware that have
come out, and there was a version 1.0, now we're on version 2.0. And here's the 2.0.2.188405
that I'm about to download. It actually came out May 15th, which is embarrassingly, that's like seven
weeks ago from when this was filmed. So this update's been out for a little
while, and it's got release notes. And I can look at those release notes
to figure out what changed, right? So what is new in this update, right? So here it is and it's telling me, do not
install this on a version one router. Mine's a version two router so I'm fine. Don't power cycle during the update, but then here it's telling
me what it did first. It added support for Winbond,
Micron, and MXIC Flash. Okay, so that's talking about storage
that you add to those USB ports. I'm not using that, so
I don't really care about it. Modified the firmware update
download directory, all right, so when it downloads firmware,
it puts it somewhere different. Again, doesn't really help me. General bug fixes,
that's a different story, right? I don't want bugs, bugs make a router
reboot or make it not send data, I would like that fixed. I'd like a better description than
general bug fixes, but that'll do. If I look at some of the older ones
though, like the update that I'm running. I can see Patched WPA2 KRACK vulnerabilities when operating
in Wireless Bridge mode. That's a security vulnerability an
attacker could use to get into the router. I definitely want to be
running that update, right? Which, let's see,
is that what I'm running? I am running, maybe site note of this, and I'm running 188405 and
going back to the release notes. 188405 would be newer than this one, so I am patched for that, but
now there's an even newer one. Wait, sorry, I got the wrong number,
let me go back over here. So I'm currently running 182461, and so if I go back over here,
try not to get motion sickness. 1824, I'm actually running
this one from July of 2017. That means that my router right now is
vulnerable to WPA2 crack attacks, right? I've got a vulnerability and
as an end user, you don't have to be
a security researcher. You don't have to dig
through these release notes. All you have to do is make sure
you hit that update button and it'll reach out there and do the updates. So that's exactly what I'm gonna do. I'm gonna go back here and
I'm gonna turn on automatic updates so I don't have to worry about it again. And I'll hit that Check for Updates. It's gonna check and
find that there's an update. I'm gonna go ahead and hit Apply real quick just to make sure
that it saves the automatic setting and then I'm gonna go ahead and click here
to install and we're gonna do it. Now, it warns me that it is gonna reboot. It's gonna download the firmware
from Linksys, put it on the router, and then reboot. This process usually takes a solid five,
maybe even ten minutes because the memory that's inside of
the router doesn't write very fast. While it's doing this process,
it's important not to interrupt power. They usually just have enough memory
to store the operating system, so what it does it deletes the old operating
system to make room for the new one. If you lose power in between it's already
deleted the old operating system, and now your router's non-functional. And so you'll have to call them and they have a recovery procedure where you
put the operating system on a USB key and stick it on there, but
it's a frustrating nightmare. It'll take us all two hours to
get this back up and going, you don't wanna do that
if you can avoid it. But at this point, it's downloaded that
firmware, and now it's going to apply and it's telling me my router is rebooting,
don't mess with it, right? This may take a few minutes, please
wait until the reboot is completed, so it's completed. So at this point I mean,
you can watch the front of the router, and the lights will flash. But the lights don't really mean a whole
lot while it's doing a firmware update, because the full operating system isn't
running, so you really just have to wait. And what I normally watch for,
is the wireless networks. That if you watch for
the wireless networks, when it actually reboots
they'll disappear. And then it does the update, and when it boots back up the wireless
networks will reappear again. So you can kind of watch that, or
your status and kinda see what's going on. See how Don's WiFi faster and
slower showing up, and I just got kicked out, right? So it kick me out and
now I don't have a re-skin for network, because I lost it the router is rebooting, but when it's done those
networks will show back up again. [INAUDIBLE] I'm gonna show it up
right now, but I'm disconnected, so we'll have to wait and see. Yeah, they keep kinda disappearing,
I just jumped over to the ITProTV network, cuz it's still up and running,
my system did that automatically. So that process is gonna happen,
but when it's all said and done, my router has a new admin password, it's got a customized wireless
network name and different password. And I'm on the latest firmware,
so I know my device is secure, safe and
now I can put it in production and know that I'm in good shape. All right Don, well thank you again for helping us to think about more than
just the idea of connectivity, but also the idea of security as well
when we set up a wireless router. All these are important steps
that we want to consider as we're setting this up not only for
our home networks, but if we're also going to be doing this for
another company as well. These are things definitely that
are on our mind to actually think up. All right Don, last words on any type of
security or additional configuration. A couple of things, the firmware actually just finished,
Yes. While you were talking so it went really fast. And so when I say okay, things
likely won't look any different, but I do see that I am looking at
a current version of 2.02 now. So I know that I'm safe, everything
else here is pretty much the same, so nothing too crazy and special there,
but we're back up and business. The other thing is, we really just
scratched the tip of the iceberg, we did the minimum. What I just showed you is the minimum you
should do on every wireless router that you configure, but there's a ton of other features in here
like the media server I mentioned earlier. I might wanna customize my IP network,
I might wanna set up DMZs or port forwarding to allow an Xbox
to communicate with Xbox Live. I might wanna set up all sorts of
crazy things like that, those features are available in your router it just
requires more advanced knowledge. So if you wanna learn more about that, the
network plus series is really the place we dive into that stuff, and
I get into it in-depth. But what we've seen here, common
settings everybody should be be doing. All right Don, thank you again, and thank you also for watching,
signing off for ITProTV, I'm your host Ronnie Wong. And I'm Don Pezet. Stay tuned right here for more of your CompTIA IT Fundamentals show. [MUSIC] Thank you for watching ITProTV.
