USB Wifi

I got curious after reading the Nintendo USB wifi thread about using usb wifi at home to network my fiance's laptop to my desktop.

We have a cable modem that Id like to share with her as simply as possible. However, I dont want to open myself up to leeching.

So, how do I protect myself from leeching? Do I just unplug the usb wifi from my desktop when she isnt using the net on her laptop?

I do have an admin account with password with XP sp2 on my desktop. Do I have to make a user account for her? I would assume if I do, that she would then have to make an account on her laptop that matches the account I make for her on my desktop.

Edit - re-reading your thread, I'm wondering if you want to use XP's Internet Connection Sharing (ICS). You'll need two wifi adapters running in ad-hoc mode to do this. Besides some PSP gaming, I don't have a ton of experience setting up ad-hoc wireless networks, but I don't think there's a way to secure the communication between the devices. Yes, you can unplug the adapter on the desktop to stop the sharing, but when it is connected, I believe anyone can jump on the ad-hoc network.

You'll need an access point first and then the USB adapter for the notebook. The access point is typically going to be a wireless router. I don't know what your setup is currently, but if you only have the cable modem plugged directly into one PC, you'll need to get a wireless router.

After you get the router, you have a few options as to how to lock it down. First thing you should do is change the admin password on the router from the default. You will also want to change the SSID, and possibly disable the SSID broadcast. This will make your wireless access point (WAP) not show up on a client who's browsing for available networks. Now you want to control who can connect to the WAP, if they know the channel and SSID. You can use WEP to create an encryption key using a passphrase. Without the passphrase, you cannot connect to the access point (the router). The same goes for WPA-PSK (I use this option). This will also encrypt the data going over the air (although WEP is considerably less secure now). You can also lock down the wireless access by setting an access list. This basically limits what machines are allowed to connect to the access point by MAC address. This can be a bit of a pain if you ever plan on having friends over or additional wireless devices connect because it's all manual.

Once that is setup, you'll need to install the adapter on the laptop with admin rights. You can configure the settings as admin, and they will carry over to a non-admin account. That's how I set my mother's PC up, and she definitely doesn't need admin rights on her PC.

If you have any other questions, or this seems like Greek, send me a PM and I'll go into more detail.

1) Get a wireless router
2) Use WEP and MAC filtering (Nintendo DS supports WEP)
3) Your fiance's laptop will access the router wirelessly and so will Nintendo DS. Profit !

P.S. Disabling SSID broadcast doesn't increase your security to someone intent on finding a wireless network, and it confuses Windows XP's wireless zero config service.

P.P.S. Nintendo's USB adapter is specialized for Nintendo DS and it may not work for "just sharing Internet". Hence the router advice - much more reliable.

shihonage wrote:

P.S. Disabling SSID broadcast doesn't increase your security to someone intent on finding a wireless network, and it confuses Windows XP's wireless zero config service.

True, but it does prevent your neighbors, who might just be browsing the available networks from trying to attach to your's. Even WEP isn't going to stop someone determined from getting onto your network.

Hemidal wrote:

True, but it does prevent your neighbors, who might just be browsing the available networks from trying to attach to your's. Even WEP isn't going to stop someone determined from getting onto your network.

The first thing "someone determined" will see is your wireless network, whether you hide it or not.. WEP does work very well on the neighbors who are "browsing", without confusing Windows Zero Config service. Plus, it is marginally harder to break WEP than merely scanning SSID-less networks. Heck, I have a crappy card with proprietary driver (sigh) that shows me SSID-less networks by default. WEP is quite simply a better "marginal security" option.

shihonage is right about disabling SSID - it's basically useless. The only arguable advantage is that it doesn't add the kind of traffic overhead WEP does.

However, I will dispute his recommendation of MAC filtering as being useful, because it is actually useless for the exact same reason turning off SSID broadcasting is useless. SSIDs can be discovered by sniffing out a packet going over the air. Well, MAC filtering is defeated the exact same way - every Ethernet packet has the source and destination MAC addresses right there in the header of the frame added by the data link layer. It's just as easily sniffed out.

WEP is the way to go, and it doesn't hurt to add MAC filtering to the equation (it just makes for one small extra step in the cracking process) if it makes you feel better.

I said that the combination of MAC filtering and WEP encryption is the best you can do without introducing problems with either Nintendo DS connectivity or Windows Zero Configuration Service. That is all.