Monthly Archives: November 2016

Steps to Backup Your Linksys Wireless Router Configuration

Setting up your Linksys wireless router is easy using the Secure Easy Setup (SES) as it steps you through the configuration of creating an SSID, security settings, and connection information. Outside of SES, you probably have created a secure router password and setup MAC filtering.

Then one day your router stops working and you must reset it back to it’s default settings, losing all the configuration information. Not a problem if you have a backup of the configuration that can be easily imported back into the router.

If you have not changed your wireless router IP address, connect to your router with the URL: HTTPS://192.168.1.1 and log on. Once you have connected to the administration interface, select from the menu: Administration – Config Management.

Then click on the Backup button and select the destination to save the file (consider saving it CD or USB drive for safe keeping).

If there is a need to restore the settings, first select the browse button and navigate to where you saved the backup file, then select Restore to import the configuration back into the router.

Wireless Adapter Backup

If you have a Linksys wireless adapter installed in your PC, you can also backup the configuration. Open the Network Monitor from the System Tray (green icon next to the clock) and select the Profiles tab at the top, then select Export and save to the same location as above with the router backup.

If you need to restore the adapter configuration, just select Import from the Network Monitor.

Simple Step To Tell If Someone Is On Your Wireless Home Network

You heard the old saying “were not alone”. Well, the same can be said about your Wireless Home Network.

Have you ever wondered if someone else is on your network, with out your knowledge, watching every site you visit or stealing account information from your GMail or bank account?

Sure you probably went to great lengths to implement and secure your wireless home network, but any Network Security professional will tell you NOTHING is bullet proof.

While nothing is bullet proof, being proactive with monitoring can catch the un-wanted guest…off guard.

So what can you do to monitor and identify if someone is wondering around on your home network?

You can use some simple tools, when combined, will help you see your Network and give you a view of who’s online.

NOTE: With these tools chances of identifying someone on your network increases, but will NOT prevent them from gaining access to your Network. Other tools exist than described in this article, but the goal is to show you the different type of tools and how to use them.

1 – Firewall Logs – is a good place to start. If you have a Firewall running on your Computer or on your router, look for suspicious activity by scanning the logs for anything out of the ordinary with inbound and outbound traffic.

One method you can use is to look for patterns. For example, if someone was scanning your computer to see what ports are open, the logs will show continuous activity from the same IP Address (an intruder’s computer) sending a stream of data to many different ports to a single IP Address or range of IP Addresses.

Obviously, with a smart hacker, they can do many things to cover their tracks, but one thing is for sure, data must be transmitted to probe your computer, and patterns is one method to use for spotting trouble on your Network.

2 – DHCP Logs – if the unwanted guest is not Network savvy, or security on your router is not up to snuff, they may be able to drop in unannounced, by receiving an IP Address from your wireless DHCP server.

You can easily view a list of active addresses by connecting to your router and checking the DHCP log. For example, on my Linksys router, the log is located in the Wireless MAC Filter tab and is shown in the screen shot below.

I can see and identify all active PC’s on my Network. But this does not guarantee that these are the only active PC’s on my Network.

Why?

Unfortunately, a more sophisticated hacker can get around the need to rely on DHCP. If they did their homework (you can be sure of that), they probably figured out the range of IP Addresses in use on your Network, found an unused address in that range and configure their PC with the static address.

3 – Check Who’s Connecting To Your Computer – Now that you identified the trusted computers are on your network (from the DHCP logs), you can check who is connected to your computer.

To do this, open a command prompt and enter the following command:

netstat -an

where:

a = Displays all connections and listening ports
n = Displays addresses and port numbers in numerical form

Netstat is a useful tool that displays network connections (both incoming and outgoing) on computers. This will allow you to see all IP Addresses that have made a connection to your computer.

Netstat shows you the type of connection (TCP or UDP), IP Address and port number (number after addresses separated by a colon) for both Local (your computer) and Foreign addresses.

To find your IP Address, just enter ipconfig at the command prompt.

You should be able to easily spot any addresses (Foreign column) that is outside the DHCP range on your router and investigate.

You can also see what executable are involved in creating each connection by using the -b switch with the netstat command (netstat -b)

Now this great for checking connections on your Compter, but what if someone is on your Network and not connected to your Computer?

4 – Scanning your entire Network – When Computers communicate with each other, they do so with ports (as you saw with the netstat command). Some ports that may be familiar to you are 80 (HTTP), 443 (SSL). 25 (SMTP), 110 (POP). For example, when your Computer browses a website, it opens up port 80 and sends the request out,

To see open ports on a Computer, a tool called Port Scanner can be used that can scan a Network and identify devices by probing for open ports.

Information that can be found is the connection type (TCP or UDP), type of port and IP Address.

Many Port Scanners exist, such as Advanced Port Scanner (Famatech Software) and can scan a range of IP Addresses as shown in the screen shot below.

By scanning a range of IP Addresses, you can quickly see who is on your Wireless Network what they are doing from the list of open ports.

You can easily find out the entire range of addresses (including addresses outside the DHCP scope) your router uses. To do that, connect to your wireless router administration of interface and look for the router subnet mask information.

On a typical Linksys router (above screen shot), the default setting for the subnet mask is 255.255.255.0. Using a subnet mask calculator you can determine the range of IP Address that can be used on your Network.

For example, the subnet mask of 255.255.255.0 with the IP address of the router – 192.168.1.1 (Class C) has an IP address range of 192.168.1.1 – 192.168.1.254. (Note that DHCP reserves address 192.168.1.100 thru 192.168.1.149 which means all other addressees in that range can be used as static address).

Time To Be Proactive

As you can see some of the methods used above are good for random check ups on your Wireless Home Network.

But just being proactive is not enough and using a combination of monitoring, tightening up security and changing your passwords often, among other items, can help from having your identity stolen.

I’m sure there are Network Security Professionals out there who may have better methods than described in this article. If you are one if them, I welcome you comments and suggestions to provide us with more tips and suggestions.

Tips To Fix Invalid Certificate Error When Conecting To Linksys Wireless Routers

If you use Firefox browser when connecting to your Linksys wireless router administration interface, more than likely you can’t and have seen this warning message:

Consider yourself lucky if you do receive the same warning message, because it’s an easy fix by:

clicking the link at the bottom of the error message, Or you can add an exception…
then click on the Add Exception button…
linksys-cert-problem2followed by clicking on the Get Certificate button (on the next screen) and clicking the Confirm Security Exception button at the bottom of the page.
The invalid certificate warning will not display the next time you connect to your router.

But for those of you out there (like me) that receives an error message similar to this…

192.168.1.1 uses an invalid security certificate.
The certificate is not trusted because it is self signed.
The certificate is only valid for <a id=”cert_domain_link” title=”Linksys”>Linksys</a>
(Error code: sec_error_ca_cert_invalid)

…here’s a possible fix to get things working again when connect to your wireless Linksys router.

On my system (and hopefully on yours) the reason why this error message occurs is because the existing Cisco Linksys certificate is corrupted. Here’s how to fix that:

In Firefox, click on Tools \ Options, select the Advanced tab, then select the Encryption tab.
Next, click on View Certificates button.
linksys-cert-problem3

Make sure the Authorities tab is selected, and scroll down to you see the Linksys certificate under Cisco-Linksys, LLC.
Now highlight and click the delete button.

Select the Servers tab (next to Authorities tab), and look for the certificate shown in the following screen shot. Highlight and delete it.

Now, click OK all the way back to Firefox, and reconnect to your router using https://192.168.1.1

You will see the same Secure Connection Failed warning message shown at beginning of article. Follow the same steps for accepting the exception which will add a new Cisco Linksys certificate.

You will now be able to authenticate successfully and will no longer see any certificate error messages.

Unfortunately I have not been able to resolve the same issue if you use Internet Explorer 7. But fortunately it’s a lot easier to bypass the warning by clicking on Continue to this website (not recommended).