If you've jumped on the broadband bandwagon, you know the joy that a high-speed Internet connection over cable modem or DSL can bring. But with that high-speed access comes a security threat. A cable or DSL router—an absolute must for the home broadband user-offers a security firewall for your home network and a shared Internet connection in one inexpensive and easy-to-deploy device.
Why You Need a Home Firewall
Home users often think they can do without a firewall because they don't believe that their machines hold anything of interest to intruders. However, intruders aren't usually interested in the files on your computers; they're interested in your bandwidth.
My partner, the CEO of my company, recently noticed a significant reduction in bandwidth at his home¾he wasn't getting the speed from his cable modem that he had been. As he entered his home office one night, he could hear hard disk activity, and he noticed that the cable modem's lights were flickering wildly. Concerned, he called his ISP and described the situation. At the technician's prompting, my partner performed a search for MP3 files and uncovered a 25GB cache in a folder buried deep within his hard disk. Intruders had been storing MP3 files on his computer and sharing those files with users who subscribed to their Web sites. This story is hardly unique; I know of several others who have fallen prey to similar intrusions.
Routers for the Home
Fortunately, network routers can eliminate your vulnerability to bandwidth thieves. A router is a hardware device that examines network traffic, determines a data packet's destination address, and selects the most efficient and effective route for that packet. Routers, in other words, route Internet traffic. Cable or DSL routers for the home use Network Address Translation (NAT) to provide Internet access to one or more computers on your home network. In fact, NAT also protects your machines because it masks the machines' actual IP addresses, letting a group of computers with private IP addresses share one public IP address to access the Internet. Thus, one device, a cable or DSL router, can not only provide Internet access to all the computers on your home network through one cable modem but can also serve as a firewall. And the great part is that cable or DSL routers are inexpensive ($100 to $250), they're easy to install and configure, and they offer many powerful features.
I use a Linksys router on my home network; companies such as Allied Telesyn International, Asante Technologies, D-Link Systems, Hawking Technology, NETGEAR, and SMC Networks also offer routers. My house is wired with Category 5 Ethernet cabling, and I installed an Ethernet hub so that I could connect my machines in a home network. For a little more money, you can get routers with self-contained (and even wireless) Ethernet hubs.
Installation and Configuration
If you simply want to access the Internet from home (and you don't plan to host Web servers, for example), configuring a cable or DSL router is easy. I set up and configured my cable or DSL router in 5 minutes. However, before you get started, play it safe and write down the TCP/IP settings for each computer on your home network. Next, using the Cat 5 Ethernet cable that came with your router, plug your cable or DSL modem and your PC into the router so that the router is between the modem and the PC. Finally, plug the router into a power source. The same Cat 5 Ethernet cables connect all three devices.
If you plan to use your router to share your Internet connection among multiple computers, you need to run Cat 5 Ethernet cable from the modem, through the router, and to the Ethernet hub. (Again, many cable or DSL routers have built-in Ethernet hubs.) Then, all network components in your home, including PCs, Internet devices, and other hubs, will originate from the Ethernet hub on your network.
The Linksys cable/DSL router is DHCP-enabled by default. DHCP provides IP addresses for the computers on your home network to use. Your computers are probably configured to receive IP addresses automatically from a DHCP server. Letting the cable or DSL router's DHCP server provide IP addresses is the easiest way to get rolling quickly. However, you must first check the network settings for all machines on your home network to verify that each machine obtains an IP address automatically, that you have installed no gateways, and that you have disabled DNS. See Table 1 to learn how to check the network settings on your computers.
As I mentioned, your machines are probably configured properly already, so the cable/DSL router's default settings should get you up and running. Depending on which OS you use, you might have to reboot. Then, open a Web browser and bring up your favorite Web site.
If you can't connect to the Internet, you need to troubleshoot your configuration. First, you can force the DHCP server to renew your IP address. Open a command prompt and type
If you don't receive a reply, your TCP/IP settings might be incorrect. Check your TCP/IP settings again (verifying that each machine obtains an IP address automatically, that you have installed no gateways, and that you have disabled DNS). If you still can't connect to the Internet, try pinging your router to make sure that it's responding. Open a command prompt and type
(This number refers to the Linksys router.) Your cable or DSL router should respond with four valid ping replies (e.g., "reply from 192.168.1.1: bytes=32, time 10ms TTL=128"). If you're still having trouble, call the router manufacturer's technical support.
Managing Your Cable or DSL Router
After you have successfully set up and configured your cable or DSL router to share your home broadband Internet connection (and, consequently, to protect your machines), you can consult the router's management interface to learn about available advanced options. (You'll want to password-protect this application.) You can use these options, for example, to check your router's current status and settings. One great feature of cable and DSL routers is that they automatically grab IP addresses from your ISP and find the default gateway and DNS settings for your clients to use from behind the firewall to access the Internet. The advanced options also include features that help you configure PPTP and VPN connections.
Installing a cable or DSL router is the quickest and easiest way to share Internet connections on your home network and protect your network from attack. If you want more control and are prepared to manage the attendant risk, you can also investigate software firewall alternatives, which I discuss in the sidebar "Software Firewalls."