It's pretty simple:
Hardware checklist:
1. ISP (DSL & Cable broadband), but you need to know whether Dynamic Host Control Protocol is implemented which is preferred for the sake of simplicity and network security or if a static (as in non-changing) IP along with Domain Name Suffixes are assigned to each customer's account
2. Two computers that have a mimimum of a Category 5 Ethernet port along with one computer that has a 802.11 a/b/g compatible Wi-Fi PCI / Cardbus card installed and setup properly according to manufacturer's directions
3. I have the D-LINK DI-524 router/ethernet hub & switch. MAKE SURE you UPDATE THE FIRMWARE to version 3.02 via
http://support.dlink.com/products/revision.asp . You need to check your D-LINK DI-524 to see which hardware revision it uses. FOLLOW THE DIRECTIONS FOR UPDATING YOUR ROUTER VERY CAREFULLY OR YOU WILL RENDER IT INOPERABLE!
4. For the sake of simplicity, do this: a. make sure the power is connected properly for all of your computers and router along with the cable modem, b. hook up the Category 5e patch cable that comes with your D-LINK DI-524 router to the Cat5e port on the back of your cable/dsl modem to the WAN port located on the back of your router, c. hook up all of your computers using the normal Category 5e cable so that you can ensure there is a connection, d. follow the directions in your router's instructions to setup the router
5. SETTING THE ROUTER: just follow the directions by typing in
http://192.168.0.1 and enter admin as the user and whatever default passphrase they tell you to use to setup your router for the first time. For the sake of WI-FI SECURITY, do these things:
SOFTWARE CHECKLIST:
DO A COMPREHENSIVE SECURITY AUDIT TO ENSURE THAT NO SPYWARE, MALWARE, VIRII, REMOTE ACCESS, AND FOREIGN MACHINES HAVE ALREADY COMPROMISED YOUR LOCAL NETWORK AND COMPUTERS FIRST!
change your router's user and admin IDs
change your router's passphrase
DISABLE remote management via port 8080
DISABLE uPNP
TURN OFF SSID broadcast
CHANGE the default SSID
CHOOSE 802.11G protocol for speed
ENABLE Wi-Fi ENCRYPTION using the WPA-Pre-Shared Key
CHOOSE A STRONG 10+ ALPHA/NUMERIC/SYMBOLIC PASSPHRASE
CHANGE THE PASSPHRASES FREQUENTLY AND RANDOMLY USING A RANDOMLY GENERATED PASSPHRASE to access the ROUTER CONFIGURATION, WI-FI ENCRYPTION PASSPHRASE
STAY UP TO DATE WITH FIRMWARE UPDATES FOR YOUR DI-524 ROUTER
INSTALL THE MICROSOFT WINDOWS WPA PATCH
INSTALL THE LATEST MICROSOFT WINDOWS SERVICE PACKS especially Windows XP Professional Service Pack 2
ENABLE MACHINE ADDRESS CLONING AND FILTERING
LIMIT THE IP RANGE TO THE ABSOLUTE MINIMUM NUMBER OF IPs FOR EACH COMPUTER
ENABLE IP RANGE FILTERING
MONITOR YOUR IP TABLES TO ENSURE NO FOREIGN AND UNAUTHORIZED COMPUTERS ARE SNIFFING OR PENETRATING YOUR WI-FI NETWORK
INSTALL 1 ANTIVIRUS, 2 ANTI-SPYWARE, 1 ANTI-TROJAN/BOT/WORM, AND 1 NETWORK SNIFFER PROGRAMS
Well, I guess that's it. It's pretty simple.
Oh yeah: switch to Linux or BSD or Apple OS X for maximum security, stability, and reliability along with data integrity.
