skip navigation

Home for Break (High-Speed Access)

CITES > network > scenarios > break

Scenario: Network access from a home in another city or state

If your home has high-speed network access, but you're not sure how to add your university computer to your home network when you bring it back over break, this page can guide you through simple home networking concepts.

Home network basics

Let's suppose your parents (or host family or summer apartment-mates) already have one computer and a high-speed network connection. You're bringing a second computer with you, and would like to add your computer to the high-speed network connection without needing to pay extra fees.

Note: The particular type of high-speed network connection doesn't matter; the same principles will still apply. The word "modem" is used here to indicate the device that provides your high-speed network connection, whether it's a cable modem, DSL modem, ISDN modem, or something else.

Router: The magic word in home networking

Many Internet service providers will charge a fee if they assign a second distinct IP address to a new computer on a home network. However, if the service providers don't need to assign the new IP address, they won't need to charge you.

So how do you control the assignment of IP addresses within your home network? The magic word to shop for is "router."

The Parts of a Network pages explain the structure of a simple two-computer home network with a shared printer and a router. Your router can be an Ethernet-based router, a wireless router, or even a USB-based router, depending on how the family connects the existing computer to the service provider's modem.

Points to remember when selecting a router

Here are the points to look for when shopping for a router:

• Two points of connection must accept the same kind of cable: the modem's output and the router's input.

For example: Let's say your modem connects to television cable on the "outside" (the connection to the Internet) and uses Ethernet on the "inside" (where your computer connects). In this case, you should make sure that your router accepts an incoming Ethernet connection, since the router will be connecting to the place where the first computer was previously attached to the modem.

As a contrasting example, if your modem connects to DSL on the "outside" and USB on the "inside," make sure that your router accepts USB. (If your modem will connect to either Ethernet or USB, Ethernet is recommended for speed.)

Wireless users note: Even if you're choosing a wireless router to connect your computers without wires, you'll still need some form of cable to attach the router to the modem, unless the modem itself is also wireless.

• Make sure the router includes its own firewall.

Even if you have firewalls on each of your computers, it's a good idea to make sure that the router includes a firewall so that none of your neighbors can enter your home network and see the information that your computers are sharing with each other.

• If you choose a wired router, make sure your router has a port for each computer you want to connect.

If you want to connect three computers to your home network, for example, you should choose a four-port router rather than a two-port router. Alternatively, you could add more computers later by adding hubs, but it's simpler to buy one device with the capacity you'll need.

• If you choose a wireless router, or if you use any wireless network technology in your home network, be aware that you'll need to take extra security precautions.

Because wireless networking is inherently easier for other computers to overhear than wired networking is, you'll need to take additional steps to protect your home wireless network from bandwidth thieves.

With a wired network, an outsider would have to splice into a cord somewhere to gain access. With a wireless network, they can simply sit in your backyard (or a neighbor's house, or a car across the street) to borrow your bandwidth and possibly see what's on your computers as well.

The security essentials of home wireless networking are explained below.

Wireless home network security essentials

Note: If this section seems complicated to you, remember that Ethernet-based, wired networking will not need these extra security precautions. A wired network provides benefits in security to counterbalance its drawbacks in ease of access. Consider whether you would rather use a wired network from specific locations in your home in order to avoid the need to manage these extra layers of security yourself.

There are several important keys to protecting a wireless network. You should take all of these steps; if anything is missing, it can leave a hole in your network for attackers to exploit.

• Change all of the defaults

If your wireless router comes with a default administrator name and password and a default network name (also called an SSID), change all of these. Remember that this information has been printed in a book given to thousands of people who've bought the same device you're using.

• Don't broadcast your network name (SSID)

Broadcasting your SSID makes it much easier for passers-by to detect that your wireless network exists and gives them a handle to use when trying to connect to it. Disable the SSID broadcast, and instead tell each of your computers what SSID to use. This way, your computers will be able to easily locate and connect to your wireless network, but unfamiliar computers will have more difficulty.

• Limit access to specific computers through MAC and IP restrictions

A MAC address is a little like a network card's fingerprint. Although it is possible for MAC addresses to be changed manually, a MAC address is usually unique. An IP address, on the other hand, is like a computer's network telephone number; it tells other computers where to contact a particular computer, and it can be reassigned frequently.

Make sure that you restrict access to your wireless network to your computers' particular MAC addresses. Also assign static IP addresses in a non-networked IP range (such as 192.168.0.x) to your computers, and accept only the MAC and IP address combinations you have assigned.

• Use WPA encryption or a home VPN

Encryption scrambles data to make sure that it can't be understood by anything other than the computer and its target (in this case, the wireless device). Without encryption, other computers could overhear and interpret what your wireless computer is sending to the network, even if they couldn't use the network connection for their own purposes.

The first wireless standard on the market, WEP, is deeply insecure and attackers can break into a WEP-encrypted network in a matter of minutes. Don't rely on WEP for security.

The next wireless standard, WPA, is more secure than WEP, although more difficult cracks for it do exist. If your wireless device offers WPA, use it.

Some wireless routers offer VPN endpoint capability, meaning that you could treat it as a smaller-scale equivalent of the campus VPN. Make sure any VPN system on your router uses high-grade encryption (at least 128 bits).

Note about the campus VPN and home wireless networks: While you could use the campus VPN system to protect your computer's communication with campus, the campus VPN will not be able to protect the rest of your network, including any users who can't log in with Network IDs. Therefore, a home VPN system or WPA equivalent is recommended for securing home wireless networks.