Installation

IN THIS SECTION:

Using the “customer self-installation kit”
A Nice Diagram
Buying a Router
Plugging it all in

Using the “customer self-installation kit”

Because you will be using a router between your DSL modem and your computer, you do not, and should not install the software that the DSL provider sends you along with the self-installation kit. This goes in particular for SBC. At the moment, you can easily distinguish this useless crap by the picture of a man with stylish glasses on the front of the CD:

Would YOU trust this man?

You need to connect the DSL modem that they give you to the phone line that has the DSL service on it. Do to this, you probably need to use a line splitter (available at Radio Shaque). This simply enables you to plug in a telephone and the DSL modem at the same time. Once you have snapped in the line splitter, run one of the lines directly to where you want to keep the DSL modem. Plug this telephone line into the back of the DSL modem. There should generally be a symbol or a stamp indicating which port on the back is for the telephone. If there is no indicator, the port with the smaller size is the one you should use.

The kit contains “line filters” which are devices to reduce the noise on the line that the DSL modem makes when it is active. You need to place a filter between each phone and the line itself. If you forget, you’ll remember soon enough because you’ll find it hard to hear during telephone calls. In the example below, a filter is placed between a phone and the split phone jack.

At this point, a diagram might be helpful:

If you’ve done everything correct up to this point, you should have a dial tone on your phone line, AND when you turn on your DSL modem for the first time, you should notice after about 30 seconds a solid green light for “power” and a blinking green light that turns solid green for “line sync.”

Once again—two solid green lights, and you’re probably set up correctly thus far.

If you still see a blinking green light after a minute or so, go to the troubleshooting page.

Buying a Router

Buy a Netgear router.
Not a D-link router.
Not a Linksys router.

I’ll admit, I have quite a few superstitions about brand names when it comes to hardware, and you can wholly disregard all of my recommendations—however I have had consistently good luck with Netgear.

As of this writing (4-21-03), Netgear’s basic Cable/DSL router is an RP614. It has one port on the back where you plug in the DSL or Cable modem, and four ports on the back for devices on your network that you need to plug in.

Four ports? Isn’t that a…YES, in networking terms, this router is also acting as a SWITCH. In fact, if you didn’t plug in a DSL or Cable modem, it would simply be a switch, allowing four networked devices to talk to each other.

If you need to expand beyond four ports--say, for example, that you have 5 computers-- you can plug another switch into one of the router’s ports.

Netgear also has other spiffy and more expensive variations on its basic router, including a wireless router and a combination DSL/Cable modem and router. Because a DSL/Cable modem is generally included in your self-installation package, buying a combination modem/router is unnecessary.

Buying a Netgear router on E-bay? Go ahead, save some money and do this—BUT make sure that before you proceed with the configuring your router, RESET whatever configuration is in the router. Netgear has detailed instructions on their website for doing this with each model of router they have released. On most of the current models, you can reset the configuration by holding in a button on the back of the router while you turn the power off and on.

Left: New plastic shell basic Netgear router.
Right: Old metal shell Netgear router.

Both are functionally identical.

http://www.netgear.com

Plugging it all in

The DSL or Cable modem has two ports on the back. One of them should already be in use by the telephone line that you plugged in.

The other port is where you need to run either a straight-through or crossover cable from the DSL or cable modem to the Netgear router. Netgear includes a red crossover cable and a white, stright-through cable.

With both devices turned on, check for a third green light on the modem labeled "link" that blinks erratically, and also check for a solid green light on the front of the router that is labeled "internet" or "wan"

Let the green light be your guide.

At this point, if everything is set up correctly:

On the modem:
there should be a solid green light under "power"
there should be another solid green light under "sync" or "line sync"
there should be a solid green, and occasionally blinking light under "link"

On the router:
there should be a solid green light under power
there should be a solid green light under "internet" or "wan"

Troubleshooting

IN THIS SECTION:

A Nice Diagram (again)
Who to Blame when it's not Working
What They Can Do
What You Can Do

A Nice Diagram

Who to Blame when it's not Working

I really do like to think of things in terms of responsibility: theirs, and yours.

The responsibility of the DSL provider is to provide you with internet service. Their responsibility lies in everything that gets DSL service to the outside of your house. Technically, it is your own responsibility, or that of the landlord, to make sure that the service line attached to the outside of your house terminates to at least one active telephone jack on the inside. Fortunately, if you have an active telephone line, you are set in this department.

Additionally, the DSL provider is responsible for the operability of the additional DSL equipment they furnish to you. This means they are responsible for making sure that your DSL modem works.

Hereafter, the issue of responsibility becomes your own. The DSL router is your responsibility, and any computers on your side of that router are your responsibility.

What They Can Do

Fortunately, any DSL provider that provides you with equipment will be able to test it. Your DSL provider can test your DSL connection right up to the DSL modem--where their responsibility ends and your begins. They can test the speed and reliability of your modem's connection to the internet, and they can even test to see if you have an active connection running from your DSL modem to your router. The ability to test your modem, however, is contingent on them being able to reach your modem remotely. This is indicated usually by a solid green "SYNC" light on the modem itself.

If the SYNC light is solid green and they can't access your modem, most techs will give up and send you a different modem, after having you triple-check your connections and making you power-cycle (turn off and on) the device several times.

Most of the time, however, you will find that once you set up the equipment and they swear that DSL service is active, the sync light on your DSL modem will refuse to turn solid green. If this is the case, give it another week. .After 30 minutes on hold, this is what a technician will likely tell you.

If it's been a week since the DSL service was supposedly activated, call them up and blow their socks off by casually asking them to do a "rip and rebuild on the dockside"

This is technical lingo for completely resetting and rebuilding your connection to the DSL provider. This is generally the last thing a technician will do before she or he replaces your DSL modem.

If they have replaced your modem and the service still isn't working, they will likely send out a technician. Before you agree to having a technician visit your house, remember the following: If a technician visits your house and determines the problem was of your doing, they will charge you $100 for the visit. However, if the problem is of their doing, the visit is free. Before calling them out:

Make sure that the DSL modem is plugged into the correct phone line. If you have two phone lines in your house and you ordered DSL on the second phone line, make sure that the telephone cord going into the modem has four wires in it (Red, Green, Black, and Yellow).

Make sure there is a line filter between your telephone and your line splitter, but that there is no filter between your splitter and your DSL modem.

What You Can Do

The great thing about using a hardware router when setting up your DSL connection is that there are only so many things that can go wrong. Sitting by itself, encased in metal or plastic, your DSL or Cable router exists to do one thing: connect you to your DSL or Cable internet service. The even nicer thing about this is that you are able to connect to a large amount of DSL providers with little to no modification of the router itself. One the router is configured, a very basic configuration of your computer is required, and then you are set for the rest of eternity.

Let's assume from this point on that your DSL modem is working. There is a solid green light under "SYNC," and your DSL provider can access your modem and verify that there is an active connection.

Problem 1.
You can't access your router by typing in http://192.168.0.1
Possible solution: Turn off the router, and shut down your computer. Turn the router back on, wait 30 seconds, and then turn your computer back on.

Now:

Click on the Start Menu
Click on Run
Type in "command"

When the black window appears, type in "ipconfig"
With any luck, something like the following should come up:

If the Default Gateway is listed as 192.168.0.1, you are in luck. You PC is now talking to your router. Now, fire up your web browser and try typing in http://192.168.0.1 again. If you still get "Page cannot be displayed" Go to the Tools menu, then the Options menu, then click Delete Cookies. Hit OK when prompted. Then click Delete Files... and check the box "Delete all offline content" click OK. Close out all of the open windows, and then restart your web browser.

If the Default Gateway is NOT listed as 192.168.0.1, for example, if it is listed as 169.254.254.1, your computer is not talking to your router. The most likely cause is that you have a faulty connection to the router itself. This could be because of:
-A bad ethernet cable. Switch it with another cable, and make sure that it says "straight-through" and NOT "crossover"
-Check to make sure there is a solid, yet occasionally blinking green or amber light on the back of your computer, next to where the ethernet cable plugs in. Also make sure that there is a green light on the front of the router under "port 1" or whichever slot you plugged the cable into on the back of the router.
-Make sure the ethernet card in your computer is functioning:

Right-click on My Computer on your desktop. Left-click on properties. Click on the Hardware tab, and then click on the Device Manager. The pictures below illustrate this: (If you have Windows 98 or below, going to the control panel and clicking on the Device manager will bring you to the Device Manager as well)

Once the device manger is open, click the plus symbol under "Network Adapters" if it isn't already expanded. Make sure that some sort of network adapter is listed under there. It doesn't have to be the same one in this picture, but there should be at least one. If there is a network adapter lsited, but it has a red x or yellow exclamation point next to it, you may at this point want to turn to somebody who knows a bit about computers. Feel free to call me if you need help at this point, my number is on the first page in this tutorial. Really, feel free.

Conclusion

IN THIS SECTION:

Security
Responsibility
Links

Security

Network security is an interesting thing. It can be complex to the point that entire legions of high paid “network security administrators” spend night and day securing a network against unauthorized intrusion from the outside world. It can be a team of two highly skilled people at UCSC, and most often, it can be you, a veritable army of one. It’s too bad the Army co-opted that phrase, because at a low budget operation, you are the computer hardware, networking, and security person. You won’t have a backup administrator, you might have access to the internet, but hopefully, you’ll have enough of your own common sense to make the right decisions.

Let’s get something clear right off the bat. Network security begins and ends with “strong” passwords. Strong, in this sense of the word, means a password that cannot be easily guessed, either by a persistent person or by an automated program attempting to find the right password using either a “dictionary attack” where common words are repeatedly tried in different combinations, or by a “brute force” attack, where every possible character combination is attempted.

The easiest way to make a password strong is to:

1. Make it obscure
2. Make it alphanumeric
3. Make it at least 7 letters

The easiest way to accomplish this is to think of a phrase and create the password string from it. For example:

My nuclear cat of 3 eyes is an ugly beast

can be a password: mnco3eiaub
using the first letter of each word and the number 3.

If the system will permit it, it is also advisable to use punctuation characters. A period or semicolon is probably your best choice.

A long, obscure, and alphanumeric password will foil simple attempts to guess the password, and will make a brute-force password attack nearly impossible.

Windows NT 4, Windows 2000, and Windows XP can be easily configured to require a password in order to log into the Windows operating system. Additionally, you can password protect the computer boot process itself through the BIOS (see the Hardware Tutorial) so that the computer requires a password when starting up.

Within the scope of our discussion, I recommended early on in the configuration of the router that you make certain to change the default password to access the router to a strong password. Many systems have been hacked simply because the person attempting to gain unauthorized access has tried the word “password” or “pass” which is generally the default password for many hardware and software systems.
Besides strong passwords, a connection to the Internet, through either Broadband or dial-up poses other inherent risks to security.

Flaws in the operating system of the computer, generally called “exploits,” or in Microsoft’s terms “known vulnerabilities” also lead to ways in which somebody can remotely break into computers connected to the internet. Microsoft operates a website, http://windowsupdate.microsoft.com
that catalogues these vulnerabilities and allows you to download “critical updates” which are software packages that fix these vulnerabilities. In the life cycle of an operating system, at least several exploits are found each month that are dangerous enough to warrant Microsoft releasing a critical update. If you connect to the internet, you should check this site for critical updates about once a month.

Placing a DSL or Cable router between your computers and the Internet is akin to placing a wall between yourself and the outside world. Just as gated communities let people who live inside them pass in and out of the protected area, so do firewalls selectively let information pass between the outside world and your computers on the inside of the network.

With this wall in place, the need to download critical updates is not necessarily reduced, but the chances of your computer being broken into are reduced because it is the router, not the computer, that is facing the outside world. Much exploitation found in the Windows operating system relates to vulnerabilities present especially when the computer is hooked to the internet directly, and not through a firewall.

Viruses spread through e-mail are unfortunately not blocked by a firewall, and can reach your mailbox faster than Microsoft can release a critical update patch (if the particular virus takes advantage of a Windows vulnerability).

To negate the risk of catching a nasty virus, there are two important steps to take. The first is to NOT USE OUTLOOK OR OUTLOOK EXPRESS. Both of these e-mail clients have the nasty habit of automatically opening e-mail attachments, thereby triggering viruses delivered by e-mail. The only fix Microsoft has offered so far is a draconian measure—denying you access to almost every file attachment you receive. This essentially renders Outlook and Outlook Express useless, but safe. The best solution is to use Eudora. The program is probably the best designed and easiest to use program out there, and the best part is, it’s free (basically). Eudora does not automatically open e-mail attachments, but warns you when you are about to open suspicious looking attachments. Eudora can also convert all of your old Outlook e-mail over to Eudora.

The second important step to take is to get virus scanning software. There is a perfectly valid argument/conspiracy theory that virus scanning companies engineer viruses so that you are forced to buy their software to protect your computer. Fine, perhaps it is a conspiracy. But, conspiracy or not, Windows is vulnerable to viruses. Norton Anti-Virus is the least hideous of the virus-scanning packages, but you do have to pay a yearly subscription fee in addition to buying the software itself.

I have listed several links relating to windows security, which should be considered, even when connecting to the internet over a dial-up connection.

I hate to muddy the linguistic waters and complicate your decision-making process, but the third way to protect your computer against viruses is to use an operating system such as Linux, which is free, and not subject to the plethora of viruses running around. The one major drawback to this decision is that, first, you should be fairly comfortable with hardware and software configuration, and second, you should be sure that Linux offers the applications that you need to provide to your users. Weighing the pros and cons of Linux warrants a discussion outside the realm of this particular tutorial, however there are excellent resources on the internet if you wish to attempt such an endeavor.

Your responsibility to the people that you network
Lastly, and briefly, I want to emphasize an important point that I feel is often overlooked. When you come to hook people up to the internet, either though a high speed connection or a dial-up, and teach them about the web and e-mail, it is also your responsibility to ensure that they are at least mildly indoctrinated with a safe and responsible attitude towards the internet in general. I think the primary rule of thumb to keep in mind is that you rarely, if ever, are able to surf anonymously. If you hook people up to the internet and they engage in activities which are illegal in their local jurisdiction, they can easily be tracked down and held responsible. Personal information should not be given out over the internet without extreme caution. Credit card numbers should only be given out over secure connections, and to reputable vendors. More than anything, a cautious, conservative approach to the internet is the best. Don’t start a training session with words like “And now, let’s bid on E-bay.”

Links

DSL Reports-your guide to high speed internet connections, security, etc.

A nice website discussing dangerous windows ports--essentially what you are putting yourself at risk for if you don't have a firewall between yourself and the outside world

Security from the source of all this insecurity-Microsoft

A decent, third party Windows security site

One of the most comprehensive, user contributed networking sites on the web