2012-06-28

MSE - Microsoft Security Essentials

If you practice safe surfing habits and have a good backup strategy, consider installing Microsoft's Security Essentials (MSE). It is fast, unobtrusive and free. Article originally published 2010.05.  Updated 2012.06.    



This article has been retired.  See this up-to-date Keyliner article:
Keyliner - Virus Cleanup Steps




I am asked to fix friend and family computers and I get asked to fix friends-of-friends computers. The number-one complaint is invariably the same: "the computer is too slow," along with "it used to be faster -- should I buy a new computer?"

As I've worked on these machines, the most common reasons for slowness are, in order:
  • McAfee Virus Scanner
  • Norton Symantec Virus Scanner
  • AVG Virus Scanner
  • Too many (legitimate) programs running in the background (system tray)
  • Actual viruses and spyware problems
  • Insufficient RAM; dial-up Internet; really-old computers
Notice that viruses are not at the top of the list.  In other words, the machines are generally virus-free.  The best solution has been to uninstall the virus scanners and install Microsoft's MSE.

Current Affairs

The expense and complexity of the commercial versions have driven me away.  To gain market share and revenue, they add features and raise prices. In the end, the McAfee and Symantec/Norton suites are too complicated and the software does so many things that system resources are fully-consumed. Admittedly, these products do more than just scan for viruses.

But if you practice safe surfing habits, then these other products may be overkill.  Safe habits include:
  • Avoid free music bit-torrent sites and porn.
  • Surf with Firefox (not IE), keeping ActiveX from running.
  • Up-to-date with Adobe Acrobat and Flash patches.
  • Full-system disk image backups on a regular basis.
  • Keep teenagers off your computer and give them their own machine.
Improvements:

In the past two years, both Norton and McAfee have improved their software and they now have smaller footprints.  If I had at-risk computers, where virus infections were a re-occurring problem, I would consider more robust software and would probably choose Norton.  But in general, I still do not trust most commercial virus scanners.  Case-in-point, McAfee is aggressively installing on unsuspecting users.  See this Keyliner article: McAfee Security Scan Plus.

PC Magazine's most recent Virus Scanner Reviews 2012, seem a little vague and almost non-committal and it doesn't mention Microsoft's product.  In a separate review, PC magazine rates MSE 2012 as mediocre, but most other reviewers generally like Microsoft's product.  The biggest failing is when a machine is already infected. I agree.  On an already-infected machine, you need to use several tools, including Microsoft's bootable "Windows Defender Offline," along with other's, such as Malaware Bytes (see Keyliner article:Removing Win32/Cryptor). But if you practice generally safe browsing, then MSE will work well-enough.


What I am Doing Now

I now exclusively use Microsoft's Security Essentials.  

Although Microsoft claims they are not competing with commercial software, they are doing relatively well and by most accounts, MSE is a decent program. Almost all reviewers report the software is capable and does not sap system resources.

Benefits:
  • It is tightly-integrated into Windows and runs well in Windows 8, 7 and XP.
  • Performance is invisible.
  • Unobtrusive - no nagging.
  • Quiet, automatic updates; several times per day.
  • A simple, straight-forward user-interface.
  • It is free; no registration; fully-functional; no upgrades to paid packages.
MSE not only uses virus signatures to detect malware, it can also flag suspicious activity, such as an unexpected network connection, modifications to system files, or if software attempts to download in the background. When MSE sees activity like this, it automatically sends the suspected malware to Microsoft's servers for analysis. With 100 million PC's, this gives Microsoft a good pool for correcting problems.

Drawbacks:

Because it can't be configured or controlled from a central server, it is not suited or licensed for business use.

Rootkit detection is weak and you should not rely on this tool to repair an already infected machine. With a raging infection, you will probably have to rely on other tools before MSE can be effective.  I recommend starting with Microsoft Standalone Windows Defender and then see these popular Keyliner articles: Removing Win32/Cryptor and Removing Personal Security ).


Downloading and Installing

Download directly from Microsoft by using this address:
http://www.microsoft.com/security_essentials

Installation is easy and even your grandmother can do this. 
Un-install old virus scanners before installing MSE.
If you have Microsoft's older Windows Defender, it is automatically disabled during the install.

Once installed, let it kick-off a full scan. From then-on, you can basically ignore the software.






When it does have something to say, it is obvious and UAC nag-screens appears, assuring you are not looking at a virus-look-alike.



Conclusions:

I am pleased and now use MSE on all my personal equipment. Microsoft Security Essentials may not be as powerful as other packages, but I have a low risk of infection and am comfortable with my backup strategies.  For at-risk computers, a more robust solution is needed and I would tentatively recommend Norton Antivirus 2012.  Some day, I may give Norton/Symantec and McAfee another try.


Related Keyliner articles:

Use this when your machine is already infected.
Microsoft Standalone Windows Defender.
Removing Win32/Cryptor
Removing Personal Security

HowTo: Fixing Slow Computers
HowTo: Cleaning Windows 7 Startup Programs

HowTo: CPU Utilization and Diagnostics

Reviews:
PC Magazine Virus Scanner Reviews 2012
PC magazine rates MSE 2012
PC Magazine Norton Antivirus 2012 Review

2012-06-24

Captain UnderPants Name Maker Program

For fun:  Captain Under Pants Name Maker.

A decade ago, when my children were little, they were reading the adventures of Captain Underpants, by Dave Pilkey.  In one of the stories, the book asked the kids to take a letter from their first and last name.  They were then instructed to look in a chart to generate a new name. Their new names were well-suited for people that age.

This looked fun and I wrote a program around the idea for my kids.  We played with this off-and-on for a few years until I out-grew it.  Today I stumbled across it again and thought it would be fun to post.

This is a screenshot of the program:

To use, type your name, press enter, and it generates a new name.  President George W. Bush is "Fluffy Toiletshorts" while President Obama gets "Cheeseball Hamsterbiscuits."  My name is nothing to brag about either, I get the ignominious "Tootie Picklelicker."

Download and Installation:

The program is a simple EXE that installs with a file-copy.  There are no registry changes or installation routines and it was written in VB6. 

From Keyliner's public GDrive, click this link and download to a local temp or download directory.  Do not download directly into ProgramFiles

Click this Keyliner Public GDrive link:
NameMaker Download

When downloading, different browsers behave differently.
You will be prompted the file cannot be scanned.  Click "Download anyway"

Microsoft Edge:

Prompts "NameMaker.exe" was blocked because it could harm your device. 

"Click See More" and allow the download.  With Edge, the file will appear in your Downloads directory with a random name, "Unconfirmed 780359.crdownloaded" (name varies). 

Rename the file to "NameMaker.exe".


C.  Mark the program as safe-to-run:

(This step may not be needed if downloaded by Edge and you clicked "More / Download Anyway")

Using File Explorer, right-mouse-click the downloaded (and re-named) .exe
Select "Properties"
Check [x] Unblock.  This removes the "mark of the web." 

                 Click for larger view

* Only do this if you trust keyliner *and* only if downloaded from keyliner's public GDrive. 

If "Unblock" is not visible, it has already been unlocked (by Microsoft Edge).
Once [x] Unblocked is clicked, this security menu disappears.
You may be prompted for security UAC/Windows credentials.



The name-selection algorithm is slightly more complex than the author's original design and that makes it more fun. Scattered throughout the screen are numerous Easter eggs with jokes that will make you groan.  It will take a lot of clicking to get through them all.


At the risk of cease-and-desist, and with apologies to Mr. Pilkey, you are welcome to download and have fun.

2012-06-10

Dell U2212HM 21.5 Widescreen Monitor

Review: Dell U2212HM 21.5 Widescreen Monitor.  In summary, this is a nice monitor at a good price with no complaints.  The monitor is sharp, bright, visible from wide angles.  It feels well-built and great connection options.  $230, direct from Dell.

The Dell Ultrasharp U2212HM 21.5-inch monitor with LED backlight is a fairly typical monitor with a really wide screen.  1920x1080 Full HD.

I chose this model over others because the screen rotates vertically and I thought this would be handy.

Photo: At home, rotated vertically, next to a Gateway 19.5" wide screen monitor, with a full-sized keyboard and mouse.  Even with this monitor, I still like to run with a dual monitor setup and this is my new, standard setup. 

Rotating the monitor to Landscape makes it a little too wide for a second monitor, pushing it too far to the right.  As a single landscape monitor, it would be great.

Pros and Cons to Vertical

The most obvious drawback to the vertical (portrait) position is the 1080 pixel width.  Some programs are now being designed for 1280 and admittedly, most people run this monitor in Landscape.

On reason to consider a vertical monitor is this observation:  Unless you are willing to fiddle with multiple windows on the screen, most of the width is wasted.  Consider these screen shots, which is typical with many programs running fullscreen:  The width is wasted.  But look at the glorious depth when in a vertical / portrait mode...


Spreadsheets probably like the width but they also like depth and an argument can be made both directions.

But other programs, such as photo editors, Visual Studio and other development environments make good use of wide screens, storing palette windows, toolbars and other goodies.  In a narrow orientation, these types of programs become constricted. 



In my case, this is a great reason for a second monitor -- one wide and one narrow.  I get the best of both.

Dell sells other, larger monitors, that have a (width) of 1200 pixels (not 1280) and you will have to buy a 27" screen -- which is monstrous and you might not tolerate such a large monitor on your desk. For this reason, I stayed with a dual-monitor setup.


I was undecided about which orientation to use, but after several months, the vertical proved best -- but I would only do this with a dual monitor system.  Admittedly, with bifocal glasses, the vertical orientation is challenging, but survivable.  It is nice to have the option. 

There is some humor to be found in the Windows Desktop Properties screen.  Look how I had to position the screens:

If you choose to rotate back and forth between the two orientations, you will have to fiddle with the control-panel screen positions each time. 


This is one of the few monitors on the market with movements along each axis.  The monitor's bottom edge can be dropped all the way down to the base and it can tilt -4 degrees forward in case the monitor is on a top-shelf on a factory floor.








The stand has a a cable run.  When rotating the monitor from landscape to portrait, cables have enough freedom to slip as the screen rotates.



Video Card vs Monitor

You may have a concern about your video card and memory with a 1920x1080 resolution screen.  I have a run-of-the-mill, boring $40 NVidia Gforce 210 512MB -- which is a dual-head video card.  It drives this monitor (DVI) and the Gateway wide-screen (as VGA) with no issues. 

My desktop has an HDMI video out but the monitor has a newer type of connection called a DisplayPort. With an adapter, not supplied, I could convert between the two, but this is not worth the trouble with the DVI-D port.  Besides, whenever you use a mother-board-supplied video, you are using system-RAM to drive the video and for this reason, I still prefer a dedicated video subsystem.  (In the future, CPU chips will have dedicated video processing and my attitude towards this may change.)

DisplayPorts are relatively new to the scene.  The technology is not meant to replace HDMI, instead, it has been optimized for computer tasks.  See this Wikipedia article for details.  From a laptop's point of view, here is a comparison showing the differences between the ports:



If Wishes were Fishes

When I bought the monitor, I was looking for a glossy-screen, much like I have seen in high-end laptops and on Apple desktops.  Glossy screens look sharper (even though they have the same number of pixels and the same pixel size), but Dell doesn't appear to sell such a device.  There is some argument to be made for high-gloss screens being a pain in sunlight.



I was tempted by Dell's newer line of "UltraSlim" monitors, a new line of monitors that are half the thickness, but decided while facing a monitor, all monitors appear paper-thin.  As long as it is not a CRT, the thickness is not worth a premium.  I'll revisit this belief when OLED monitors are affordable.  With the stand, the Ultra-Slim occupied nearly the same depth so nothing was gained and the monitor was not adjustable. 



Comparison with Less-Expensive Models

Dell sells a similarly-sized ST2220L 21.5 1920x1080 HD Widescreen for $140 and it has similar specifications, same resolution, same dot-pitch and brightness, but there are differences.

One difference is in the Dynamic Contrast Ratio:
The ST220 has 8M:1, compared to this monitor's 2M:1, which implies some of these numbers are a bunch of hooey.  The ST220's screen technology is an older, less-sharp "TN" technology and it has a simpler stand.  Finally, this model has an HDMI port instead DisplayPort, which may limit its usefulness over the lifetime of the monitor.


Technical Specs, direct from Dell's site:

54.6cm / 21.5" diagonal with 100% area viewable
IPS - Inplane Switching Panel
1920 x 1080 pixels, full HD
0.2475mm  (Better than many)
LED Backlit (now typical with almost all monitors)

250 cd/m2 Brightness
(typical for most mid-range monitors.  Nicer monitors can go up to 350.)

1000:1 Contrast Ratio
2M:1 Dynamic Contrast Ratio (which as near as I can tell, is mumbo-jumbo)
8ms (grey to grey) Response Time (hard to compare with other brands)
178 degree viewing angle (nice)
16M colors, 82% gamut (seems fairly typical for a mid-range monitor)

Dimensions of Interest:
Width:  20.2" Landscape
Height: 14" low to 19" extended
Depth: 7.2"

Width: 12" Portrait
Height: 21" low to 23" extended
Depth: 7.2"

Ports:
DVI-D with HDCP
DisplayPort (DP)
VGA
4 USB 2.0 downstream ports (standard USB plugs)
1 USB 2.0 upstream (hub) port
DC Power Plug for Dell SoundBar

Included Cables:
DVI
VGA
Power
Does not contain a DisplayPort cable, but few need this.


2012-06-09

Installing a Laptop Wireless Network Card

How To: Installing a Laptop Network MINI Card.  Instructions on how to upgrade a laptop's older network card with a newer, faster card.  This article demonstrates an Intel 4965AGN Laptop Mini Card, being installed in an Dell XPS M1530.

After upgrading my home router from a Linksys WRT110 to a newer Linksys EA2700 Wireless N, I decided to upgrade my main laptop from an older Intel wireless 3945ABG to a 4965AGN.

Intel 4965AGN

The new card can run on either the older (802.11 a/b/g) at 2.4Ghz, or on the new N network, at 5Ghz.  On the faster side, data throughput improves from 54Mbs to 300Mbps.  The N standard also has up to 2x greater range.



Real-life Speed Test:

Why upgrade?  With computers, it is always the same reason.  I ran these speed tests. An "N" card on an "N" router is truly twice as fast as the older setup.

Copying 2,700 files, 500MB
802.11g (2.4Ghz old card) - Time 3:30 min
802.11n (5Ghz, new card) - Time 1:41 min


The card can be found on the net with prices ranging from $10 to $60.  Being cheap, I mail-ordered the $10 card from AMZNeTek and laughed with it arrived in an envelope with no disk or instructions.  What would I expect?  It was a great price with no complaints about the service.  Although I am installing in a Dell, the card was branded for Toshiba, but this is not a problem because Intel cards are Intel cards regardless of how they are labeled.


Router Setup Steps

Before installing the card, you need to spend a few minutes at the router.

For instructions on how to setup a home network, see this detailed Keyliner article: Link: EA2700 - First Time Setup - Home Networks

then follow these important, non-default steps to configure the 2.4G and 5G router channels so they run at their most optimal speed.  A fully-detailed article can be found here, or read below for a summary:  Link: Router Setup Steps - 5Ghz

Split | Personalities:

Newer routers can simultaneously transmit over two different frequency ranges -- the older 2.4Ghz and the newer 5Ghz.  Naturally, 5Ghz is better because it has more throughput and less interference with other household devices, such as desk phones and microwaves.

But, if you are not careful, your brand-spanky-new router might find itself running at 2.4Ghz on both sides.  Follow these steps to dedicate the 5Ghz side to only newer network cards.  If an older card is allowed to connect on the 5Ghz channel, that side will step-down and run at the slower speed, defeating the new hardware.



Using a Linksys Ea2700 as an example, manually configure the 5Ghz and 2.4Ghz in this manner:

Summary:
A.  Type the router's IP Address in a browser
B.  Login as Admin / (your admin password); see Setting up a Home Network Router
C.  In the Wireless tab, click "Wireless Settings"

Click for larger view
Recommended 5Ghz Setup:

Once in the Wireless setup screen, change from "Wi-Fi Protected Setup" to 'Manual".  (This disables the one-step setup-button on the router, but that was not a particularly good feature.  With the setup recommended here, you can type the password and connect and this is easier than getting up and finding the button on the router.)

Then make these setting changes on the 5Ghz side:

Related Keyliner link with similar content: Router Setup - 5Ghz

Network Mode:  "Wireless N Only"
(change from Mixed Mode).  This forces this side to only service newer network cards.
Older cards will be forced to the 2.4Ghz side.

Network SSID:
Invent a name for your 5G network, such as "wolfhouse5G".
Do not use spaces in the name and this name must be different than the 2.4G side.

Security Mode: Set to "WPA Personal".
Forcing to a newer encryption protocol.

PassPhrase:
This is the password/login workstations use to gain access to the network.  Invent any password or phrase.  Use this same phrase on the 2.4G side.  Write this down and tape to the bottom of the router, along with the Admin password.

Channel Width:  Leave at default (Auto 20 Mhz or 40 Mhz)

Channel:  Auto

SSID Broadcast:  Enabled (recommended)

Note: Why Broadcast SSID?  Some new Windows 7 / 8 features will not work without a broadcast SSID -- and hiding the SSID won't help keep the bad guys off your network.  This can be sniffed in a heartbeat.  If they are good enough to break the encryption, they have the SSID and your Mac addresses already.  Quit wasting your time.


Recommended 2.4Ghz Setup:

Network Mode:  "Mixed"  (default).
This allows all 802.11 a/b/g traffic to connect. 

Network SSID:
Invent a name for your 5G network, such as "wolfhouse24G".
Do not use spaces in the name and this name must be different than the 5G side.

Security Mode: Set to "WPA2/WPA Mixed Mode".
This is needed to accommodate older network cards.

PassPhrase:
This is the password workstations must provide in order to get access to this network.
I recommend using the same passphrase as the 5G side, but it can be different.

Channel Width:  Leave at default (Auto 20 Mhz or 40 Mhz)

Channel:  Auto

SSID Broadcast:  Enabled (recommended; see above)


Save the Settings.

Now, return to the laptop's new Network card's installation.


Laptop Network Card (NIC) Upgrade


On most machines, the laptop's network card is easy to get to and easy to replace.  Expect to spend about 15 minutes installing.  Follow these steps.  You will need a small flat head screwdriver and a small jeweler's Phillips screw driver plus a crowbar and sledgehammer.

Notice I am recommending Intel cards rather than other other brands because the drivers are better maintained with new operating systems. 

1.  Although Windows 7 and 8 will detect and install new drivers automatically, it is prudent and safe to have the network card's installation files on the local hard disk in case there is a problem in this area.

Download, but do not install, the Intel 4965AGN drivers from Intel. These drivers will be newer than those first installed by Windows.  On Intel's site, search for "4965AGN" and select your operating system.  Note: As of 2012.11, Intel does not have Windows 8 drivers for this card; use the Windows 7 version or the default, as installed by Microsoft. 

Download Link: Intel's site.


You will find two versions: I recommended the Drivers-Only "D" version vs the additional Software "S" version.  The Software version isn't needed as Windows 7 and 8 are doing a good job managing the wireless natively. 

2.  Place a towel on a desk, protecting the laptop and for catching small screws.

3.  Turn the laptop over and remove the back access panels.  Each laptop varies on how to do this, but this isn't rocket science.

Some cautions are in order:
  • Most laptops use tiny screws.  Do not use a small Phillips screwdriver; instead, use a small eye-glass or jeweler's screwdriver so the heads are not stripped from the access panel screws.  Trust me on this.
     
  • For most laptops, loosen the screw but do not not completely remove because they have tiny lock washers on the back side and completely removing the screw will loose the washer. Once loosened, gently pry the covers off as most have catch-tabs.



4.  Note how the card is marked with a "1" and "2"  (newer cards have 1,2,3 and some cards have black and white triangles.  These represent the antennae wires. 

Use a small flat-head screwdriver to gently pry off the original card's #1 and #2 antennae wires --  twisting the screwdriver head to pry upwards.  The connectors will pop off, straight up.  The connectors are fragile.  Of interest, these are the wires that lead to the antennae wrapped around the LCD panel.


5.  Remove the (one) screw that holds the card in place.  When loosening the screw, use a finger to press and hold the card in place.  The card is spring-loaded and when the screw is loosened it will catapult the tiny screw to places unknown.

6.  With the new card, re-connect the antennae wires.

Because the black and white wires are tiny and hard to manipulate, connect the wires before installing the card.  Center the wires on the post and press firmly until they click.  They are fragile and you must do this with care or the connectors can be damaged.   On a two-wire antennae,  #1 is white, #2 will be black.  Unless your laptop has three wires, ignore the center connector.


7.  Install the card into the slot and attach to the frame; snake cables back into their original positions and return the back covers.  You are ready to go.

Boot the computer.  Windows 7 and newer will detect the card and install base drivers.  Do not bother connecting to the network yet.


Drivers:

Install the Intel drivers downloaded earlier.  While installing, the Intel logo whirls but doesn't say much.  It will install and close without comment.  Because you can't tell when it is finished, give it about 3 minutes to complete.

Next, open your System Tray's network icon and connect to the 5G network.  You will see two or three networks broadcast from your home, "wolfhouse5G", "wolfhouse24G" and possibly "wolfhouse24G-Guest".   Choose the 5G and type the access code when prompted.
Do a big file copy and pat yourself on the back for quality, competent work. 


Related Articles:
Linksys EA2700 Router Review
Linksys EA2700 - First Time Setup - Home Network
Router Setup - 5Ghz
Setting up a Brother Printer on Wireless

2012-06-08

Linksys EA2700 Router - First Time Setup

How to: Linksys EA2700 Router - First Time Setup.  Detailed article on home network setup and these instructions can be use on any brand or model.  These same instructions can be used to re-set a router that has malfunctioned due to a power problem or lost administration password.

Important:  If your DSL Modem has 4 or more (yellow) network ports, *and* if you have a secondary wireless router, do not use this article.  Instead, see Zyxel C1100Z DSL Modem setup for those instructions.

Related articles:
Installing a DSL Modem
Resetting a Wireless Password or Admin Password
Router 5ghz Wireless Setup Steps

Basic Wiring

A.  Wire the routers in this fashion.

Avoid using a Wireless connection when configuring or building your network.  If using a laptop or desktop to configure the network, temporarily connect the laptop via a Cat-5 cable directly to the new router (illustrated below with the blue cable); do this instead of using a wireless connection because it is risky and frustrating to configure a Wireless router using the wireless.

Ideally, you would have two network cables -- one for the Modem-to-Router and a second for the Router-to-your-PC. But if you have only one, 'borrow' the (yellow) Modem-to-Router cable for the following configuration steps.

When connecting your machine, attach to the blue Port on the back of the wireless router (port #1).  This is temporary, just to configure the router.

Illustrations show a Linksys WRT110 router (shown as "Port 1") connected to a DSL or Cable modem.  All routers, including the EA2700, work similarly.



Note: The DSL Modem (or Cable Modem) has only 1 (yellow) network port.  If yours has four ports, and you want to continue to use them, see this article: Zyxel C1100Z DSL Modem setup


B.  Install DSL Line Filters

If you have a DSL connection, instead of Cable, install DSL line filters on all non-modem devices, such as phones, answering machines, DVRs, home security alarms, etc.  If you have a cable modem, ignore this step. 

DSL filters are supplied with the DSL modem or they can be bought separately.
*Do not* install a filter on the line that runs to the DSL modem (illustrated in grey). 

If a phone and the DSL-line need to share the same wall jack, do one of the following:  Purchase a standard RJ11 Y-Adapter and wire as illustrated on the left.  Or, use the extra phone jack on the back of the DSL modem, plugging your phone directly into the router.






C. From the DSL or cable modem, run a standard Cat-5 network cable from the Ethernet (network) port to the router, illustrated above, in yellow.  On many modems and routers, the two ports are yellow.  A cable is usually provided with the modem when purchased:

D. Finally, run a second Cat-5 network cable from the Router's Port #1 to your desktop or laptop's Ethernet port, illustrated above with a blue cable.  (If you have only one cable, you can temporarily borrow the yellow cable.)

E.  Power on the devices in this order:

DSL/Cable Modem first; wait 1 minute.
Linksys Wireless Router; wait a moment or two.
Laptop/Desktop


Configure the Linksys Router

Follow these steps to configure the linksys router.

You will note that I do not use the Linksys setup software provided with the router. Instead, I connect directly to the router.  This gives better control over the process and you will find the setup steps are nearly as easy and you get better control.

1. (Optional) Reset the Router

If this is an existing router, reset to a factory default IP Address of 192.168.1.1 : by pressing the reset button (illustrated above, in red).  To reset, power-up the router, then use a pencil to press and hold the micro-switch button for 5 seconds, then release.

(Other brand routers may use different default addresses)


2. Reboot your workstation.

Details: With your computer plugged into wired Cat-5 Port#1 (illustrated above as the blue cable), reboot your workstation. This will cause it to grab a new "DHCP" IP Address from the router.

Technical note: An 'IPConfig / Release /Renew' will not work.  It is not recommended that you use a wireless connection to configure a router.



3. Login to the Configuration Screens.

Launch a browser and type this address in the URL line:
192.168.1.1    This is a linksys-brand default ip-address

First-time login will be:
admin / admin

(Older routers use a blank user-name / admin)

Note: Subsequent logins will use different credentials.  Other brands of routers have other login steps -- see the documentation that came with the router for details.


4. Basic Setup - IP Address:

After typing 192.168.1.1, you will arrive at this screen:
2014.04 Note: Screen illustrations from Linksys BIOS Version 1.0.12.  Newer versions of the router have significantly different screens.

If your initial screen looks like this, continue with this article.  Otherwise, be aware the screens will look different, but the basic steps are the same.

Click for larger view

In the Setup, Basic Setup tab, make these changes:

a. Internet Connection Type: Automatic Configuration - DHCP
b. Domain Name:  (accept default or use domain.actdsltmp)
c. MTU:  Auto - Size 1500

d. Host Name: Any name of your choosing;

Example: "wolfhouse"

e. Set the router's new IP Address and subnet mask.  (The address's third octect (200) must be different than the DSL or Cable Modem's third octect):

192.168.200.1
255.255.255.0

f. DHCP Server: Enabled

Start Address: 192.168.200.100
Maximum number of users: 50
Client Lease time; change from zero to 1440 minutes

g. Set the time-zone

h. Click "Save Settings" (Scroll down to see button... Don't forget to Save)

Note:  Always Save Settings before leaving any router-configuration screen.

i. Important: *reboot* the workstation to obtain a new IP Address.

Discussion: 
The Linksys router needs to live at an IPAddress range that is different than the DSL or cable modem.   I like to pick an address, such as 200.1 but many people like to choose 100.1 -- anything but something in the 000.x or .001.x octect range.

By enabling DHCP, you are allowing this router to dispense (broadcaset, distribute, assign) IP addresses to any device that arrives on the network.  Out of habit, I choose the start-IP address as 200.100.  Many people like to choose 200.50 -- it really does not matter the starting octect -- but it must be greater than ".1".  Limit the maximum number of users to 30 or 50.   Remember, this defines a range of assignable DHCP addresses (see below).  I like to leave addresses 200.200 - 254 for printers and other hard-coded, non DHCP addresses.


Results:  The new network will look like this:

Note: The DSL or Cable Modem's address (usually 192.168.0.1) has already been configured and how to set it's address is not discussed in this article. 

The DSL / Cable modem's address is usually 192.168.0.1 or 1.1.  The new Linksys router's address is set to 200.1.  Workstations connect, either by wired or wireless, and will pull a new, somewhat random address from the DHCP pool, starting at 192.168.200.100, 101, 102, ... through 150.


5.  Wireless Setup

Continue with the wireless setup. I recommend setting Wireless settings, even if you do not have any wireless devices.


On the top-row menu, click "Wireless", "Wireless Settings".
With newer routers, you will be setting different values for the 5Ghz and 2.4Ghz networks.



Do this:
Follow the steps documented in this Keyliner article and return here where done:
Link: Router Setup Steps - 5Ghz

Note: The article references important differences in the Network Modes, Security Modes and SSID names!  Encryption is also set within this article.  Don't forget to click "Save" before leaving that page.


6.  Wireless Guest Access

Returning to the main Linksys menus, select the Wireless menu, then sub-menu "Guest Access":


Click for larger view

Make these changes:
  • Allow Guest Access: Yes
  • Guest Network Name (auto-assigned: e.g. wolfhouse24G-Guest)
  • Guest Password:  Assign an easy-to-remember password that is different than the admin or regular passwords.  For example, "doghouse"
  • SSID Broadcast: Enabled
The key point is this password should be (had better be) different than the regular wireless access password and it needs to be different than the admin password, described below.  Make this password easy to remember and easy to tell people visiting your house.  More on this in a moment.

Save Settings before leaving this screen.


Wireless MAC Filter and SSID Broadcast

Contrary to popular wisdom, hiding broadcasted SSID's and using MAC-address filtering is no longer recommended and these sections in the config screen should be skipped.

Reason: Some new Windows 7 / 8 features will not work without a broadcast SSID -- and hiding the SSID won't help keep the bad guys off your network.  Mac Addresses are easily sniffed and spoofed and SSID's can be quickly found.  If a hacker was good enough to break the encryption, they already have your SSID and Mac addresses.  Quit wasting your time.


7.  Important Administration Change:

Click the "Administration" tab, then "Management"

Reset the Admin password, changing from "admin" to any other value.
Click SAVE SETTINGS

I recommend making the Admin password the same as the SSID / Wireless access password set above.  If you make them the same, do not tell your teenagers the wireless access code or they will know the router's admin.  I know several teenage boys who have caused mischief in this area.



Note:  You may need to re-login to the router (via browser window) if you need to make other changes.  The old admin/admin login credentials will no longer work.


8.  Write the Passwords Down

This password should not be lost or forgotten.  I recommend recording these values and store in an envelope near the router or use a luggage tag:


Router Address:           192.168.200.1
Broadcast SSID: _______________________

Starting DHCP Address:  192.168.200.100

Admin Password: __admin /______________

24G Wireless Password: ________________

5G Wireless Password: _________________

Guest Wireless: _______________________


Example:
Broadcast SSID:  wolfhouse
Starting DHCP Address: 192.168.200.1
Admin Password:  howling5g
24G Wireless Access Password:  howling24
5G Wireless Access Password: howling5g - or other password
Guest Wireless Access Password:  doghouse

*Note:  If the admin password is lost, you will have to reset the router (see step 1 - Reset button) and rebuild the network from scratch.  Once rebuilt, you will have to teach each wireless device the new access codes.  This is annoying.  Write this stuff down!



Done!
This completes the Linksys Router's setup.
See below for Workstation steps.

When powering on the network, it is best to boot (power on) the DSL modem first. Wait a few moments, then power the Router. This gives the DSL modem time to establish its IP address so it can send it down the line.


Workstation Setup

Wired Devices
Connect all wired connections per normal and reboot the workstation.  Wired devices will pull a DHCP address and no other actions are required, presuming the workstations use DHCP -- which is the norm.

Older Wireless Devices (using 2.4Ghz 802.11 a/b/g)

Wireless devices using older network cards on 802.11 a/b/ or /g can only connect to the 2.4Ghz network -- even though they may see both the 5G and 2.4G broadcast SSID's.  If the older devices can see and connect to the 5G network, you mis-configured the wireless per this article; see  Link: Router Setup Steps - 5Ghz.


If a older device are allowed to connect to the 5G network (meaning that channel is broadcasting on both frequencies),  they can connect and when they do, all 5G activity is disabled -- even if those other devices have 5G capability. The channel steps down to the lowest common denominator.  More expensive routers, those with 6 antennae, work around this by dedicating a circuit for each type of connection.

Newer Wireless Devices (using 5G 802.11n)
Newer devices can connect to either side of the network.  Choose the 5G SSID if you want the speed. 


My recommendations:

For children's machines, give them the 24G network, regardless of what their hardware allows.  This is a good reason to make the 24G and 5G passwords different -- never tell your children the 5G password.... Yes, this is mean -- but it is a matter of self-preservation and greed.

For high-volume video streaming (the TV, Netflix, wii), choose the 5G network if the hardware can see that broadcast SSID.

For your personal laptop, choose either the 5G or 24G, as you needs and hardware dictate.

Once connected, browse the Internet. If all is well, you are done. Otherwise, see the testing steps, below.


Printers:

By default, printers almost always use DHCP addresses.  This is stupid.  Re-configure the printer to use a hard-coded IP Address -- preferably one outside of the DHCP "50" block.  Details can be found in this article:  Setting Up a Brother Wireless Printer


TESTING:
If the network is still failing, see this article for recommended testing steps.
Router Testing Steps


Related articles:
Installing a DSL Modem
Router Setup Steps - 5Ghz
Router Testing Steps
Resetting a Wireless Password
How to upgrade Linksys BIOS
Windows 7 and Vista Network Problems (IPV6)
Setting Up a Brother Wireless Printer

Router Setup Steps - 5Ghz

How To: Router Setup Steps - 5Ghz. 

This article describes the recommended configuration steps for a router with both a 5Ghz and the older 2.4Ghz channels.  If you are not careful, your brand-spanky-new router might find itself running at 2.4Ghz on both sides.

If an older card is allowed to connect on the 5Ghz channel, that side will step-down and run at the slower speed and all newer devices will have to step down too. 

This article ensures only high-speed devices can select the faster 5Ghz network.


5Ghz Router Setup

Note: This article only deals with the 5Ghz setup steps and does not cover all of the router configuration and setup steps.  See this article for a basic router setup steps:
Linksys EA2700 - First Time Setup for Home Networks



Using a Linksys Ea2700 as an example, manually configure the 5Ghz and 2.4Ghz in this manner:

A.  Type the router's IP Address in a browser

B.  Login as Admin / (your admin password);
see Linksys EA2700 - First Time Setup for Home Networks for complete setup details.

C.  In the Wireless tab, click "Wireless Settings"

Click for larger view
Recommended 5Ghz Setup:

Once in the Wireless setup screen, change from "Wi-Fi Protected Setup" to 'Manual".  (This disables the one-step setup-button on the router, but that was not a particularly good feature.  With the setup recommended here, you can type the password and connect and this is easier than getting up and finding the button on the router.)

Then make these setting changes on the 5Ghz side:

Network Mode:  "Wireless N Only"
(change from Mixed Mode).  This forces this side to only service newer network cards.
Older cards will be forced to the 2.4Ghz side.

Network SSID:
Invent a name for your 5G network, such as "wolfhouse5G".
Do not use spaces in the name and this name must be different than the 2.4G side.

Security Mode: Set to "WPA Personal".
Forcing to a newer encryption protocol.

PassPhrase:
This is the password/login workstations use to gain access to the network.  Invent any password or phrase.  Use this same phrase on the 2.4G side.  Write this down and tape to the bottom of the router, along with the Admin password.

Channel Width:  Leave at default (Auto 20 Mhz or 40 Mhz)

Channel:  Auto

SSID Broadcast:  Enabled (recommended)

Note: Why Broadcast SSID?  Some new Windows 7 / 8 features will not work without a broadcast SSID -- and hiding the SSID won't help keep the bad guys off your network.  This can be sniffed in a heartbeat.  If they are good enough to break the encryption, they have the SSID and your Mac addresses already.  Quit wasting your time.


Recommended 2.4Ghz Setup:

Network Mode:  "Mixed"  (default).
This allows all 802.11 a/b/g traffic to connect. 

Network SSID:
Invent a name for your 5G network, such as "wolfhouse24G".
Do not use spaces in the name and this name must be different than the 5G side.

Security Mode: Set to "WPA2/WPA Mixed Mode".
This is needed to accommodate older network cards.

PassPhrase:
This is the password workstations must provide in order to get access to this network.
I recommend using the same passphrase as the 5G side, but it can be different.

Channel Width:  Leave at default (Auto 20 Mhz or 40 Mhz)

Channel:  Auto

SSID Broadcast:  Enabled (recommended; see above)

Save the Settings.

Guest Access

Set Guest access on the network.  This is a recommended setting.  See below for why you would want to do this.

On the Wireless menu, choose "Guest Access"
Enable the feature
Invent a new password, one that is different than the 5G, 24G or Admin passwords, set in previous steps.  Use a simple password, such as "doghouse"; no need to be fancy.


Click for larger view

Why Guest Access?

New routers support easier guest access.  With this, the guest behaves as if it were on the other side of the firewall -- they can surf, but won't have rights to any devices or files on the inside.  Visitors can connect and browse while you sit there, smiling, knowing that all is safe and you didn't have to give away the keys to the kingdom.  This is elegant for both you and your visitors. 

To the visitor, the wireless network looks like this (Windows 8; other versions similar):


And as soon as they connect to the Guest network, they are presented with a simple login screen. 


While on the guest network they are blocked from all internal traffic, shares and printers.  If the account is hacked, they cannot do any real damage except to hog bandwidth.  Be sure to set the guest password differently than the regular encrypted password.  Guest access is only on the 2.4G network.

Related Articles:
Installing a Laptop Wireless Network Card
Linksys EA2700 - First Time Setup for Home Networks

Setting up a Home Network Router - For Older Routers
Router Testing Steps
Linksys EA2700 Review


2012-06-03

Linksys EA2700 Wireless Router Review

Linksys EA2700 Wireless Router Review

Brief review of the Linksys EA2700 Router, which is replacing an older WRT110.

It was time to upgrade my older Linksys WRT110 router with a newer model.  Linksys has a busy array of products, each at a slightly different price point.  I chose the Linksys EA2700 Dual-band N600 Router with Gigabit.  I recommend this product, with minor reservations, described below.

Related article:
Keyliner: First-Time Setup Linksys EA2700
Router 5ghz Wireless Setup Steps

Features:
  • Wireless N for newer laptops
  • Wireless a/b/g for older laptops
  • 2.4ghz + 5ghz dual, simultaneous bands
  • 4 wired gigabit ports
  • Instant Guest Access
  • IPV6 support
  • $100

The real reason for choosing the router was, oddly, for IPV6 support -- which nobody, including me, cares about*.  Starting with Windows Vista, and then 7 and 8, the operating system was configured with IPV6 (a new IP standard).  *Google seems to care.

This was enough to drive the old router nuts because each time a new laptop arrived on the old home network, it crashed the router with an "unidentified network error."  The solution for this is documented in this keyliner article:  Windows 7 Network Problems  -- but I was tired of making the same registry changes when new computers were introduced.  I suspected a newer router would fix the problem.  I was right.

Having a speedier Wireless N and faster gigabit ports (for a future NAS) also drove the upgrade. The EA2700 was the minimum model with gigabit and it was at my price-point of $100. 

Confusing Product Comparisons:

Cisco has purposely built a number of products, each with different features at different prices.  This carefully planned strategy extracts the maximum dollars from informed customers.  With each slightly more expensive model, they add one more interesting feature. 

For an average consumer, figuring out which to purchase should be a challenge and most would purchase solely on price.  Asking the store's help might not be helpful because the clerks were as confused as I was and the best they could do was to spout statistics from the back of the box.  After some pondering, I managed to combine a dozen pages on Linksys's site, into one chart.

Features that I think show significant differences between one model and the next are marked with an underline in the illustration below.  Click for a larger view:   
Click for larger image

In summary: 
  •  All new routers support Wireless N and older protocols.
  • 2.4Ghz and 5Ghz refers to the frequency -- not the throughput.  5Ghz has less interference from other 2.4Ghz devices, such as wireless house phones.  Newer N network cards can use 5Ghz.
     
  • 300 Mbps is a normal N throughput.
  • Most of these routers have 2 speed numbers (e.g. 300- 450): The first is the 2.4ghz speed, the second is the 5ghz speed.  802.11g and older will use the first number. 
  • It costs a lot more money for 450Mbs (first number) and your network card may not support it. 
     
  • More antennas mean more PC's can hog bandwidth without stepping on each other -- but your real bandwidth bottleneck is probably your ISP.  At my house, 4 PC's and a wii ran on two antenna and I have been fairly happy. 
  • 4 antenna is icing on cake.  If you have a lot of active devices, 6 antenna might be useful, but you probably won't notice -- especially if you configure the router properly (opinion, not tested). 
     
  • Gigabit wired ports - are not on all models.  But you should consider this a requirement if you have wired devices. 
  • Use wired when possible.  I laugh when somebody uses a wireless connection for a desktop computer 12" away from the router.
  • USB port: Nice to have, probably un-needed (see below).
     
  • If your current network is bogged down with streaming video, look more carefully at the two higher-end models -- but I'd bet this is not really an issue for most people.  For example, with two teenagers and Netflix, I have not noticed a problem on my old, slow network, let alone on the new.  I am leery of spending money on features I may not need. 
     
  • In three years these routers will be obsolete but there is no reason to upgrade unless the devices can take advantage of the technology.  My old laptops are 802.11g.  Bah!  See this article: Installing a new Laptop 5G Network Card.

For a home-office with an average of 3 or 4 PC's that occasionally streams video or music from other devices, I recommend the EA2700.  This seems to be a good balance between features and price and is somewhat future-proofed for some of the newer devices.  Although this model lacks USB and dedicated streaming channels, this is not as much a concern as you might think.  Read the 'minor regrets,' below, for an explanation.

Setup:

Ignoring the setup CD that came with the router, I like to login directly to the router's configuration screens and manually configure the router. 

See this article for important steps and information, including how to change the Administrative Password: Keyliner article:  Linksys EA2700 - First Time Setup

Total setup time was about 10 minutes.  Very easy, with no surprises.

I still do not understand what the setup CD provides, other than to install another software program on my computer.  I prefer to work directly on the router's built-in setup screens and it only takes a few moments. If you have worked with Linksys routers in the past, the web-based setup screen is similar to previous models.

Initial Login:
Using your browser, connect to 192.168.1.1
Use these credentials for the first-time login: "admin/admin" 

See also these articles for more detailed steps:
Linksys EA2700 - First Time Setup
Router Setup Steps - 5Ghz

Note: These setup screens are for Firmware version 1.0.12 - as the router was originally shipped.  Newer versions (1.1.29) look significantly different, but the steps are the same.
Click for larger view


5G and 2.4G Setup Notes:

There are two configuration sections for 2.4G and 5G.
Be sure to set different SSID's names for each, with similar names but with an appendage, something like this:

wolfhouse5g
wolfhouse24g

Synopsis:

For the 5G side:
Network Mode:  Wireless N only
SSID:  wolfhouse5G (or some such name)
Security Mode: WPA2 Personal
All other fields at default, including Broadcast SSID

For the 2.4G side,
Network Mode: Mixed
SSID:  wolfhouse24G
Security Mode: WPA2/WPA Mixed Mode  (for compatibility)
This way, older devices, such as wireless printers will still work properly.
All other fields at default, including Broadcast SSID

Here is my setup:

Click for larger view
Note: Why Broadcast SSID?  Some new Windows 7 / 8 features will not work well without a broadcast SSID -- and hiding the SSID won't help keep the bad guys off your network.  This can be sniffed in a heartbeat.  If they are good enough to break the encryption, they have the SSID and your Mac addresses already.  Quit wasting your time.

Minor Issues:

A minor issue was the power-cord was about 6" shorter than the older Linksys.  Naturally, it was 5" too short.  The old linksys cord was the same rating, solving this minor problem.

Another minor issue:  According to the manual, the Cisco logo on the top is supposed to glow, giving network status; my logo is dark.  There are, however, a myriad of blinky-lights on the back.  It may be the more expensive models light up.

When configuring the router, or occasionally if the DSL or cable circuit was down, you may need to reboot the router.  As usual, shy of pulling the power cord, there is not a good way to reboot the box.  In a dark closet, this is always a challenge.  However, all of the new routers are now rebootable from the configuration screens -- provided you can reach the device from your browser during the downtime.


Guest Access:

New routers support easier guest access, which is also configurable in the wireless section.  With this, the guest behaves as if it were on the other side of the firewall and you no-longer have to give away the keys to the kingdom for a short, one-time-connection.

Visitors can see your network's broadcast and with a simple password, they can connect and browse while you sit there, smiling, knowing you don't have to worry about other devices in your house.  In practice, this is elegant for both you and your visitors. 

To the visitor, the wireless network looks like this (Windows 8; other versions similar):

And as soon as they connect to the Guest network, they are presented with a simple login screen. 


While on the guest network they are blocked from all internal traffic, shares and printers.  If the account is hacked, they cannot do any real damage except to hog bandwidth.  Be sure to set the guest password differently than the regular encrypted password.  Guest access is only on the 2.4G network.

More details can be found in this related Keyliner article: Router Setup - 5Ghz


Internal Components:

Beneath the metal RF Shield plates, are a normal array of IC chips.
Note the multiple wire antennas.
Ventilation seems adequate, but I recommend propping the bottom edge to give more air underneath the case.  My friend reports after watching a movie, the router is warmer than usual.


The router is the size of a small plate and despite all of the photos showing a thin, pancake-like leading edge, the device is the same thickness throughout.  Underneath, the edges curve inwards, giving an illusion of a thin face.


Minor Regrets:

More expensive versions of this router have a built-in USB port and at first blush, I seriously considered this a required feature.  The USB port would allow a direct-connect of external NAS drive and possibly a printer.

But consider this:  A NAS / Drive Array would have better performance if connected to the gigabit ports, making the USB less-than ideal.

Connecting a printer to the USB port strikes me as odd.  If the printer were close enough to the router for a USB cable, then you could connect it with a Cat-5 network cable, again making the USB port unnecessary.  If all four all network ports were occupied, you could spend $35 and buy a hub, which would expand your network and this would be more flexible than a more expensive router.

The other more expensive models can also stream video on separate channels, freeing contention with computer traffic.  My current (old) router runs Netflix over the wireless without any problems.  Adding these features raises the cost another $40 to $90, exceeding my wallet's tolerance.


Future Features:

This summer, Cisco promises new software which will allow access to the home network from anywhere on the net and this is only available on the EA2700 and better routers.  I'll review this when it becomes available (2014: This is now available, but un-reviewed).  It is odd the vendor's webpage discusses this feature, but the box does not.  I am looking forward to seeing this.


Summary:

This is a recommended product that is well placed in the market.  Linksys / Cisco has been a reliable brand in the past and I am now on my third-generation of Linksys routers.

The router installed with ease and was fully operational in about 10 minutes. It works exactly as expected, with no issues.

The range seems better than previous routers and having faster speeds will be nice.  Having gigabit and 5ghz "future-proofs" the router as I get newer equipment.  To upgrade older laptops to run over the faster network, see this article: Installing a new Laptop Wireless Card

Advert: Linksys EA2700 Smart Wi-Fi Router App enabled N600 with Gigabit



Related Links:
Linksys EA2700 - First Time Setup
Router Setup - 5Ghz - detailed instructions
Installing a new Laptop Wireless Card

Setting up a Home DSL Network - Older Routers
Windows 7 Network Problems
Brother Wireless Printer Fails after Router Upgrade