Hardware

1. Keep dust away from the computers and everywhere around them.
2. Keep wires and leads tidy and out of harm's way as much as possible.
3. Make sure each computer case has plenty of ventilation around it, and that it is standing on a firm base.
4. Don't let your computer workspaces get cluttered up.
5. Don't eat or drink anywhere near the computer, printers, scanners, or keyboards. (Difficult I know, and I am the worst offender, but any crumbs in the keyboard or spilt drinks on the case or keyboard can do a lot of damage.)
6. Don't move the computers around when they are switched on. If you have to move them, shut them down first.

There may be other similar steps you can take, but the essence is, keep the computer area clean and clutter-free.

Software

As to software and the operating systems themselves, there is much more you can do. Although you have three computers with different operating systems, (OSs), housekeeping is the same for each. In particular, upkeep Windows 98 and Me is very much the same, but the methods you use are the same for them as for XP. It seems to me that there are five main issues, but other people may have better guidance:

 

Get rid off any unwanted or temporary files.

Windows is a hoarder. It's worse than a magpie. It stores files all over it's system, and many of these can be temporary files that the OS and other programs only use once and are then meant to be deleted, but are not.Each Windows OS has a utility called "Disk Cleanup", in Start Menu > Programs > Accessories > System Tools. Using this will empty the main Windows/Temp folders, and you can also use it to delete your Recycle Bin, and your "Temporary Internet Folder", which stores all of the objects that make up the websites you have visited. You don't need these and they can be deleted.Alternatively, If you do not know how to use Windows Explorer, (note that I do not mean Internet Explorer), then do a Search, (Start Menu/Search), and search for folders called "Temp", or "temp" or "Temporary files", or "temp*", (notice the star), and see what is contained in these folders. If you are satisfied they are old, or not wanted, delete them.Or in Internet Explorer, click the Tools Menu then click Internet Options, (or go to Start Menu > Settings > Control Panel > Internet Options), and under the General tab you can delete cookies, files, (temporary Internet files), and Internet history, (which keeps a record of the web sites you have visited recently). You could also look at all the programs that are installed on the three computers. On each, go to Start Menu > Settings > Control Panel, and double click the Add/Remove Programs Icon. In this utility you can see a list of all the programs installed on each computer. If there are any programs that you know you no longer use or need, then highlight the program, and click the Add/Remove button, then follow any other instructions that may appear. If you are not sure whether you still use the programs, I would leave this alone until you can be sure. Beware though that very often only the major parts of the programs are removed, and some leftovers will remain in that program's folder which you will have to manually delete. You may have to reboot, (re-start), your computer after each removal, but the utility should let you know about this.

Keep the files you intend to retain on your computers tidy and easier to access by the OS.

One of the major things you can do to improve performance on each computer, (which means it does not have to work so hard, and will run more smoothly), is to "scan" each hard disk for errors, and "de-fragment" each disk at regular intervals. Scandisk scans the hard disk, (where all files/folders are stored), for errors, and will attempt to fix them all for you. Errors can be bad sectors that have become corrupt and need repairing, or marking as "not for use in future", or program/file fragments that no longer belong to anything, and Scandisk can help you keep your hard disks in good working order. Disk fragmentation is an occupational hazard with hard disks. The programs and files or data stored on the disk become fragmented over time, and the OS has to work harder to load the files when needed. The Disk Defragmenter recombines all these fragments into a more compact area, which makes retrieval easier.Both Scan Disk and Disk Defragmenter are available by double clicking "My Computer" on the desktop, then highlighting the hard disk, (usually called the "C" disk), and right clicking that disk and choosing Properties, then Tools. If you have never run Scan Disk or Disk Defragmenter on any of the computers before, you should beware that these processes may take a long time to complete.
Before running either, turn off any Screen Savers, disconnect from the Internet, (unplug the Internet cable or wire), and disable your firewall and AV programs, then reboot after each process is done.

Make sure you and your children understand the "best practices" for Internet surfing, downloading and sharing files, viewing emails, and installing applications. Best practices helps you and your children prevent coming across viruses and spyware in the first place.

1. One of the most important is to carry out a virus scan on "EVERYTHING" that you download from the Internet and intend to install, or intend to install from a CD or floppy disk, or open any attachments from an email. I mean EVERYTHING. Even if you know where the file or groups of files have come from, check it first for viruses. This is easy enough to do. If you have a CD or floppy disk, before copying anything over to your hard disk or before installing anything from them, open up My Computer, highlight the CD or floppy disk drive, and right click, and choose "Scan with AVG", or whatever your AV is. If your AV does not install a right click option, open up the AV program, select Scan, and navigate to the drive to be scanned. Similarly with files received from download or from email attachments. First of all save them to a temporary folder. The desktop is a good place, but only for temporary storage. Highlight the file, and right click to select scan with your AV.
2. If you or your children are using a file sharing program, (one called Kazaa seems to be the most popular), to share files with other people, you must be aware that the program itself may have come bundled with spyware and adware, and that any files you or the children download may not be what you or they expect, but may be infected themselves. You need to research the programs they are using, (e.g. in Google type in Kazaa, and stand well back when the thousands of Kazaa related articles appear), and find out what experts think of them. Do not trust a program just because the web site it came from looks good, or the program itself looks "cool".
3. A lot of web sites attempt to install files and programs onto your computer when you visit them. Use common sense when deciding which web sites to visit, and consider increasing your browsers security beforehand, (Internet Explorer/Tools/Internet Options/Security).
4. Beware of chat rooms. There is the obvious, (sadly), risk of young children being targeted by adults in chat rooms, but there is also the less obvious risk, especially in IRC chat rooms, or with Instant Messengers, of viruses "getting in" through the back door.

 

It's not a foregone conclusion that your wireless network will be used by criminals, but it is important that you do your best to protect it from unauthorized access.
Here are some ways you can secure 802.11:

Change your name

Start by changing the default name of your network, the Service Set ID (SSID). For example, Tsunami is the default SSID for Cisco's Aironet Access Point, so you want to make sure you're not one of the thousands of Tsunami networks in the world today. Don't use personal info such as your street address in your ID, either. That's too revealing to strangers. Try random numbers instead.

Turn off SSID

If your unit allows for it, turn off SSID broadcasting altogether. This prevents strangers from passively scanning the area and receiving your network's broadcasts.

Protect your intranet

Be sure to place your access points (APs) outside your firewall. If you place your APs inside the firewall and someone breaks into your WLAN, he or she has access to your intranet, too.

Block unknown devices

Restrict your wireless network to known Media Access Connection (MAC) addresses, which are unique identifiers for every hardware device. If you don't know the addresses of the devices on your network, make an audit today. Then you can block rogue devices trying to connect to your net without your permission.

Enable WEP

Although WEP by itself will not by itself make your network secure, it's a good first step.

Troubleshooting Your WLAN

Fix hardware and configuration issues common to wireless LANs

With decreasing prices of wireless hardware, wireless networks are fast becoming more popular in small office networks. Both the cost savings and the ease of using wireless LANs are beneficial to the small office—until something goes wrong. Then it becomes all too apparent that, while wireless networks are growing, troubleshooting resources for wireless LANs are not.

When a wireless network fails, there are a few key areas to look to first. In this article, I’ll discuss some of the more common hardware problems that can cause a wireless network to fail. As well, I’ll cover the configuration issues that can also plague a wireless LAN. With this information, you can troubleshoot your wireless network with confidence. (This article assumes that you’re troubleshooting an infrastructure network, and not an ad hoc network.)

Hardware troubleshooting

When you have only one access point and only one wireless client with connection issues, then you’ve already determined the scope of the problem. It’s your one client that is having trouble attaching to the network. However, if you’ve got a larger network, then the process of determining the scope of the problem becomes a little more involved.

If lots of users are having trouble connecting, but there are still some users who are able to work, the problem is most likely that your network has multiple access points and that one of the access points is malfunctioning. Often, you can take an educated guess as to which access point is malfunctioning by looking at the physical locations of the users who are having the problem and then figuring out which access point serves that portion of the building.

If no one can connect to the wireless network, then there are several things that could be going on. If your network uses a single wireless access point, one possibility is that the access point is malfunctioning or contains a configuration error. The problem could also be related to radio interference or to a break in the physical link between the wireless access point and the wired network.

Check connectivity to the access point

First, you should perform a communications test to see if the access point is responding. To do so, open a Command Prompt window on a PC on your wired network and ping your wireless access point’s IP address. The wireless access point should respond to the ping. If it doesn’t, there’s either a break in the communications link or the access point is completely malfunctioning.

To figure out which is the case, try pinging the access point’s IP address from a wireless client. If the wireless client is able to ping the access point successfully, then the problem is almost certainly a broken communications link, such as a damaged cable.

If the wireless client is unable to ping the access point, then the access point could be malfunctioning. Try unplugging the access point to reset it and then plug it in again. Wait for about five minutes and then try pinging the access point from both the wireless and the wired clients again.

If both pings still fail, then it is likely that the access point is damaged or has an invalid configuration. At this point, I recommend focusing your initial efforts on getting the access point to communicate with the wired network. Plug the access point into a known-good network jack using a known-working patch cable. You should also verify the access point’s TCP/IP configuration. After doing so, try pinging the device from a wired client again. If the ping still fails, then the unit has probably been damaged and should be replaced.

Configuration issues
I’ve found that wireless networking equipment is fairly reliable, and the vast majority of problems are related to the network’s configuration rather than to a hardware malfunction. With this in mind, I’ll discuss several common hardware configuration problems that lead to a disruption of wireless services.

Test the signal strength

If you can ping the wireless access point from a wired client but not from a wireless client, then the access point is probably just experiencing a temporary problem. If the access point continues to have problems, I recommend checking the signal strength. Unfortunately, there’s no standard method for doing this. Most wireless NIC manufacturers, however, include some mechanism with the NIC for measuring signal strength.

Try changing channels

If you determine that you’re getting a weak signal but nothing has physically changed in your office, then I recommend attempting to change channels on the access point and on one wireless client to see if a different channel improves the signal strength. I run a wireless network in my home office, and I’ve found that one of my cordless phones interferes with my wireless network when the phone is in use. 802.11b wireless networks function on the 2.4-GHz frequency, just like many higher-end cordless phones. Changing channels on all of your wireless clients can be a big undertaking. Therefore, I recommend testing the new channel with one client first. Remember that your problem could go away as soon as someone hangs up a phone or turns off a microwave oven.

Verify the SSID

A while back, I took my laptop to a friend’s house to work. Because my friend had a wireless network in place, I decided to connect to his network for the duration of my visit. Upon returning home, I didn’t use my laptop for a couple of weeks. The next time that I went to use my laptop, it wouldn’t connect to my network. The problem was that I had forgotten to reset the SSID (Service Set Identifier) back to my own network identifier. Remember, if the SSID doesn’t specify the correct network, then you won’t be able to ping the access point. Instead, your laptop will ignore the access point’s existence and search for an access point with the specified SSID.

Verify the WEP key

I recommend checking out the wired equivalent privacy (WEP) encryption configuration next. If WEP is configured incorrectly, you will not be able to ping the access point from a wireless client. Different brands of NICs and access points require you to specify the WEP encryption key differently. For example, one brand requires you to enter the encryption key in hex format, while another brand requires the key to be entered in decimal format. Likewise, some brands support 40-bit and 64-bit encryption, while other brands support only 128-bit encryption.

In order for WEP to function, all settings must match exactly between the client and the access point. I have run into several situations in which clients that seemed to be configured perfectly simply could not communicate with an access point that was using WEP. During these situations, I usually had to reset the access point to the factory defaults and reenter the WEP configuration information. Only then did WEP begin to function.

Tricky WEP configuration issues

By far the most common configuration-related problems involve the use of the WEP protocol, so WEP deserves some more discussion. Troubleshooting a WEP problem can be especially tricky, because a WEP mismatch has symptoms that are similar to a more serious failure. For example, if WEP is configured incorrectly, a wireless client won’t be able to get an IP address from a DHCP server (even if the access point has a built-in DHCP server). If the wireless client is configured to use static IP addresses, the wireless client won’t even be able to ping the access point’s IP address, thus giving the illusion that no connection exists.

The trick to figuring out whether a problem is related to a WEP configuration error rather than a hardware malfunction is to be aware of the diagnostic capabilities built into the NIC driver and into the operating system. For example, one of my laptops is running Windows XP and has a Linksys wireless NIC. Notice in Figure A that if I move my mouse pointer over the top of the wireless icon in the taskbar, I see a summary of my connection information. In this case, the connection strength is Excellent. As long as the channel and SSID are configured correctly, you can connect to the access point, even with a WEP configuration error. Had there been a physical connection problem, the connection strength would be none, not Excellent. Linksys cards will show you the connection strength whether WEP is configured correctly or not. Therefore, you can validate that a connection exists, even if you can’t ping the access point.

Figure A

 

The signal strength is a big clue as to the nature of your problem.

If you right-click on the wireless networking icon in the taskbar and select the View Available Wireless Networks command from the resulting menu, you’ll see the connect to Wireless Network dialog box. This dialog box displays the SSID of any wireless network on your present channel to which you are not currently connected. If the name of your wireless network shows up on this list but you can’t seem to connect, then you can rest assured that your connection is good, and that you’ve got a configuration problem.

Note
An interesting side note is that the Connect To Wireless Network dialog box also includes a field where you can enter a WEP key when you try to connect to a wireless network. There have been times when I absolutely could not connect to a particular wireless network unless I went through this dialog box and manually entered the WEP key. After doing so, the network became available to me.

DHCP configuration issues

Another tricky problem that can prevent you from successfully interacting with a wireless network is a DHCP configuration error. The DHCP server that you connect to can play a major role in whether you are able to use a wireless network.

Many of the newer access points have an integrated DHCP server. Typically, these access points assign the 192.168.0.x address range to clients. Often, DHCP access points will not accept connections from clients to which they have not issued an IP address. This means that clients with static IP addresses or clients that might have somehow acquired an IP address from another DHCP server could be unable to connect to the access point.

The first time that I installed an integrated DHCP server access point onto my network, I decided to allow the access point to assign IP addresses to my wireless clients. However, my network uses the 147.100.x.y address range. This meant that although wireless clients were able to communicate with the access point and were able to acquire an IP address, they were unable to interact with the rest of my network because of the IP address range mismatch.

There are two solutions to this problem:

1. Disable the access point’s DHCP services and allow the wireless client to lease an IP address from a normal DHCP server.
2. Override the IP address range by configuring the DHCP address scope with your own block of IP addresses.
   Either solution will work, but you’ll have to work within the limitations imposed by your access point’s firmware. Many access points will only allow you to use one solution or the other, but not both.

Problems with multiple access points

Suppose for a moment that two access points are in use, both with the default settings. If this is the case, then both access points are assigning clients IP addresses in the 192.168.0.x address range. The problem is that the two access points are completely unaware of which IP addresses the other access point has leased. Therefore, it’s only a matter of time before there are duplicate addresses on your network.

The solution to this problem is to define a unique scope of addresses for each access point. By doing so, you’ll prevent IP address overlaps.

Watch out for client lists

Some access points contain an allowed client list, which can be the root of wireless configuration problems. The allowed client list is a list of MAC addresses of permitted wireless clients. This is a security feature that’s designed to prevent unauthorized users from connecting to your network. Normally, the allowed address feature is disabled by default. However, if a user has accidentally clicked the Enable button, then the allowed address list will be enabled but won’t contain any MAC addresses. This means that no wireless clients will be able to connect to the access point, regardless of any other configuration settings.

I’ve also seen the allowed address list become a problem when multiple access points are in use. Many administrators incorrectly assume that just because they enter the allowed addresses into the list, the addresses are then globally permitted to access the network. However, in most cases, this simply grants the users permission to access the network through the designated access point. If you want users to be able to go through other access points, you’ll usually have to configure those access points separately.

If you only do one thing, this is the one you must do.

It is regrettable that the Internet is now swamped by idiots and malicious users whose only purpose in life seems to be to make our lives miserable with virus infections and attempted hacking into our personal property. Your computers are your own personal property and you must protect them. You need:

1. A firewall on each computer that is connected to the Internet, either by itself, or through a local network, (i.e., through one of the other computers you have). There are many firewalls around, and they all help prevent hackers from gaining access to your computers and stealing personal data when you are connected to the Internet. The one I use is ZoneAlarm, from www.zonelabs.com. It is free, but it is by no means the only good one around.
2. Anti virus (AV) protection on each computer. Whether or not any of your computers are connected to the Internet, you need anti virus protection on each. Viruses can infect computers through email messages, chat rooms, web sites, downloaded programs and other files, and through infected floppy disks or CD's that your friends or children's friends may pass around. Again, there are plenty of free Anti virus products on the Internet. I use AVG from www.grisoft.com, but there are other good ones around. An AV should be installed on each computer. It's virus definition database needs to be kept up to date regularly, (at least twice a week, although many people will say do it daily), and you should use the AV to scan each computer regularly, e.g. once a week. This is, singularly, the best way to keep computers virus free. But AV's don't catch all malicious “malware”. You also need anti ad-ware protection.
3. Anti Adware protection. Adware can be spread by the same methods. Adware places annoying "pop-ups" on your computer advertising, whatever they are meant to advertise. They also place programs on your computer that record your surfing habits, so they can target the ads you get when you visit web sites. The best anti adware program around is Ad-Aware by www.lavasoftusa.com. Again it is free. Again it needs its definitions updated regularly, and the computers scanned, but perhaps not so often, say once a month.
4. You also need spyware protection. Spyware also spies on your surfing habits, but can steal details from you. I use two anti spyware products, both free, and they compliment each other. They are Spybot Search & Destroy from www.spybot.info/en/index.html Download an install, check for updates and scan regularly, and Spyware Blaster, from www.javacoolsoftware.com/ again, download and install, and update it. You don't perform scans with this program. It immunizes your computer in a different way, but it needs updating regularly.
5. I also have a start-up monitor installed. This warns me if anything on my computer that is installed, (either with or without my knowledge), attempts to set itself to start whenever I start up the computer. I obtained mine from http://www.mlin.net/StartupMonitor.shtml and it is a very useful little program.

This section explains the purpose of the crossover cable and shows when and where it should be used in a 100BASE-TX Local Area Network (LAN).

Ethernet crossover cables are most often used in home networks when connecting two ethernet computers without a hub. An Ethernet crossover cable has it's send and receive wires crossed.  When using a hub or switch, this is automatically done for you.

Unfortunately some devices like cable and dsl modems have their actual ethernet plugs reversed.  This is to allow people to hook up a cable modem to a computer without a special crossover cable.  When adding a hub into the mix, the issue can get confusing.

Most modern hubs and switches have what is called an uplink port on them.  This is the same kind of 'reversed' port that is on a cable or dsl modem.

This may sound like a confusing issue, but here are some network diagrams that will show when to use a normal ethernet cable and when to use a crossover cable.

---

GREEN cables represent standard ethernet cables
BLUE cables represent CROSSOVER cables

No Crossover cable needed	Crossover cable IS needed

Note: One port on your hub will usually be 'shared' with the uplink port.  Either the uplink port OR the standard port can be used, not both.

---

Crossover Ethernet Cable Pinouts:
(Courtesey of linksys...)

---

Standard Ethernet Cable Pinouts:
(Courtesey of linksys...)

Category 5 - Standard and Crossover

This page deals with the two most common questions when setting up a 100BASE-TX Local Area Network (LAN).

This section assumes that you have the proper crimping tool, connectors and Category 5 twisted-pair cable. It is not as complicated as it may seem at first. It is important that the right colored pairs are used in the correct place. While an improperly made cable may provide a working connection, it will not provide the reliability and performance as expected.

COLOR-CODE STANDARDS
Last updated: 10/20/2004

Note that the TX (transmitter) pins are connected to corresponding RX (receiver) pins, plus to plus and minus to minus, and that  you must use a crossover cable to connect units with identical interfaces.  If you use a straight-through cable, one of the two units must, in effect, perform the cross-over function.

Two wire color-code standards apply: EIA/TIA 568A and EIA/TIA 568B. The codes are commonly depicted with RJ-45 jacks as follows (the view is from the front of the jacks):

If we apply the 568A color code and show all eight wires, our pin-out looks like this:

Note that pins 4, 5, 7, and 8 and the blue and brown pairs are not used in either standard.  Quite contrary to what you may read elsewhere, these pins and wires are not used or required to implement 100BASE-TX duplexing--they are just plain wasted.

However, the actual cables are not physically that simple.  In the diagrams, the orange pair of wires are not adjacent.  The blue pair is upside-down.  The right ends match RJ-45 jacks and the left ends do not.  If, for example, we invert the left side of the 568A "straight"-thru cable to match a 568A jack--put one 180° twist in the entire cable from end-to-end--and twist together and rearrange the appropriate pairs, we get the following can-of-worms:

This further emphasizes, I hope,  the importance of the word "twist" in making network cables which will work.  You cannot use an flat-untwisted telephone cable for a network cable.  Furthermore, you must use a pair of twisted wires to connect a set of transmitter pins to their corresponding receiver pins.  You cannot use a wire from one pair and another wire from a different pair.

Keeping the above principles in mind, we can simplify the diagram for a 568A straight-thru cable by untwisting  the wires, except the 180° twist in the entire cable, and bending the ends upward.  Likewise, if we exchange the green and orange pairs in the 568A diagram we will get a simplified diagram for a 568B straight-thru cable.  If we cross the green and orange pairs in the 568A diagram we will arrive at a simplified diagram for a crossover cable.  All three are shown below.