10.x.x.x
172.16.x.x
192.168.x.x
Topologi LAN Sederhana:
Aktifkan IP Forwarding:
ConceptsSince I’m about to describe how to roll your own router, it will help if you understand how most TCP/IP routing works. Any router, whether Cisco, Proteon, or Linux, is based upon the premise that packets need to be forwarded. Why? Because, presumably, the packets that come in on one interface are not local to the other interfaces in the router. Therefore, the router in question must be able to take a packet, look at its destination, and forward it to the appropriate interface.
How does the router map network destinations to interfaces? Well, just as every router needs to be able to forward packets, so too it needs the ability to consult, build, and update a lookup table, called a routing table, that maps destination networks to interfaces. If a packet comes in for network X, the routing table is consulted and the packet is dumped to the appropriate interface -- a local node that is either another gateway or the packet’s final destination. If network X does not exist in the routing table, the packet is dumped to the default destination, also denoted by IP address 0.0.0.0. If you have not specified a default destination, the packet is dropped, and an ICMP "Destination Unreachable" message is sent back to the originating network client.
1. Wearing encryption.Encryption is the first security measure, but many wireless access points (WAPs) do not use encryption as a default. Although many WAP has Wired Equivalent Privacy (WEP) protocol, but not enabled by default. WEP does have some holes in securitynya, and an experienced hacker would be able to open it, but it was still better than no encryption at all. Be sure to set the WEP authentication method to "shared key" rather than "open system". To "open system", he does not encrypt data, but only authenticate the client. Change the WEP key as often as possible, and use 128-bit WEP compared with the 40-bit.
2. Use strong encryption.
Because of the weakness weaknesses in WEP, it is recommended to use Wi-Fi Protected Access (WPA) as well. To use WPA, WAP must support it. The client side must also be able to support WPA tsb.
