WiFi security questions

[Tripredacus]

I will soon be embarking upon adding a wireless router at home, and I had some questions about possible setups. The typical setup is enable WEP and SSID, and DHCP. However I was wondering about this idea instead...

What if I disabled DHCP, and did not opt to use key security (but still used firewall) and set the "LAN/WLAN" ip for the router to some non-standard address? For example, if I set the LAN side IP to 72.0.1.1, subnet as appropriate, then set wireless connections to that network to use static IPs? Is it then not likely that someone would be able to jump into my wireless network? Example, one of my neighbors would see my signal, see that it is "unprotected", decide to connect to it but then not have any internet access! Is it possible for someone to determine what the router's IP address is if DHCP is disabled?

Also, I was planning on getting a Linksys WRT model of some sort, but wondering if it supports different DHCP/DNS/etc settings for both the LAN and WLAN features on the private side? For example, I definately want DHCP to be disabled on the LAN side. Also, do these types of routers offer protection between the WLAN and LAN portions?

[CoffeeFiend]

The typical setup is enable WEP and SSID, and DHCP

Hmm, no. Everything defaults to WPA or WPA2 these days. WEP is really old and very insecure.

Misusing a range of public addresses will only mess things up quite badly. Not that it would offer any real protection as all your traffic would be broadcasted unencrypted.

Just use WPA or WPA2 and a decent password and you're set. Problem solved.

Also, I was planning on getting a Linksys WRT model of some sort, but wondering if it supports different DHCP/DNS/etc settings for both the LAN and WLAN features on the private side?

Nope. Linksys' stock firmwares aren't exactly loaded with advanced options...

Also, do these types of routers offer protection between the WLAN and LAN portions?

There is AP isolation which will isolate WLAN clients from each other, and that's about it.

You won't find advanced features like these on stock firmwares of consumer routers, even the expensive ones (my WRT160N is surprisingly awful). Firmwares like DD-WRT and Tomato have a LOT more advanced options, but their hardware support is limited.

[Tripredacus]

Somehow I managed to find a Wireless Draft N 2.0 router for $40 at a store. It was on sale and the last one. It supports G too. I set it up without even reading the manual, but was disappointed that the WiFi side comes unsecured by default. I haven't had the DHCP problems my Linksys did, so I don't think I need to worry about the static IP idea at all.

Also I found out after setting it up, that my router is the only WPA2 network in my area. I can see 3 other networks but they are WEP. Man, you didn't tell me the WPA key was so long and annoying to type!

Oh also, default when enable security for this one was WEP. I remembered your post and had chosen WPA instead. Thanks a lot.