Doing it correctly
What should you do to correctly share the single network connection in your dorm room?
Check the campus policy - As I said at the top of this article, many campuses have rules prohibiting the attachment of any unauthorized networking devices, or restricting their use to certain networks and/or configurations. If you get caught messing up the network, the penalty may be stiffer than you think (expulsion in some policies I've seen), so find out ahead of time, and make an informed decision.
Use a switch - If your campus policy does allow more than one computer, the campus network administrators probably want to control the IP address info that your multiple computers receive. Using a switch or hub to connect more computers (instead of a router) allows all the devices connected to the switch / hub to be directly on the campus network and properly connected to campus-level servers and services. If you have a router and want to use it as a switch, see Tip 5 below.
Connect the router properly - If you can share the connection, connect the router just as you would to a cable modem or DSL connection. Connect the WAN port of the router to the campus network, and keep your multiple machines on the LAN side of the router. You'll probably just need to set the WAN side of your router to be a DHCP client (dynamic IP address setting).
If you need more ports than the router supplies, use an additional hub or switch, or a router with UPnP and the LAN DHCP server DISABLED (see Tip 5below).
Know the risks of running a wireless connection - If your router has wireless capabilities, you must take extra care to prevent compromising the security of both your campus network and your own computers.
- First find out if running a wireless Access Point is allowed. It probably isn't, and the penalties are probably stiffer than just attaching more than one wired computer, considering the additional security risk that an open wireless connection presents.
- Enable WEP - Use 128bit mode (or higher if your router supports it) and a non-obvious key. It's more secure than no WEP, and will send "doorknob rattlers" on to the next victim.
- Use MAC address Association control - If your router doesn't have it, look for one that does or a firmware update that adds it. Set it to allow association to the list of MAC addresses that you provide, and block all others from associating with your Acess Point.
- Change the ESSID - Don't use the default ESSID and don't use simple or location-descriptive IDs.
- Close your Network - Enable the "Closed Network" option if your router has it. "Disable ESSID broadcast" also does the same thing. This will prevent wireless clients using "ANY" as an ESSID from connecting.
- Shut off DHCP and UPnP - If you must use a router for its wireless Access Point, or just as a switch to get more ports in your room, shut off the DHCP server and shut off UPnP . Shutting off the DHCP server is the most important, since it can wreak the most havoc with the campus network. Shutting off UPnP may be more difficult, because all routers haven't provided this capability, or make it hard to find.