1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Linksys Wireless - can't connect unless I broadcast SSID

Discussion in 'Networking (Hardware & Software)' started by dflak, 2006/06/11.

  1. 2006/06/11
    dflak

    dflak Inactive Thread Starter

    Joined:
    2006/06/11
    Messages:
    1
    Likes Received:
    0
    I am taking putting security on my network one step at a time:

    1. I have changed the admin password for my router -- OK.

    2. I have changed the system id for my network -- OK.

    3. I have disabled broadcasting the system ID. -- Not OK.

    I have 3 XP computers on the network. The main computer is connected directly via ethernet. The other two are connected via wireless.

    When I disabled broadcasting the SSID, both of the wireless computers maintained their connections OK. However when I rebooted these machines, they could not see the network even though it is the only network in the preferred network list.

    I can see other wireless networks and even connect to one of the unsecured networks.

    I have excellent signal reception.

    As soon as I re-enable broadcasting the SSID, I can connect and stay connected until reboot.

    My next step is to enable WEP, and I may do this without successfully turning off the broadcast of the system ID, but I would like to do this one step at a time and in order.

    Any idea why my XP computers can't see the riouter even though it is the only thing on the preferred network list?

    Thanks in advance.
     
    dflak,
    #1
  2. 2006/06/12
    BurrWalnut

    BurrWalnut Well-Known Member Alumni

    Joined:
    2003/03/05
    Messages:
    628
    Likes Received:
    8
    I would start again :-

    1. Set up the router with SSID hidden and use a WEP key.

    2. To connect on each of the wireless computers key in the SSID (may be case sensitive) and the WEP key.
     
    BurrWalnut,
    #2


  3. to hide this advert.

  4. 2006/06/12
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    Do as suggested above but DO NOT use WEP. Use WPA. WEP is insecure and can be compromised in about 5 min to an hour. Also, make all the configs using the wired computer in this order:
    1. setup WPA.
    2. conect to net via laptops entering WPA key when prompted on each & be sure to have it setup so windows is managing the wifi connections & NOT the wifi card software. (disable the card's software from loading at comp startup)
    3. use wired comp to disable broadcast.
    4. verify (on laptops) via "order of preferred networks" that your connection is remembered & set to auto connect when it's in range.
     
    Last edited: 2006/06/12
    TonyT,
    #3
  5. 2006/06/12
    Scott Smith

    Scott Smith Inactive Alumni

    Joined:
    2002/01/12
    Messages:
    1,950
    Likes Received:
    4
    Tony,
    Do you have any more info on this?
    I was unaware that WEP 128bit could be easily broken into.
     
    Scott Smith,
    #4
  6. 2006/06/13
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    WEP vs WAP
     
    TonyT,
    #5
  7. 2006/06/14
    ReggieB

    ReggieB Inactive Alumni

    Joined:
    2004/05/12
    Messages:
    2,786
    Likes Received:
    2
    This should stir things up :eek:

    Personally, the fact that it takes more than 5 minutes for someone to crack my encryption running on a wireless network that is only accessible within 100 metres of my house is good enough for me. Especially if you combine it with a MAC address denial list (set up the wireless access bridge to deny access to any MAC address not in the list. List contains MAC address for laptops in the house)

    My advice would be, use WPA if it is available, but WEP is better than nothing and probably sufficient for most home and SOHO users.
     
    ReggieB,
    #6
  8. 2006/06/14
    Scott Smith

    Scott Smith Inactive Alumni

    Joined:
    2002/01/12
    Messages:
    1,950
    Likes Received:
    4
    I'll read into it later.
    More info than I have time to digest at this time.

    Looks like more paronoia than anything else.

    Yea I really have some top secret data on my computer hackers would love to get their hands on. :rolleyes:
     
    Scott Smith,
    #7
  9. 2006/06/29
    mjg1973

    mjg1973 Inactive

    Joined:
    2002/01/18
    Messages:
    125
    Likes Received:
    0
    WEP vs WPA

    Oh, now I wouldn't discredit the use of WPA. WEP has been known for years to be very easy to break. Now, you may say that you don't have anything "Top Secret" on your machine...what about all those **** videos!? What if the neighbors found out?! Not to mention that if they can see it, they can delete it. I'm sure you have a backup though!

    :)

    Here is a pretty good little slideshow from the CSE dept at WU-STL.
     
    mjg1973,
    #8
  10. 2006/06/30
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    Reggie -
    I could capture everything on your wireless network from line-of-sight up to approx 10 miles from your house and you would never even know your network was being monitored! I have done this using my laptop w/ linux and Kismet. Kismet can put a supported wifi card in rfmon mode & capture ALL wireless traffic within range, and the range can be extended using a card w/ an antenna jack. There is NO such thing as a secure wifi network.

    Even if the AP is configured to not broadcast the SSID, the SSID IS sent with each packet a client sends. Therefore one can use Kismet to discover the SSID along with WEP keys, and the key can be deciphered in a few minutes. Even WPA keys cab be deciphered in a short period of time, but they are much harder to decrypt.

    While this is not much concern for a home user, it is important for a business network. In my neighborhood I have seen email account usernames & passwords (clear text), online login info, ftp account credentials, etc. I have NOT ever used what I saw illegally or would I ever do so. (this was research & learning)

    I will be setting up a point to point wifi net between my brother & mother's house so my mom can get started w/ a comp & internet, and the always on wifi connection will be the easiest type for me to support her w/ via long distance phone if she ever has issues. (I dread the call from my mom if she ever had dialup issues!)

    .
     
    TonyT,
    #9
  11. 2006/06/30
    ReggieB

    ReggieB Inactive Alumni

    Joined:
    2004/05/12
    Messages:
    2,786
    Likes Received:
    2
    Good response.

    For me, line of sight is an important factor. My house is not visible 10 miles away unless you fly/float!. However, your point about a wireless extender is well made, and my 100m is a red herring. In line of site would be a better limit.

    It is worth noting that the majority of that traffic would have been heading for the internet. I would contend that it is easier to trap it over the internet than via wireless. If I wanted to harvest that information, I'd do it via the internet where I wasn't limited to my wireless range. All that securing the wireless would do would be to limit a small local risk on the wireless link, while leaving wide open the much larger risk on the internet.

    The most worrying thing about your data is the amount of unsecured information going out from the PC. It shows that people aren't using https/ssl/tls connections to transfer secure data.

    So yes Tony you are right. I should make more care of my wireless link and secure it more tightly.

    However, whoever reads this should take not that securing the wireless connection is only one of a number of actions they need to take to use their network (and its connection to the internet) securely.

    I'm still comfortable with "My advice would be, use WPA if it is available, but WEP is better than nothing and probably sufficient for most home and SOHO users." And add: SME and corporate networks need to maximise their security and use the latest encryption systems - currently WPA.
     
    ReggieB,
    #10
  12. 2006/06/30
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    agreed w/ all except being easier to grab data over the internet than wifi. Capturing internet traffic requires the same basic technology as capturing wifi traffic, e.g. a capture device capable of promiscious mode (net card) or monitor mode (wifi card). To capture any traffic using a wired connection requires just that, a wired connection, and even still, sometimes not all frames get captured, depending on the devices used in the lines. However, capturing wifi using something like Kismet will capture all traffic and if the AP is at same level or inside a firewall (router) then all lan traffic can also be captured.

    For example, often a worker will install his own ap on the wire feeding his desk and if the wire comes from a hub then all of that traffic is open to viewing as well. Thus an app like Kismet has a legit use when managing a network, the admin can see just who installed an AP and correct or kill, one or the other! Offices are often filled with cheap hubs 9leftover hardware) rather than more expensive switches.

    Here's a good site re wifi security & some good links too:
    http://www.linux-wireless.com/
     
    TonyT,
    #11

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...