802.11b/g problems for apartment dwellers

I have 2 questions.

  1. How can I configure access point and wireless NIC card in an apartment building?
  2. If I enable WPA, disable SSID broadcast, filter MAC address and disable DHCP, is it secure enough for a home?

Here is the scenario I am in:

I live in an apartment building and the last time I checked, using netstumbler, there were 7 SSIDs in my neighborhood and I was't warwalking. All those SSIDs already covered channel 1, 6 and 11 so I cannot have my own free channel. I have a 2.4G cordless phone that is set to channel

  1. or 3 times a day, my wireless NICs lost visibility of my AP even when I was not using my phone nor my microwave. When connectivity is good, both signal strength and link quality are
90%+. When NICs lost connectivity, it cannot be restored for 2 or 3 minutes. Lost of connectivity is experienced by all the machines at the same time. Even when connectivity is good, PLCP errors and MAC error are incrementing fast and furious.

I've tried following harware. AP : Cisco 350, Netgear, Belkin, Linksys, SMC NICs : Cisco 350 PCMCIA, Netgear PCMCIA/USB, Belkin PCMCIA/USB, Linksys PCMCIA

Thanks ...

Reply to
w1llr0ut34f00d
Loading thread data ...

That sounds exactly like a leaky microwave oven, especially if it coincides with the usual meal times. If it's not your microwave oven, it's someone else's. It's not easy to find such a source of interference. Basically, you need a 2.4Ghz spectrum analyzer, directional antenna, and lots of luck as you only have 2-3 minutes to find it before it goes off the air. If you're on good terms with the neighbors, get a cheap microwave oven leakage tester and offer to test the "safety" of their oven for free. Be prepared to clean some really gross and disgusting looking door seals.

Since all clients appear to lose connectivity at the same time, it's my guess(tm) that the access point is the one that's picking up the interference. Try moving it to a more protected location, away from probable sources of microwave oven leakage (i.e. windows).

Reply to
Jeff Liebermann

Not really. The channels are 5Mhz wide. The typical 802.11b/g signal is about 23Mhz wide thus covering 5 channels. The only non-overlapping channels in the US are 1, 6, and 11.

Reply to
Jeff Liebermann

Have you thought of going 802.11a? You can get a 802.11a access point for your apartment and get a 802.11a/b/g client so you can be compliant with other networks and hotspots you want to connect to. Below are some links to combo clients.

formatting link
?sku=10344604&SearchEngine=Inktomi&Type=PI&Keyword=10344604&Category=Comp&dcaid=17282
formatting link
?sku=A0097049&cs=19&c=us&l=en

Robert...

Reply to
DLink Guru

Are those *all* the SSIDs or just the ones that were broadcasting? Perhaps other people in your building have bought into the myth that disabling SSID broadcast is a security measure. In your second question, you list one real security measure (WPA) and three placebos.

To complicate things further, a lot of people keep their wireless equipment turned off most of the time, making it even harder to figure out which channels are being used. You might need to keep Netstumbler running for many hours to see what the neighborhood usage pattern is.

Reply to
Neill Massello

'a' has such a poor range that it's not worth it. It's about 1/3 of what you can expect with b or g (at best).

Reply to
Mark

You can use 2, 3, 4, 5, 7, 8, 9, 10, 12, 13, or 14.

Barry

Reply to
Barry OGrady

You missed the "apartment dwellers" bit of the original post.

802.11a gives you more bits per second per cubic foot which is the salient metric here.
Reply to
Aaron Leonard

Correct, and unless he is in a 1500 square feet apartment or larger, "A" would work just fine.

Robert...

Reply to
DLink Guru

Jeff,

I think you're right on the money. I moved AP near a window, far from other apartments and my kitchen, I did not lost connectivity for last 2 days. Not only that, if I remembered correctly, all connectivity problem happened between between 7pm-10pm (time my neighbors heat up their food ???).

I'll try to investigate more let y'll know if I find something new. As a side note, I added

formatting link
to my AP.

Thanks to everyone in this discussion for their insights.

- Joe

Reply to
w1llr0ut34f00d

Neill,

I left stumbler running for 2 days and as you said I found two more SSIDs. Regarding three placebos, let me make sure that I understand correctly.

  1. MAC address filtering is breakable using spoofed MAC addr
  2. Disabling DHCP won't help if a raw frame sniffer can see encapsulated IP.
  3. SSID brocast is not good for the same reason mentioned above. (using a raw frame sniffer)

I'm a bit confused about the way AP functions regarding SSID. If I disable SSID broadcast, AP won't be advertising beacons. Other than a raw frame sniffer, is there any way to make AP respond SSID while broadcast is disabled.

Thanks ..

Reply to
w1llr0ut34f00d

Somebody who is sniffing your network is not joining it or sending anything across it but just eavesdropping on it, so DHCP restrictions and MAC filtering are irrelevant. They'll be able to see MAC addresses, IP addresses, and the SSID. Somebody who isn't sniffing won't see your network if SSID broadcasting is disabled, but that invisibility comes with a price. In a crowded wireless environment like yours, you want other users to know you are there so that they can at least try to minimize interference with your channel.

Reply to
Neill Massello

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.