About a week ago, one of our laptops has started having problems connecting with the router. The laptop is an inspiron 5100, xp home sp2, and the router is a netgear. The router's a couple years old and doesn't have wpa.
The laptop will connect without encryption, but when wep is turned on, it will detect the network but can't connect. No software changes recently, and the router settings haven't been touched since it's been working. The only thing I can think of that might have changed the wireless software is an automatic update. I've tried system restore, but no luck. I reset the router as well, but no change.
Any particular reason you didn't bother to supply a model number for your Netgear router? I really want to know why. It seems that EVERYONE that posts quesions in this newsgroup seems to consider the model numbers of their hardware to be unimportant or unworthy of their time and attention. Is it some fear of numbers that causes a deep psychological aversion? Perhaps you find it necessary to provide an additional challenge to those that try to answer questions? Please don't feel that I'm picking on you as I do this to everyone that fails to supply what hardware they're working with.
Common problem. The problem is that there are two algorithms for converting an ASCII WEP key to Hex. Windoze XP only supports one of them. If you're unfortunate enough to have incompatible hardware, WEP will fail. To insure maximum frustration, Microsloth doesn't bother to supply any useful diagnostics for encryption key failure. All you get is a 45 second delay while it proclaims "Obtaining IP address" which eventually changes to "Limited Connectivity...". Neither of these brilliantly conceived messages offer any clue that the WEP key exchange failed.
The easy solution is to use a Hex key instead of an ASCII key. I do this on all my systems because I'm tired of running into this problem. Yes, the Hex key is 26 characters long, a pain to type, and impossible to remember, but I can't fix that. Try Hex, it should work.
I'm not home now, so I don't have a model number in front of me, but I'll post it when I get home if you think it will help. I assumed it to be a problem on the laptop rather than the router, so that's the info I provided.
Some more info:
The connection had been working correctly, until it didn't. There were no software, router config, or system setting changes within at least several days of the problem, though system update does install automatically. The system does connect with WEP off. It does not connect with WEP 64bit or 128bit enabled.
I have another inspiron 5160 xp pro sp2 that does connect to the router with WEP on.
As for the key, I am using the hex key. I'll repeat, the connection settings - including the key - had not changed when the problem began.
For the moment the connection is secured only by a mac address access list. I'll run a few tests tonight. I have a DSL modem/WAP which will use WPA or WEP. I'll try it with both. I'll also try booting with a mepis livecd and connecting to each router router. This should help narrow down the source of the problem.
I'll post the results, as well as the router model number. Any other info that might be useful?
Assumption, the mother of all screwups. I've lost count of how many Windoze boxes have had mysterious registry changes after updates, installs, uninstalls, power glitches, hardware changes, and just running programs. However, if you've tried system restore without success, methinks it's a fair assumption that there was no mysterious registry change.
Incidentally, one recent issue with encryption failure turned out to be something rather dumb. The customer insisted that they were typing in a Hex key. However, when I finally was able to figure out what they were doing, I found that they were typing in Hex into the ASCII box on the config utility. If your key length is 10 or 26 hex digits, you're doing it right. If it's 5 or 13 digits, you're doing ASCII.
That leaves: 1. Mis-typed WEP key on the Dell 5100 client. 2. Wireless Zero Config doing battle with what I'll guess to be Intel Proset utilities talking to an Intel something MiniPCI wireless card. 3. MAC address filtering on the router. 4. IP address filtering on the router.
That means the router is fine. That does NOT mean that the router settings are correct.
A few weeks ago, I had a client with a similar problem. Out of nowhere, Windoze XP SP2 decided that her laptop needed a "Network Bridge" installed. Check the "Network Connections" thing in the control panel and see if this has appeared. Anyway, it messed up connectivity rather badly.
Well, that will hopefully eliminate the hardware as the possible source of the problem. However, so much of the Intel Centrino functionality is tied up in software, that I doubt that this will show much, especially since the card does work without encryption.
Model number of the MiniPCI card used in the Dell 5100 laptop.
Using XP SP2 Wireless Zero Config or Proset to run the card?
That's actually a misconception. Lots of people will tell you that hacking is easy, and will even say that WEP is weak and easily hacked. These are people who have never hacked into anything in their life. The reality is that WEP is fine for most users. The issue with security is whether something is *really difficult to hack or *nearly impossible to hack. I just finished testing many security protocols, and the reality is that there are a lot of steps involved, you have to know Linux (and I mean, *know Linux), you have to be within range of the network and run software for maybe an hour or more. Also, hacking is *illegal, so people will need to be happy with the idea of being a criminal.
As one who has done more than a few dry runs in the area of wireless hacking, I can assure you that it's fairly easy to crack WEP. 30 mins of sniffing and its done for ASCII generated keys. I usually just leave my laptop in my truck running, go to lunch, and have the WEP key when I'm done. Interestingly, every once in a while I run into a system that I simply cannot extract the WEP key no mattery how hard I try. I captured over a gigabtye of data on one such system and was not able to do anything with it using 5 different WEP key extraction tools. I have no clue why or what they were doing. (No, it wasn't WPA).
What is difficult is finding a location that will offer a decent capture of both sides of a wireless session that will yield useful or incriminating information. You then need a method of taking the TCP sequence numbers and reassembling the captured data into something that's readable or useful. This of course assumes that the wireless user isn't using SSL, SSH, or a VPN.
If obtaining the WEP key is simply to get "access" to the connected LAN, then there's a real danger. Most internal LAN's are not properly secured. I hate to admit it, but my home LAN and part of my office LAN are essentially wide open to a wireless intruder.
I define impossible as when the cost of the captured data or access exceeds the value of the captured data or access. However, I don't think the average teenager that wants broadband access from the neighbors to bypass the parental controls filter in their home router is going to subscribe to my definition. He'll do ANYTHING to get access to the neighbors system, which includes staying up all night to extract the WEP key.
As for knowing Linux, I agree. At this time, most of the useful tools are written exclusively for Linux. I'm guessing that it would now be possible to find a collection of Windoze tools that will do the trick. I haven't tried. Anyway, with the prevalence of GUI based Linux LiveCD's, methinks the major barrier to using Linux (installing it on a hard disk) has been eliminated. Either way, the tools are there and getting more common and simpler every day.
You do realize that what you just described is incredibly difficult for 99% of the computer users out there, right? I mean, most do not even know what an ISO is, or how to burn one. And boot into Linux? Forget it. They seriously won't get past WLAN card config...
My question is: have you done the tutorial yourself? Because countless problems arise, and you need to know more than just how to select programs on a menu; there are lots of options when it comes to the network, WEP
64-bit versus 128-bit, character versus hex, the WLAN card you are using, and on and on. Now, maybe for an engineer who knows Linux this is pretty easy. But the 16-year-old down the road is not going to be booting into Linux and running CowPatty anytime soon. At least successfully.
Well, I've read your posts, Jeff. You're a smart guy. Easy for you is a month of failure for a lot of average computer users. I've been writing about security and wireless for five years and before that worked in IT for
10 years, so if that's a dry run, I'd love to see what a wet run looks like! Cracking WEP is easy if you know what to do. Knowing what to, that's the hard part.
I think I'm being realistic. I know a lot of teenagers, one lives across the street. I work with youth at a teen center. The point is, yes there are teens who can figure this stuff out, but I know one guy who is pretty nerdy and can build a PC and plays games all day long. He's also rather destructive and has spent some tiem chatting with the police int he area about various issues. I know he has tried linux, but it's all a big mystery to him. Linux is not a teenager-friendly operating system, because there's a (as you know) Unix flavor to it that most people don't just pick up on a Saturday afternoon.
I guess I mean the learning curve for hacking is higher than I think most people seem to assume. Also, there are a few other steps involved: the person has to be okay with doing something that is criminal, they have to have a fast laptop with plenty of storage (I know some teens have laptops, but they are not fast and they do not have massive storage), they need to be able to get close to the network without getting caught, and they need to know Linux really well. I just don't see the average reckless kid passing through all those hoops...
No, no -- see, that's knowing where to find what to do. Knowing *what to do* is not something you can do by searching. I can search for a wep crack all day, but until I understand everything that needs I'm not going to be hacking into anything. So, I can find out how build a surface-to-air rocket. I can probably even buy the parts. But, knowing how to actually complete the tasks is different. That's more than a Google search, it requires a lot of prior knowledge.
The steps are readily available, but that doesn't mean anyone can perform them.
Now, another discussion might be, should the steps even be readily available?
Yes it's not going to appeal to all but a minority but my point here was that you don't need a great understanding of Linux and anyone that does have some clue *can* go and download the iso, burn and boot, there's really not much difficult about that part. Sure, they might stumble at the "do I have a prism card with the right chipset" or other supported card stage but for someone that wants to do this, it's not as difficult as is made out and if they choose a nice supported card then I think you'll agree that typing:-
isn't that hard a command to type to set up monitor mode on the right interface. Plenty of help for anyone that stumbles on the forums. It's not like it's a voyage of discovery for every individual anymore.
You *seriously* underestimate 16 year olds who have a penchant for being nerdy and have time on their hands.
Ever notice my domain name? LearnByDestroying.com. Let's just say that my learning curve tends to be rather steep and expensive at time. My not being much of a programmist limits what I can do with software.
Well, since you're a writer on security, perhaps you can explain why there's such a wide variation in recommended wireless security measures. Well, perhaps I'm part of the problem because I have such a warped view of what I consider to be "adequate" security.
Incidentally, congratulations on having worked in IT for 10 years and still preserved your sanity.
Well, re-reading my own posting, I indicated the *I* was the one that have done more than a few dry runs. I didn't intend to suggest that your experience in wireless security is in any way lacking.
What I meant was that most "security experts" can demonstrate that they can crack a WEP key under almost ideal circumstance. The access point and sniffer laptop are in the same room. There's no interference from neighboring LAN's. There's no line of sight issues. The sniffer can easily hear both sides of the connection. In some cases, the WEP key is intentionally trivialized in order to shorten the length of time necessary to demonstrate to management that it can be done. Far too easy to be considered anything better than a dry run.
The problems start when the same person has to demonstrate WEP cracking under not so ideal circumstances from outside the building. In addition, just getting the WEP key doesn't guarantee access if there's any type of authorization login or authentication RADIUS server involved. It's also useless with SSL, SSH2, and VPN traffic. Where I blundered into difficulties was when I had a gigabloat of captured encrypted traffic, I had successfully extracted the WEP key, but there was no obvious way of decrypting the captured traffic using the WEP key. Once I got past that major obstacle, I had to figure out how to sort the TCP packets in sequence so I could reassemble the email messages that were in the capture file.
Oh, script kiddies are quite adept at finding tools and following instructions. Once some discloses the procedures and tools on a hacker mailing list, the horde is out there trying it.
 Security expert. Someone that actually attends the various security conventions.
Point being, you can Google, find a forum and read and ask, it's that simple.
Not prior, only the ability to ask people that will keep telling you what to do until you achieve the goal.
No, only those that have the equipment or care to bother. The equipment lists are searchable, the tools downloadable and the forums to ask questions when it's not working as expected. What more is needed?
Ah well that's where we accuse the internet of every wrong doing. You can figure that as soon as someone knows something, *anywhere* it isn't going to stay private for very long and just because something isn't published, doesn't make it any more secure. We'd still be believing WEP was secure if it weren't for all the cracks, forcing vendors to do something about it.