[LordOpie]

:mumble:

When I enable WEP (whatever that is, cuz I want security) on my router/desktop PC, I can't connect with my wireless PC. It just says, "limited or no connection".

However, when I disable WEP, I can connect my laptop, access internet wirelessly, etc.

 

[Transcend]

Well you need to pair up your laptop with it. You need to enter the WEP password on the wireless devide you wish to connect.

Also, if you have WAP or WAP2 use that instead. Wep Sucks.

 

[LordOpie]

I do enter the WEP PW when I "connect".

Not sure how to enable WAP. Don't see anything listed at http://192.168.1.1

 

[LordOpie]

I re-connected and it took a long with with message "waiting for network to become available" and back to "limited..."

 

[Changleen]

Some routers/wireless network card combinations are really dodgy for this. Actually I think the problem is probably in the device drivers rather than the hardware.

Either way in the end I just used MAC address locking to secure my network as I had the same issue as you. WEP just would not work.

 

[LordOpie]

so MAC address locking is secure? If so, how do I establish it?

 

[jimmydean]

WEP is pointless. If you want security, go into the router settings select "attached devices" or something to show what MAC address is connected, verify that is your MAC address ("ipconfig /all" from a command line) then turn on MAC address filtering and enter your address, or select it from a list if it gives you that.

Bam, you are secured. I have software that can decrypt WEP in a matter of a few minutes (or a lot less), there is next to no way to locate, then spoof a MAC address you have listed as "trusted" on your network. You can broadcast all day and everyone in the world can "see" your network, but they can't access it or the resources on it.

 

[Changleen]

so MAC address locking is secure? If so, how do I establish it?

I think it's plenty secure enough for a home network.

On your router setup, look for MAC address locking page, and it'll have some sort of list where you can enter MAC addresses.

On the computers you want to access the network, simply go 'Start -> Run -> type 'cmd' -> then in the black window 'ipconfig /all' - The MAC address of your wireless card will be listed there.

Fill it in on the 192 router page and hey presto. Then you can disable all that annoying WEP/WAP/whatever crap.

 

[Changleen]

Oop, JimmyDean beat me to it.

 

[Transcend]

Mac address filtering is just as useless as WEP if anyone actually wants in to your network.

The handshake with mac address is un-secured. All someone has to do is grab a few packets when your router does a status check on the authorized device, and you can easily clone the mac address.

WAP is the way to go right now.

 

[DRB]

Make sure that your flux capacitor is blinking at the appropriate rate.

 

[Changleen]

The handshake with mac address is un-secured. All someone has to do is grab a few packets when your router does a status check on the authorized device, and you can easily clone the mac address.

This is Opie's home network we're talking about...

 

[Transcend]

This is Opie's home network we're talking about...

Exactly, which is why WEP will work just fine at keeping the neighbours out.

The only "really" secure wireless setup at this point is wap2 with a radius server. I set up a VERY large scale network using Radius. Nightmare + 1, but super secure. Half the time it won't even let on authenticated users.

 

[jimmydean]

Mac address filtering is just as useless as WEP if anyone actually wants in to your network.

The handshake with mac address is un-secured. All someone has to do is grab a few packets when your router does a status check on the authorized device, and you can easily clone the mac address.

WAP is the way to go right now.

But if your router is worth a damn, then it will not allow a man in the middle. Or at the very least alert you that there is another instance on the MAC on your network.

Spoofing a MAC well is an art form. We use MAC filtering at work because if applied properly, it works better than most everything.

 

[Transcend]

But if your router is worth a damn, then it will not allow a man in the middle. Or at the very least alert you that there is another instance on the MAC on your network.

Spoofing a MAC well is an art form. We use MAC filtering at work because if applied properly, it works better than most everything.

Not really an art form, most of the high end wifi cards (orinoco etc) have a spoofing utility built right into the damn card drivers.

Most home users can't even figure out what WEP is (see OP), there fore they won't know what multiple mac addresses on the network means.

 

[LordOpie]

maybe all I need to do is "Disable SSID Broadcasting"?

 

[LordOpie]

Exactly, which is why WEP will work just fine at keeping the neighbours out.

unfortunately, I can't get WEP to work. And I still haven't figured out where the 'button' for Lock MAC address is within http://192.168.1.1/index.htm

 

[jimmydean]

Not really an art form, most of the high end wifi cards (orinoco etc) have a spoofing utility built right into the damn card drivers.

Most home users can't even figure out what WEP is (see OP), there fore they won't know what multiple mac addresses on the network means.

Spoofing is easy, spoofing well (ie undetected) is much more difficult if the admin knows what he is doing.

I use KisMAC for all my needs and it works well when I happen to be waiting for the bus or train downtown. But I also only use "stupid" networks just in case

 

[Transcend]

The 192 address is your internal router address, we cannot see it.

You want to find mac address filtering. It is under a security tab somewhere if you are on a linksys router.

For web you need to create a key on the router, and then also put that key on the device. It is incredibly testy, and half the time just won't work. Another reason WAP is better, it is simply a passphrase, whereas wep is some 16 digit random key generated from a passphrase.

 

[Transcend]

Spoofing is easy, spoofing well (ie undetected) is much more difficult if the admin knows what he is doing.

I use KisMAC for all my needs and it works well when I happen to be waiting for the bus or train downtown. But I also only use "stupid" networks just in case

Right, but Opie, bless his heart, didn't know what WEP was. Chances are users like him won't even look at their router, much less know that someone is spoofing a MAC address to get on!

Kismac is good. I find that nowadays there are so many networks I barely ever need to spoof an address anyways. Move 10 feet, get an open network.

 

[Changleen]

unfortunately, I can't get WEP to work. And I still haven't figured out where the 'button' for Lock MAC address is within http://192.168.1.1/index.htm

Do you really need to secure your network? For example where I live I have a elderly lady on one side and a family home with older parents and young girls on the other. I really don't give a sh1t about my network security.

 

[LordOpie]

The 192 address is your internal router address, we cannot see it.

yeah, it brings up the Linksys configuration tools. I was hoping someone who has the same tools could point me to where the MAC tools are?

 

[Transcend]

Do you really need to secure your network? For example where I live I have a elderly lady on one side and a family home with older parents and young girls on the other. I really don't give a sh1t about my network security.

I secure mine because I have some sensitive data on my laptop and my entire network is wireless (except my xbox and media pc). I also secure my keyboard to computer connection as it's fairly easy to grab anything I type otherwise.

It is also useful if you have nosey neighbours or a capped transfer limit/speed. When i was at school, we'd browse the campus network for open shares and printers just for fun.

 

[LordOpie]

Do you really need to secure your network? For example where I live I have a elderly lady on one side and a family home with older parents and young girls on the other. I really don't give a sh1t about my network security.

I don't need much security, just don't want the average idiot like me piggy-backing system or anything.

 

[Transcend]

yeah, it brings up the Linksys configuration tools. I was hoping someone who has the same tools could point me to where the MAC tools are?

What router is it? I am assuming an older model, as the newest ones use 192.168.15.1

On my newer model (wifi, 5 plug, 2VOIP plugs) it is under access restrictions (ip/mac). Everything else is under wireless>wireless security. There is a dropdown there to select WPA as well btw.

 

[LordOpie]

ok, so just to re-iterate... if I plug in MAC address for only two computers, only those two can connect, even if someone sees my network on the wireless network dialog box?

 

[DRB]

ok, so just to re-iterate... if I plug in MAC address for only two computers, only those two can connect, even if someone sees my network on the wireless network dialog box?

Nice sig.

 

[Changleen]

ok, so just to re-iterate... if I plug in MAC address for only two computers, only those two can connect, even if someone sees my network on the wireless network dialog box?

Correct, unless they have m4d 133t h4xx0r1ng sk1llz.

 

[jimmydean]

ok, so just to re-iterate... if I plug in MAC address for only two computers, only those two can connect, even if someone sees my network on the wireless network dialog box?

Correct.

 

[LordOpie]

Right, but Opie, bless his heart, didn't know what WEP was.

Correct, unless they have m4d 133t h4xx0r1ng sk1llz.

Correct.

woohoo!

Thanks guys! Your help has been much appreciated!

 

[Transcend]

Those quotes rule. Have fun on your secured network. Rest easy knowing your porn is properly locked down.

 

[jimmydean]

Those quotes rule. Have fun on your secured network. Rest easy knowing your porn is properly locked down.

Correction: Porn is to be shared, period! Unsecure your network at once!

 

[LordOpie]

please, I share my personal porn... videos of me and all my past women. Multiple camera angles, 640x480 resolution, xvid, subtitles for when she's just whispering.

PM me for the bittorrent list.

 

[Changleen]

Just post it!