Wi-Fi repeaters

[F M All]

My experience:-

Had a D-Link wireless router - entered WEP code and had to enter same code in PCs with wireless adapters.

Changed to Netgear wireless router - entered same WEP code and it generated 4 hex codes - I have to write these down and enter the one selected in each PC. I could enter all 4 and keep switching around to keep my neighbours off my DSL!!!

I am sure one of the techies here can explain...............

 

[cube_rat]

This is an interesting topic. I'd like to know how to encrypt as well. I'm tired of my neighbors leeching off of my broadband connection! I have Netgear as well for those willing to help us lock down our internet connection.

Yeah, I'm a geek, but networking is not my forte. Now if you want to talk about Java Swing or Java Server Faces, well that's a different story. 8)

 

[wabmester]

I haven't used Netgear stuff, but if you guys post more details about your problems, I'm sure the Collective Mind can work magic. Start with your card and router brands and what type of encryption you're trying to enable (e.g., 64- or 128-bit WEP, WPA, or WPA2).

 

[Marshac]

I'm tired of my neighbors leeching off of my broadband connection!

Easy solution- you need a spare WAP, DHCP server (most WAPs have them built in... how nice), a spare DNS server, and a spare web server. You said you were a geek, right? Your banana republic cammo was hard to see through.....any self-respecting geek should have these on hand.

Anyways, create a wildcard A record in your DNS, and point it to your web server (mine is on the same server). Then on your webserver, place a cache of whatever website tickles your fancy... even something as simple as the FBI logo can be effective. Next, put your DNS server's IP address into the DHCP configuration. Your webserver access log will tell the whole story

On my 'real' network, I use WPA, and a really long string of hex I pulled out of my butt as the key.... it doesn't convert to friendly ASCII chars- a real plus when it comes to combating tools like airsnort. I plan to implement 802.1x (and my hardware supports it), although I have been kinda lazy, and the punk kids that live next door who kept trying to break into my network moved out.... I was also thinking about setting up a wireless IDS system that would boot up FakeAP upon detection of a wardriver.... kinda like CubeRat's camo- hide in plain sight.

 

[wabmester]

Anyways, create a wildcard A record in your DNS, and point it to your web server (mine is on the same server). Then on your webserver, place a cache of whatever website tickles your fancy... even something as simple as the FBI logo can be effective. Next, put your DNS server's IP address into the DHCP configuration. Your webserver access log will tell the whole story

Wow, that is ubergeeky. But why bother with the bogus DNS? Just give them full access to your DSL connection, and log *everything* that comes through, including passwords, etc. Keep a secure channel for your own stuff, but leave the 2nd AP open as a honey-pot

 

[Marshac]

Wow, that is ubergeeky.   But why bother with the bogus DNS?   Just give them full access to your DSL connection, and log *everything* that comes through, including passwords, etc.   Keep a secure channel for your own stuff, but leave the 2nd AP open as a honey-pot

Well.... back in college we would redirect everything to a certain site that has the word 'goat' in it.... if you know what i'm talking about, then you know what a horrible traumatizing experience that can be.

I would be willing to share my internet connection (with a 7Mb connection, I have plenty to go around ) if I were not liable for whatever takes place over the connection.... the last thing I want is a RIAA letter, or worse.... I believe that wireless access is a liability, and people should seriously consider the risks associated with its use inside the home before using it. If I owned my own place, I would simply run CAT5 into every room and ditch the wireless.

 

[laurence]

Well.... back in college we would redirect everything to a certain site that has the word 'goat' in it.... if you know what i'm talking about, then you know what a horrible traumatizing experience that can be.

I would be willing to share my internet connection (with a 7Mb connection, I have plenty to go around ) if I were not liable for whatever takes place over the connection.... the last thing I want is a RIAA letter, or worse.... I believe that wireless access is a liability, and people should seriously consider the risks associated with its use inside the home before using it. If I owned my own place, I would simply run CAT5 into every room and ditch the wireless.

My sentiments exactly, I do own my own place, and I am still wired. Ever since I first fooled around with netstumbler, I've been shocked at the lack of security. DW and I have desks right next to each other, cable modem, CAT5 router, NAT, firewall, snap in and out the laptop to the port emulator for her, desktop for me. Simple and cheap.

 

[Cut-Throat]

I haven't used Netgear stuff, but if you guys post more details about your problems, I'm sure the Collective Mind can work magic.    Start with your card and router brands and what type of encryption you're trying to enable (e.g., 64- or 128-bit WEP, WPA, or WPA2).

Well, I spent a couple hours this morning trying to enable WEP encryption on my LINKSYS router. I actually succeeded (kind of)

Here is the problem:

I have a desktop that is hooked to the router hardwired and a laptop that is wireless. I had a network called MSHOME and I enabled File Sharing on the Desktop and Laptop and was able to share files between machines and the printer hooked to the desktop. No internet involved as I have dial-up.

OK, I enabled WEP encryption on the router. I fired up my laptop and after keying in the WEP generated password and rebooting the laptop, I was connected to my now security enabled network!   However none of the files or the printer now were showing on each machine. So I am hooked to the network, but it does not do me any good.

So I thought I'd run the network wizard on both machines, reshare the drives, boot both systems. And still no luck, both machines show the network name, under 'Microsoft Windows Network' in explorer, but no drives of the other machine show any more?

Help!

 

[wabmester]

CT, the first thing I'd do is check my windows firewall settings.   I always have problems like that if the windows firewall is enabled.   You can check by going to network connections, select which adapter you're using, advanced tab, and then firewall.

 

[Cut-Throat]

CT, the first thing I'd do is check my windows firewall settings.   I always have problems like that if the windows firewall is enabled.   You can check by going to network connections, select which adapter you're using, advanced tab, and then firewall.

Wab, I disabled the Firewall and got the nasty warning on both machines that 'I'm at risk'. Booted both machines (as that always seems to do wonders) and still no luck - cannot see the other machine's drives (just it's own) and both are connected to the network.

 

[wabmester]

Odd. Is that the only firewall you have in place (i.e., no other third-party firewall software)? If you can see the machines but not the drives, that means one of two things:

1) You have connectivity between the machines, but some ports are being blocked.

2) You don't really have connectivity between the machines, and the machine you "see" is just a cache relic.

If you know how to find your IP addresses for each machine, try pinging them from a DOS box.

And how is your router configured? Are you using NAT for internal addresses, or are you getting DHCP served directly by your ISP? (If the latter, turn that firewall back on and forget about being able to see other machines on your network.)

 

[Cut-Throat]

Odd.   Is that the only firewall you have in place (i.e., no other third-party firewall software)?    If you can see the machines but not the drives, that means one of two things:

I'll try to clarify:

I cannot see the 'other' machines on the Network.  I can only see the Desktop in the MSHOME from the desktop and the Laptop in the MSHOME from the Laptop.

And no other Firewall software on my system. Pretty Basic stuff here nothing fancy.

 

[wabmester]

Gotcha.   That implies that you have no connectivity between the machines, which suggests that your router might be configured such that your ISP is acting as DHCP server.

I'll give you one more brain dump, and then I'm transferring you to our support center in Bangalore.

Start a DOS box.

Type IPCONFIG/ALL

That will give you your network address info.   If your network is 10.something or 192.something, then you have NAT and you should be both safe and have intramachine connectivity.

Otherwise, you're getting addresses from your ISP, and you can confirm that by viewing the IPCONFIG dump that tells you your DHCP server.

If you are getting addresses from your ISP, I would recommend reading your router manual to determine how to enable NAT and enable the DHCP server on your router.

In any case, once you get the address info for each machine, try PINGing each machine from the other.

 

[Cut-Throat]

Well that's a mouthful and I'm not exactly sure what you said. But let me give you a little more information, before we go down that route.

If I go into the router and jsut disable the WEP ecryption. The machines appear and all their drives. Enabling the WEP has the reverse effect. Thats it! 

The WEB encryption does seem to work as it makes me key in a password at my laptop. It connects just fine, but has the unusual effect of blocking the shared files and printer.

You had mentioned my ISP. Not sure what this has to do with it, as I am dial-up and AOL was AOL was not even connected when I tried this. I do not have wireless internet plugged into my router.

This is the same problem I had last year when I tried this, and I finally gave up!

 

[wabmester]

If I go into the router and jsut disable the WEP ecryption. The machines appear and all their drives. Enabling the WEP has the reverse effect. Thats it! 

OK, ignore everything I said about your ISP.

When you have WEP enabled, how are you determining that you are connected to your network? Just by the status light? Possibilities:

1) You're not really connected to your router, which would imply that your WEP keys don't match.

2) You are connected, but you didn't get a network address from your router after WEP was enable. You'll have to go to a DOS box and type IPCONFIG/RENEW.

3) Something else.

 

[Cut-Throat]

OK, ignore everything I said about your ISP. 

When you have WEP enabled, how are you determining that you are connected to your network?    Just by the status light?   Possibilities:

1) You're not really connected to your router, which would imply that your WEP keys don't match.

2) You are connected, but you didn't get a network address from your router after WEP was enable.   You'll have to go to a DOS box and type IPCONFIG/RENEW.

3) Something else.   

1.) I am connected, because when I view wireless networks, it says "Connected'   And it says that it is a security-enabled wireless network. Also just disabling the WEP allows me to see the other machine and access the drives. All I do is disable WEP, disconnect from the network at the laptop and re-connect (Now it says unsecured network' and the Machine and all the files appear. 

2.) I typed  IPCONFIG/RENEW on both machines - nothing happened

3.) Probably something else - Now I remember why I gave up.

 

[wabmester]

1.) I am connected, because when I view wireless networks, it says "Connected'   And it says that it is a security-enabled wireless network. Also just disabling the WEP allows me to see the other machine and access the drives. All I do is disable WEP, disconnect from the network at the laptop and re-connect (Now it says unsecured network' and the Machine and all the files appear. 

2.) I typed  IPCONFIG/RENEW on both machines - nothing happened

I'm perplexed. Hopefully one of the other geeks here can chime in. But just one more question: how are you enabling and disabling WEP on both the card and the router? Are you connected to a web-based interface on the router while you have WEP enabled? If so, that would imply that you have good network connectivity at that time.

The last thing I would try is this:

1) Enable WEP, and verify you have a secure connection.

2) Reboot your router, and then reboot your computers. That should ensure that you get both a secure connection and a new IP address assigned.

 

[Cut-Throat]

I'm perplexed.   Hopefully one of the other geeks here can chime in.   But just one more question: how are you enabling and disabling WEP on both the card and the router?   Are you connected to a web-based interface on the router while you have WEP enabled?   If so, that would imply that you have good network connectivity at that time.

The last thing I would try is this:

1) Enable WEP, and verify you have a secure connection.

2) Reboot your router, and then reboot your computers.   That should ensure that you get both a secure connection and a new IP address assigned.

how are you enabling and disabling WEP on both the card and the router?

I key in http://192.168.1.1 in a IE explorer. It prompts me for my password and then I click a button that says WEP mandatory - I have an internal card in my laptop, so I don not do anything to enable WEP other than connecting and disconnecting to the network that is displayed when I view networks.

1.) I enabled WEP and verified I had a secure connection.

2.) I shut down both machines and unplugged the router. I plugged the router back in and re-booted both machines. I have security-enabled connection on the laptop, and it is so secure that I can no longer see the files on the desktop.

Update: With WEP enabled, I tried to get to the router from the wireless laptop by typing 192.168.1.1 and it could not access it. After disabling WEP I could get to the Setup of the router from the laptop just fine. -

 

[wabmester]

Update:  With WEP enabled, I tried to get to the router from the wireless laptop by typing 192.168.1.1 and it could not access it. After disabling WEP I could get to the Setup of the router from the laptop just fine. -

How did you disable WEP when you couldn't connect to the router?    I assume your desktop has a wired connection, right?

If nobody else can come up with a better answer, it looks to me like WEP is simply broken either on the laptop side or the router side.    I would first try to find new drivers for the laptop wifi card, and if that doesn't help, see if new firmware is available for your router.

 

[Cut-Throat]

How did you disable WEP when you couldn't connect to the router?    I assume your desktop has a wired connection, right?

If nobody else can come up with a better answer, it looks to me like WEP is simply broken either on the laptop side or the router side.    I would first try to find new drivers for the laptop wifi card, and if that doesn't help, see if new firmware is available for your router.

I had enough time in this problem yesterday that I got a hold of LINKSYS Tech Support. Turns out that there is a Box under the Wireless Network Properties for my SSID that says 'Key index' - It was set to 1 and I was using the 3rd password generated from the WEP. Setting the key index to 3 fixed all of the Problems.

A little more secure now! 8)

 

[wabmester]

I had enough time in this problem yesterday that I got a hold of LINKSYS Tech Support. Turns out that there is a Box under the Wireless Network Properties for my SSID that says 'Key index'  - It was set to 1 and I was using the 3rd password generated from the WEP. Setting the key index to 3 fixed all of the Problems.

Ah yes, our good friend Operator Error. Still, it's odd that winblows was telling you that you had successfully established a secure connection when you had a key mismatch. That ain't right.

 

[Marshac]

Ah yes, our good friend Operator Error.   

Layer 8 problem.... 'operator error' could upset people

 

[laurence]

Layer 8 problem.... 'operator error' could upset people

Dude, the funny thing is there are a lot of people here who will get that joke!

 

[Cut-Throat]

Ah yes, our good friend Operator Error.     Still, it's odd that winblows was telling you that you had successfully established a secure connection when you had a key mismatch.   That ain't right.

Don't be too hard on yourself. I would not call it 'operator error' - It was a Windows setting, that was not described in the LINKSYS Manual. I had indicated that I was using the 3rd generated password on the router setup. Why windows had a duplicate setting seems redundant. Also Windows did tell me that it was connected successfully.