laptop loses connection after restart

[freakyhair]

Hi all,

I have a Linksys WRT54G Wireless router set up, and have had it going for awhile. then we moved, and I tried re-stting it up, but without the linksys advisor software. The settings are:
-SSID broadcast dissabled
-WPA Personal (TKIP)
-Wireless MAC filter enabled

The laptop's MAC addy is added, and works just fine...until it restarts or comes out of hibernation. Then, it cannot find out router, and I have to enable SSID broadcasting so the laptop can find it again, then disable the broadcast.

The laptop is a Dell XPS1530 with Vista home prem.

Any suggestions?

THANKS!

 

[TJohnny]

I have lost count of how many WAPs with broadcast off I hacked, at times I do without even realizing. Disabling it is completely pointless, believe me. From a hacker point of view the broadcast settings are indifferent, the only difference is suffered by regular users like you. So enable ssid brodcast, enjoy a more friendly net and solve your problem of connection all at once.

But you will probably not do it, people are incredibly stubborn, then check if you told WZC you have a non-broadcasting WAP because at first sight it seems you forgot to. Open wlan properties, wireless networks tab, click on your essid, open its properties and make sure there is a check on Connect when network is not broadcasting. Tell us what happened!

TJ

 

[Tekara]

Agreed, hiding the SSID and Mac Filtering both don't do squat, so there's not a lot of point in using them. All it take to find out both of those pieces of information is for your laptop to be connected.

 

[freakyhair]

I have lost count of how many WAPs with broadcast off I hacked, at times I do without even realizing. Disabling it is completely pointless, believe me. From a hacker point of view the broadcast settings are indifferent, the only difference is suffered by regular users like you. So enable ssid brodcast, enjoy a more friendly net and solve your problem of connection all at once.

But you will probably not do it, people are incredibly stubborn, then check if you told WZC you have a non-broadcasting WAP because at first sight it seems you forgot to. Open wlan properties, wireless networks tab, click on your essid, open its properties and make sure there is a check on Connect when network is not broadcasting. Tell us what happened!

TJ

I checked the box so it connects to the non-boadcasting network, and it seems to work now. Thanks!

I kept it set to not broadcast. I'm in a tightly packed townhome neighborhood, where there are 3+ unsecured networks available at any time. I just want to make it less likely to use mine.

Is there anything more I can do? I've read some generic guides online (and many did state that there is no fool-proof way to make a wireless network secure.)

Any input would help. Mahalo.

 

[TJohnny]

I checked the box so it connects to the non-boadcasting network, and it seems to work now. Thanks!

My pleasure.

I kept it set to not broadcast.

I knew it!

I'm in a tightly packed townhome neighborhood, where there are 3+ unsecured networks available at any time.

Then you have hardly reason to worry unless yours is substantially faster or steadier, but would you tell me something? Why are you so disturbed at the idea that someone shares your internet connection?

I just want to make it less likely to use mine.

WPA and 3+ unsecured network do a fantastic job in making your network awfully unpalatable. Any time I see WPA I steer away and look for an available WEP (I do not even mention open!) network. Why wasting days or weeks hacking the first when hacking the second can take a few minutes?

Is there anything more I can do? I've read some generic guides online (and many did state that there is no fool-proof way to make a wireless network secure.)

You want to know what makes the life of a hacker difficult... but I confess I have some problems talking about my black hat even if in this forum I decided to wear the white one. Ok, let's give it a go.

Although far from perfect, WPA and WPA2 are the most efficient encryption system currently available and should be always preferred, they both take much longer to crack than WEP. The connection should never be left unecrypted unless there is a very special reason to do so, otherwise it is just stupid. Broadcast disabling is totally indifferent while mac filtering can be effective when all the machines allowed on the net are online at all times or most of the times. The one thing a hacker almost never has is patience. Once cracked the accessed code, being kicked out of the net by the mac filter a few tens times in a row cools us down notably. But if the machines are often offline or even just one is, mac filtering becomes uneffective as well.

The guides you read are right, there is no simple way to make your network impenetrable. One big problem is wireless networks are an extension of wired, where trust is traditionally based on physical access. Conservatively, 90% of data traffic on an ethernet network still travels in clear, it is only the radio part to be always encrypted. But when I break the access code of the wireless part, I immediately receive the level of trust of any other legitimate pc on the network, which is intrisically high. The packets I send wirelessly use the 802.11 (wlan) protocol, for example, but the WAP strips the original headers and substitutes them with 802.3 (ethernet) headers before injecting them in the LAN. This means they are eventually indistinguishable from your own. The number of nets where the WAP is firewalled is a negligible fraction of the total, almost invariably the firewall is on the WAN side because that is where the threats are supposed to come... God bless naivety, they wall the window and let the door wide open!

So if you want a super secure WAP seclude it behind a stateful firewall or even better a proxy-based (application-layer) firewall, the two are quite difficult (but not impossible) to overcome. Also an authorizing firewall can help, especially when you think of being hacked as being stolen the internet connection, while I think of hacking as taking total control of a machine up to the entire network. Yes, it is paradoxical but once I am inside the LAN it is easier for you to cut me off from the internet (for example with pfSense, a very effective tool) than it is from your own private files.

Ok, I have to go now, it is very late, I hope I did not write too many things to be sorry about tomorrow and to have been of any help.

TJ

 

[Met-AL]

Agreed, hiding the SSID and Mac Filtering both don't do squat, so there's not a lot of point in using them. All it take to find out both of those pieces of information is for your laptop to be connected.

How does MAC filtering not do squat?

I am not arguing, but genuinely asking.

 

[LoStMaTt]

How does MAC filtering not do squat?

I am not arguing, but genuinely asking.

Because when "hackers" use tools to crack WEP they can see MAC addresses of the clients that are connected to the WAP's.

They can then spoof their MAC address to one of the clients and continue on with their packet injection allowing them to grab the necessary packets to crack the WEP key.

Basically the only thing the MAC filter will do for a consumer is allow them to block your average Joe from connecting to your WiFi.

 

[TJohnny]

Because when "hackers" use tools to crack WEP they can see MAC addresses of the clients that are connected to the WAP's.

Exactly.

They can then spoof their MAC address to one of the clients and continue on with their packet injection allowing them to grab the necessary packets to crack the WEP key.

Exactly. Not only, there are two types of injection, authenticated and unathenticated, and the second (low-level injection) works before the mac filter kicks in.

Basically the only thing the MAC filter will do for a consumer is allow them to block your average Joe from connecting to your WiFi.

Exactly. Even if average Joe (Joe the plumber? ) will never bump into any filter as long as the key and encryption system are strong enough = random long key and WAP(2). Nice post, Matt.

TJ

 

[Met-AL]

Well, thanks for the info, I am going to go ahead and turn off the MAC filtering since it does nothing but be a headache for myself when adding in new devices to the wireless network.

I also checked my cipher mode, and I have been running WPA Auto which switches to WPA for legacy clients and WPA2 for newer clients. I suppose I should just go ahead and use WPA2 mode then instead.