No WEP key works?

"Max Bolingbroke" wrote in message
...
Brett wrote:
A MAC filter isn't very secure, but its better than nothing. You setup
your router/access point with a list of MAC addresses that it will allow
to connect to it. Any other computers will have MAC addresses that are
not on the list, and so will not be able to connect. One problem is that
the actual data is sent unencrypted, so people can still eavesdrop on
your data, though not send any of their own. A more annoying problem is
that they can just change their MAC address and suddenly be able to
connect..

Your setup sounds good! Two layers of protection is excellent, but a
problem could occur when wireless clients connect, if they manage to
break the relatively insecure MAC filtered or horrendously insecure open
environment. They will be able to bypass the router firewall, at least,
which could have some nasty consequences. I would give you a 6 with your
wireless networking open, or a 9 if you can get WEP working (WEP has
known vunerabilities still, however )

To stop responding to pings, check your router configuration. Assuming
you are running a NAT network, it is probably the router responding to
pings - there might be an option to turn that off. If you are running a
non-NAT network, zonealarm may have a setting to stop pings, or you could
use the Windows Firewall as well/instead and set it up not to respond to
ICMP echo packets (pings).

The IP limitation thing you talk about might deter the casual
comprimiser, but as soon as one of those machines is switched off, the IP
is open for use without any detrimental effects. Even with another PC
using the IP, someone could still technically use the in-use IP and get
all the reply packets (unlike normal IP spoofing), since they are on the
same network segment and the packets will be broadcast to both PCs with
the IP.

The upshot of all of this is that its a really good idea to get WEP, or,
even better, WPA working. Are you running a network of wifi equipment
from different manufacturers? Thats the only situation where I've seen
this WEP problem..

Max Bolingbroke


Max, Thanks. I now have WPA-TKIP working. I'm using the Passphrase
(8-63 chars) rather than Hex (64 bits). Which of those is better.

Since I'm now using WPA, will the MAC addresses be encrypted for MAC
filtering? Meaning, being able to use MAC filtering without the problems
you mentioned earlier.

Also, my network now shows up with a lock in avialable networks. Clients
are allowed to use WPA only. Also, I've checked "discard ping to WAN".
Running ShieldsUp, my network passes the ICMP ping test. However, it is
sending information to the source and thereby exposing its existence.
I'm not sure yet how to turn that off. Here is what I have checked:

Intrusion Detection Feature
SPI and Anti-DoS firewall protection : X
RIP defect : X
Discard Ping To WAN : X

Stateful Packet Inspection
Packet Fragmentation X
TCP Connection X
UDP Session X
FTP Service X
H.323 Service X
TFTP Service X

Do any of the above seem as though they would send information to the
source? The router is trying to gather info on the source in case I'd
like that emailed to me. I haven't filled in my email info but I guess
it gathers either way.

Thanks,
Brett

Hi,

It's great to hear of your WPA success! Personally I would favour a
totally random hex key, as using a passphrase leaves you open to
dictionary-based attacks (providing the algorithm used to generate the key
from the phrase is known). This is reaching the outer degrees of
probability though, so I'd say you were OK.

If you decide to use MAC filtering as well, data will still be encrypted
by WPA and so you will not have any issues there. However, it is still
bypassable by changing your MAC address to one you have decided to trust,
however IIRC MAC addresses are hidden from packet sniffers with WPA
enabled (not 100% sure here).

I'm not sure I can be of more help with your router problems unless I know
what brand/model it is. Could you furnish me with that info and also
confirm that you are failing the "Unsolicited Packets" packets test? Or is
it the "Solicited TCP Packets" test? BTW, none of the settings there look
like they should be a problem.

Max Bolingbroke

Max,

My router model is SMC2804WBRP-G.

How exactly do I "generate" a random hex key? Do I need to download a
generater from download.com or somewhere?

I tried the Shields Up test again this morning and now I pass. Pings are
being ignored and I'm not passing any back out. The Symantec test also
passed except for the virus scan (AV Product check and Virus protection
update check), which I'm not worried about. Are these test saying the router
or my laptop is secure? I'm assuming either way, everything is pretty
secure.

Thanks,
Brett

Brett wrote:
Hi,

It's great to hear of your WPA success! Personally I would favour a
totally random hex key, as using a passphrase leaves you open to
dictionary-based attacks (providing the algorithm used to generate the key
from the phrase is known). This is reaching the outer degrees of
probability though, so I'd say you were OK.

If you decide to use MAC filtering as well, data will still be encrypted
by WPA and so you will not have any issues there. However, it is still
bypassable by changing your MAC address to one you have decided to trust,
however IIRC MAC addresses are hidden from packet sniffers with WPA
enabled (not 100% sure here).

I'm not sure I can be of more help with your router problems unless I know
what brand/model it is. Could you furnish me with that info and also
confirm that you are failing the "Unsolicited Packets" packets test? Or is
it the "Solicited TCP Packets" test? BTW, none of the settings there look
like they should be a problem.

Max Bolingbroke


Max,

My router model is SMC2804WBRP-G.

How exactly do I "generate" a random hex key? Do I need to download a
generater from download.com or somewhere?

I tried the Shields Up test again this morning and now I pass. Pings are
being ignored and I'm not passing any back out. The Symantec test also
passed except for the virus scan (AV Product check and Virus protection
update check), which I'm not worried about. Are these test saying the router
or my laptop is secure? I'm assuming either way, everything is pretty
secure.

Thanks,
Brett

Hi

Since you're all A-OK on Shields Up now, I don't think I need to
research any router settings - unless there is something else you want
help with?

To generate a random hex key is even easier that that Type a random
letter from 0-9A-F until you have as many as you need to be in the key.

It's hard to say whether its the router or the laptop, but since you
seem to have turned on packet filtering on the router firewall its
likely to be the router. If you want to test the firewall on your laptop
as well, try turning off packet filtering on the router firewall
temporarily and running Shields Up again.

Congratulations on your shiny new, secure, setup!

Max Bolingbroke

"Max Bolingbroke" wrote in message
...
Brett wrote:
Hi,

It's great to hear of your WPA success! Personally I would favour a
totally random hex key, as using a passphrase leaves you open to
dictionary-based attacks (providing the algorithm used to generate the
key from the phrase is known). This is reaching the outer degrees of
probability though, so I'd say you were OK.

If you decide to use MAC filtering as well, data will still be encrypted
by WPA and so you will not have any issues there. However, it is still
bypassable by changing your MAC address to one you have decided to trust,
however IIRC MAC addresses are hidden from packet sniffers with WPA
enabled (not 100% sure here).

I'm not sure I can be of more help with your router problems unless I
know what brand/model it is. Could you furnish me with that info and also
confirm that you are failing the "Unsolicited Packets" packets test? Or
is it the "Solicited TCP Packets" test? BTW, none of the settings there
look like they should be a problem.

Max Bolingbroke


Max,

My router model is SMC2804WBRP-G.

How exactly do I "generate" a random hex key? Do I need to download a
generater from download.com or somewhere?

I tried the Shields Up test again this morning and now I pass. Pings are
being ignored and I'm not passing any back out. The Symantec test also
passed except for the virus scan (AV Product check and Virus protection
update check), which I'm not worried about. Are these test saying the
router or my laptop is secure? I'm assuming either way, everything is
pretty secure.

Thanks,
Brett

Hi

Since you're all A-OK on Shields Up now, I don't think I need to research
any router settings - unless there is something else you want help with?

To generate a random hex key is even easier that that Type a random
letter from 0-9A-F until you have as many as you need to be in the key.

It's hard to say whether its the router or the laptop, but since you seem
to have turned on packet filtering on the router firewall its likely to be
the router. If you want to test the firewall on your laptop as well, try
turning off packet filtering on the router firewall temporarily and
running Shields Up again.

Congratulations on your shiny new, secure, setup!

Max Bolingbroke

Thanks on the hex key generation help and also the bit on packet filtering.
I'll try that.

It's nice to be secure. However, I have a new problem and I don't know
exactly when or why it all started. Just recently. I have a wireless
laptop and wired desktop along with a NAS attached to the router. For some
reason nothing can be seen on the internal network. Each computer can
access the Internet. The workgroup is visible from each computer and they
can ping each other and router plus NAS. When I double click the workgroup
from either computer, I get it is not accessible. I have tried uninstalling
and reinstalling file/print sharing but that doesn't help. I've rebooted
and also unplugged the router for a few seconds, no results. Rebooting each
PC doesn't do anything.

I also reset the router to factory defaults and then added back a few
settings such as WPA but still no luck. Before the problem, I could see the
other computer with WPA on so don't think that is the issue.

Sorry to have more problems. Do you know of any way I can figure this one
out? I'm hoping maybe some security setting on the router caused it.

Thanks,
Brett

Brett wrote:
Hi

Since you're all A-OK on Shields Up now, I don't think I need to research
any router settings - unless there is something else you want help with?

To generate a random hex key is even easier that that Type a random
letter from 0-9A-F until you have as many as you need to be in the key.

It's hard to say whether its the router or the laptop, but since you seem
to have turned on packet filtering on the router firewall its likely to be
the router. If you want to test the firewall on your laptop as well, try
turning off packet filtering on the router firewall temporarily and
running Shields Up again.

Congratulations on your shiny new, secure, setup!

Max Bolingbroke


Thanks on the hex key generation help and also the bit on packet filtering.
I'll try that.

It's nice to be secure. However, I have a new problem and I don't know
exactly when or why it all started. Just recently. I have a wireless
laptop and wired desktop along with a NAS attached to the router. For some
reason nothing can be seen on the internal network. Each computer can
access the Internet. The workgroup is visible from each computer and they
can ping each other and router plus NAS. When I double click the workgroup
from either computer, I get it is not accessible. I have tried uninstalling
and reinstalling file/print sharing but that doesn't help. I've rebooted
and also unplugged the router for a few seconds, no results. Rebooting each
PC doesn't do anything.

I also reset the router to factory defaults and then added back a few
settings such as WPA but still no luck. Before the problem, I could see the
other computer with WPA on so don't think that is the issue.

Sorry to have more problems. Do you know of any way I can figure this one
out? I'm hoping maybe some security setting on the router caused it.

Thanks,
Brett

Hi,

Argh! Another problem Can you access your computers from each other
by using Start Run "\\ComputerName\ShareName"? You might also try
using a packet sniffer to examine the status codes returned by SMB query
sent out by your computer.

If it was a security setting, I wouldn't expect you to even see the
workgroup.. very odd.

All in all, you will probably be best served by posting a new question
on this newgroup, so that more people will give it a read - this sounds
like a bit of a puzzler, and resolving workgroup problems is not a skill
I have, unfortunately (network visibility is erratic on my network as
well, but since I can access PCs with Start Run as described above, I
don't mind).

Max Bolingbroke