disabled ssid brodcast, must manualy connecty
Results 1 to 8 of 8

Thread: disabled ssid brodcast, must manualy connecty

  1. #1
    Member
    Join Date
    Apr 2005
    Posts
    34

    disabled ssid brodcast, must manualy connecty

    I purchased a wireless dlink router (di-524) just two days ago. After reading about wireless security I disabled ssid brodcast, changed the ssid from default to something not guessable, enabled 128bit wep encription and created a nice key. This is all fine and in the computer with the wireless card I am able to conect after creating a profile with the info. The problem is that every time I restart the computer, I must go into the dlink utility, and double click my profile in order to connect. It is my moms computer and she finds it a nusance to have to manualy conect all the time.

    I would like to know if there is a way that I can set it so that the connection is made automaticaly after every reboot. I did read something about leting windows manage the connection and to check an option to connect to nonprefered networks or simular, however I have two problems with this idea. One is that if I let windows manage it, the text box where I type my wep key is too short as my key is 26 characters long. Secondly I cannot bring up the utility to get connection statistics if windows is manageing my wireless connections.

    Can somebody sugest a way that I can configure moms computer (the one with the card) so that it will automaticaly connect on restart.

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Its good that you are trying to secure your AP. The methods you used can be cracked.
    We have been discussing this a lot lately. WEP can be broken, no matter how good a key you use.

    You should instead use WPA. Use a key generator and generate the maximum length key allowed.
    I use extended ASCII just because it makes it that much harder to brute force.

    Your Changing of the SSID is good, and disabling it... even better.
    However, even though you've changed the default and disabled broadcast... it would only take a couple of seconds with a utility like Kismet to find out what your SSID is. Therefore... I normally just keep the broadcast enabled.

    You may want to also enable MAC filtering. This is another layer. However, if someone is sniffing your traffic... they can fina a valid MAC and spoof it. MAC filtering can be bypassed pretty easily.

    Right now... the best protection you can use... and be confident in is WPA.

    While you can enable the other layers... and I normally do... you can't rely on them to keep you secure.

    Read the following threads:

    http://www.antionline.com/showthread...hreadid=267432
    http://www.antionline.com/showthread...hreadid=267692
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Member
    Join Date
    Apr 2005
    Posts
    34
    Many thanks, the information your provided in those links are great and very helpfull. I am still reading them. I do have one problem however the router suports WPA but in the configuration for my wireless card DWL-G510 it does not seem to have an option for WPA. I was gona email dlink about this. I live on the 13th floor of an apartment building, and my router says it handles 100 feet if I recal, I guess this would mean anyone in my building within the 100 feet that knows about these wep cracking tools might sniff my data, do you think it is likely to hapen or how large scale do you estimate this problem to be.
    \"I think Adid just had a heart attack, I tryed to revive him but it was too late!\" - Delta Force Black Hawk Down

  4. #4
    Member
    Join Date
    Apr 2005
    Posts
    34
    Small update I just re checked and it apears that my card does suport wpa-psk and i enabled it. I also set ssid back to brodcast as you said it can be found weather its being brodcasted or not. Very usefull reading material in the articles, once again many thanks.

    Also it seems to be conecting atomatic now that I set it for the xp zero configuration thing, I will live without the dlink utility.
    \"I think Adid just had a heart attack, I tryed to revive him but it was too late!\" - Delta Force Black Hawk Down

  5. #5
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    it apears that my card does suport wpa-psk and i enabled it
    Just remember that your passphrase for your pre-shared key should be a mix of upper/lower case letters, symbols, and numbers (I also recommend at least 20+ characters). Many of the articles I have read have emphasized what I've said. Believe it or not, cracking the WPA-PSK encryption is relatively easy for the experienced cracker IF you use an easily guessed or brute forceable passphrase.

    If you want to see the technical details on WPA-PSK encryption and methods to crack it, see this thread:
    http://www.antionline.com/showthread...592#post825592
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    not broadcasting the ssis is just a layer in security. I makes it so random people dont see the network, sure, if you are looking for a network to crack you will find it, but then again if you are looking to crack a network you will be able to do it reguardless of what encryptions you use. Not broadcasting is not the end all, and if it causes problems then it is not worth it.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    smu1ck: you say 100 feet. Most 802.11x gear is rated for 100 meters. That translates to about 330 feet... though its rare to actaully get that far. There are all kinds of devices and materials (concrete, walls, wood, etc.) that can block the signal.

    Some wifi gear lets you tweak how strong a signal you are putting out. 28mw seems to be the norm. If you lower the power to 10-15.. your signal won't go as far. Some people use this as a way to limit the connections. Though... it may not be worth it. I know you have to have custom firmware to do this on linksys gear. I've acually increased mine to the maximum 251mw to get almost a 20-25db+ increase! But then again... I go down the street about 10 houses and I can still get a signal. I never thought it'd actually go that far... but it does. I set it back to 28mw and I can't see it past 4 houses.

    As far as the key length... I do the maximum using extended ascii with the key generator I linked to in those other threads. It'll be impossible to remember.. but very difficult to crack. So, just copy to a text file and put on removable media. Then take that around to the PCs and copy/paste it into your config.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Member
    Join Date
    Apr 2005
    Posts
    34
    I just used that key generator to generate a 63 character passphrase, very nice utility, I copyed the text file to a shared folder and accessed it there. I just rechecked the spesifications and I miss read it, turns out it was 100 meters indoors and 400 meters outdoors. I did some further reading and found that indeed my configuration for the router has a way to adjust the atenna power output, thank you for this info.
    \"I think Adid just had a heart attack, I tryed to revive him but it was too late!\" - Delta Force Black Hawk Down

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •