Strange Wireless Networking Issue

[John Schneider]

My daughter has a new Gateway laptop with wireless networking capability,
running XP Home SP2 and all current updates. I'm trying to get her connected
to my home wireless network (D-Link DI-634M). I have the router set to not
broadcast the SSID. The laptop won't connect to the network. However, if I
go into the router and set it to broadcast the SSID, it will connect fine.
That proves that I have all the correct settings in XP (SSID, Authentication,
encryption method and network key). But if I go back to the router and set
the SSID not to broadcast, it won't connect the next time the machine is
booted.

What am I missing here? I have another laptop (XP Pro SP2) that works fine
without having to broadcast the SSID. Could this have something to do with
the differences between XP Home and XP Pro?

Thanks

 

[Barb Bowman]

more likely the card and driver make the difference. in any case,
not broadcasting the SSID is not a recommended security method. it
actually causes the issue you mention (and a determined person will
sniff out your SSID even if you hide it). Better to use WPA2 or at
least WPA.

My daughter has a new Gateway laptop with wireless networking capability,
running XP Home SP2 and all current updates. I'm trying to get her connected
to my home wireless network (D-Link DI-634M). I have the router set to not
broadcast the SSID. The laptop won't connect to the network. However, if I
go into the router and set it to broadcast the SSID, it will connect fine.
That proves that I have all the correct settings in XP (SSID, Authentication,
encryption method and network key). But if I go back to the router and set
the SSID not to broadcast, it won't connect the next time the machine is
booted.

What am I missing here? I have another laptop (XP Pro SP2) that works fine
without having to broadcast the SSID. Could this have something to do with
the differences between XP Home and XP Pro?

Thanks

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[John Schneider]

Barb,

Could you please expand on what you mean by "the card and driver make the
difference"? I don't understand.

As for not broadcasting the SSID, I have never, ever heard anyone say that
this is "not recommended". In fact, quite the opposite; its a standard
practice. How could this "actually cause the issue"? I have two other
machines that connect to this router fine without broadcasting the SSID.

John

 

[John Schneider]

Barb,

Can you please explain what you mean by "the card and driver make the
difference"? I don't understand.

As for "not broadcasting the SSID is not a recommended security method", I
have never, EVER heard that before! In fact, just the opposite is true. Not
broadcasting the SSID is a standard and accepted practice. In my case, I'm
using WPA-PSK with a 32 character SSID and 63 character passkey. That's the
lowest common denominator, and easiest to setup and maintain for older
machines that connect to my router. Combined with not broadcasting the SSID,
it would take even the most determined hacker a very, very long time to hack
into my network. Plus, I think I would notice a strange car sitting in my
driveway for that long!

Also, how is it that not broadcasting the SSID "actually causes the issue
you mention"? This doesn't make any sense, especially given the fact that I
have 2 machines that connect flawlessly without the SSID being broadcast, and
a friend who comes over occasionally and also connects just fine.

John

 

[Jack \(MVP-Networking\).]

Hi
Market constantly changes and when an OS is released there is No way to know
when and how fast the technology changes. As a result Windows provides a
specific, as well as a general capacity to deal with Wireless Control.
Many of the features and the "Last Word" in Wireless control is up to the
way the manufacturer writes its Drivers (and some of them are rather sloppy
in the writing).
Example Windows can do WPA and WPA2, but if the Drivers do not provide the
WPA entries the Wireless would Not do WPA.
Similarly SSID and other variables work about can be manipulated in the
Drivers.
Many Wireless cards would not work correctly if the SSID is Off, thus to
avoid misunderstanding is better to keep it On.
Any person who is capable to Brake Encryption knows how to detect a Wireless
connection whether the SSID is On or Off, so there is No merit to keep it
Off.
From the weakest to the strongest, Wireless security capacity is.

No Security
MAC______(Band Aid if nothing else is available).
WEP64____(Easy, to "Brake" by knowledgeable people).
WEP128___(A little Harder, but "Hackable" too).
WPA-PSK__(Very Hard to Brake ).
WPA-AES__(Not functionally Breakable)
WPA2____ (Not functionally Breakable).

Note 1: WPA-AES the the current entry level rendition of WPA2.

Note 2: If you use WinXP and did not updated it you would have to download
the WPA2 patch from Microsoft. http://support.microsoft.com/kb/893357

The documentation of your Wireless devices (Wireless Router, and Wireless
Computer's Card) should state the type of security that is available with
your Wireless hardware.

All devices MUST be set to the same security level using the same pass
phrase.

Therefore the security must be set according what ever is the best possible
of one of the Wireless devices.

I.e. even if most of your system might be capable to be configured to the
max. with WPA2, but one device is only capable to be configured to max . of
WEP, to whole system must be configured to WEP.

If you need more good security and one device (like a Wireless card that can
do WEP only) is holding better security for the whole Network, replace the
device with a better one.

Setting Wireless Security - http://www.ezlan.net/Wireless_Security.html

The Core differences between WEP, WPA, and WPA2 -
http://www.ezlan.net/wpa_wep.html
Jack (MVP-Networking).

 

[John Schneider]

Thanks Jack for the fantastic response! I'll keep this answer on file, given
the depth of your explanation. It explains a lot of things, and now I
understand what Barb meant by "the card and driver". I'll contact Gateway
now and see if they have an update for the driver. Not much I can do about
the card, given that its built-in to the laptop.

Looks like I can comfortably turn the SSID back on, given the strength of my
63 (random) character WPA-PSK passphrase.

John

 

[Lem]

If you've never, EVER heard that not broadcasting the SSID is not a
recommended security measure, and think that the opposite is true and
that suppressing SSID broadcast is a "standard and accepted practice,"
then you haven't been listening and looking in the right places.

You are correct that in the early days of home wireless networking, not
broadcasting SSID was suggested as one (of several) techniques that
could be used to "protect" your wireless network (using MAC address
filters is another; see the first article below about that). There are
still some suggestions to this effect, most notably (that I have seen)
from Linksys. Nevertheless, just as WEP encryption is no longer a
reasonable method to secure a wireless network, suppressing SSID
broadcast is now a *bad idea.* Don't do it. It provides next to no
protection and affirmatively causes problems.

For more information, see
"Myth vs. reality: Wireless SSIDs"
http://blogs.technet.com/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx

The following article not only tells you "Why Non-broadcast Networks are
not a Security Feature," but also explains what happens in Windows XP
(and Vista, and other MS OSes) when you turn off SSID broadcast.
http://technet.microsoft.com/en-us/library/bb726942.aspx

Barb,

Can you please explain what you mean by "the card and driver make the
difference"? I don't understand.

As for "not broadcasting the SSID is not a recommended security method", I
have never, EVER heard that before! In fact, just the opposite is true. Not
broadcasting the SSID is a standard and accepted practice. In my case, I'm
using WPA-PSK with a 32 character SSID and 63 character passkey. That's the
lowest common denominator, and easiest to setup and maintain for older
machines that connect to my router. Combined with not broadcasting the SSID,
it would take even the most determined hacker a very, very long time to hack
into my network. Plus, I think I would notice a strange car sitting in my
driveway for that long!

Also, how is it that not broadcasting the SSID "actually causes the issue
you mention"? This doesn't make any sense, especially given the fact that I
have 2 machines that connect flawlessly without the SSID being broadcast, and
a friend who comes over occasionally and also connects just fine.

John

--
Lem -- MS-MVP - Networking

To the moon and back with 2K words of RAM and 36K words of ROM.
http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
http://history.nasa.gov/afj/compessay.htm

 

[Barb Bowman]

in addition to the other answers (all expand on the latest wireless
knowledge and standard practices), if Gateway does not have a new
driver, there may be one available elsewhere. Post the text output
of

ipconfig /all

which will show us exactly which wireless adapter you have in this
machine.

Barb,

Could you please expand on what you mean by "the card and driver make the
difference"? I don't understand.

As for not broadcasting the SSID, I have never, ever heard anyone say that
this is "not recommended". In fact, quite the opposite; its a standard
practice. How could this "actually cause the issue"? I have two other
machines that connect to this router fine without broadcasting the SSID.

John

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/