Strange network connection problems in Vista

[Cyber Akuma]

This is kinda convoluted, I have a lot of backstory to write.

I have a Toshiba Satellite A215-S7413 Laptop, it's wifi hardware is listed as a Realtek RTL8187B. However, it appears to internally be wired through the USB bus instead of the PCI bus since Vista's device manager has "USB 2.0" at the end of the device's name.

It came with Vista preinstalled and WiFi worked perfectly on it since day one.

I then lowered the size of the Vista partition so I could dualboot Windows and Linux

I have tried Ubuntu since 7.04 and could never get WiFi working on it, so I thought oh well, I mostly use Vista anyway and WiFi works fine there.

When Ubuntu 8.10 came out I installed it, and finally WiFi worked instantly from a default install.

Anyway, after I finally got WiFi working in Ubuntu at last, I browsed a few webpages to try it, then downloaded restricted drivers for my video card. Eventually a few reboots later I started the update manager and chose to install all updates, it required a reboot after this.

Once I rebooted........ I found I could not connect to my WiFI network anymore. It kept failing at verifying the WEP key, even though the key is correct and this is THE EXACT SAME PROFILE I USED BEFORE THAT WORKED THROUGH 5 OR SO REBOOTS BEFORE I UPDATED!

I tried deleting and re-creating the profile but no luck, it still fails at verifying the WEP key.

I gave up and booted to Vista........ and noticed that Vista could no longer connect either! It could see all the access points around me but not connect any of them, not even if I disabled the security on mine.

I rebooted to Ubuntu........ and it worked.

And now, its been like this since then.

Ubuntu 8.10 now connects flawlessly to my WiFi network, it works every time.

Vista can not connect, it can see access points, but it cannot connect to mine.

And ONLY to mine.

I deleted all wireless profiles in Vista in case it was using some incorrect information, but it didn't work.

If I try to connect to another protected network, it asks me to enter the WEP/WPA key. If I try to connect to my network this screen dosen't even appear, it just says the router did not respond.

I tried taking my laptop to my cousin's house and was able to connect to his network there just fine.

All my other wired and wireless devices are able to connect to my network without problems.

I tried reinstalling the Vista WiFi drivers, rollint them back, updating them, nothing worked.

I tried removing the security on my router temporarely, didn't work.

I tried updating my router's firmware then resetting it to factory defaults, my laptop STILL could not connect even though it could see it.

I honestly have asolutely no clue anymore what is causing this, I have no idea where to start trying to fix it.

Resetting my router didn't work, so I doubt its the router, especially since everything else connects to it.

The laptop can connect to ANY WiFi network except mine in Vista so I doubt its the drivers, and it connects to mine in Ubuntu, so I doubt its the harware.

I have absolutely no clue whatsoever what could be causing this and how I can try to fix it.

Does anybody have any ideas?

[Cyber Akuma]

Nobody has any ideas what I can try?

[TGT]

Shot in the dark here, but try changing the SSID. It could be possible that someone with similar hardware is using the same SSID, and when you try connecting, it's getting confused (Ie. both respond; one accepts another denies, etc.) That's the only thing that comes to mind for me at the moment.

[hjf288]

Shot in the dark here, but try changing the SSID. It could be possible that someone with similar hardware is using the same SSID, and when you try connecting, it's getting confused (Ie. both respond; one accepts another denies, etc.) That's the only thing that comes to mind for me at the moment.

Shouldnt be an issue since different MAC Addresses

[Cyber Akuma]

I tried changing the ssid

Anyway, a friend recommended something that fixed it, disabling IPv6 in Vista. Apparently he works at an ISP and it was a common problem there.

[+BudMan MVC]

Yeah disabling IPv6 fixes quite a few issues people run into. Unless you are actively using it there is no reason for it to be active.

One thing that caught my eye in your write up -- WTF would you still be using WEP for? WEP is no longer a valid method of securing your wireless -- you should at min be using WPA, better would be WPA2. With a secure PSK, say random 20 characters in length.

Does your wireless router not support WPA? This would be the only possible reason to still be on wep, is if hardware does not support WPA - hint, if that is the case its time to get new hardware.

[Cyber Akuma]

One thing that caught my eye in your write up -- WTF would you still be using WEP for? WEP is no longer a valid method of securing your wireless -- you should at min be using WPA, better would be WPA2. With a secure PSK, say random 20 characters in length.

Does your wireless router not support WPA? This would be the only possible reason to still be on wep, is if hardware does not support WPA - hint, if that is the case its time to get new hardware.

I get this a lot.

I have several wireless devices, all of them except for ONE support WEP, that one only supports either WEP or nothing unfortunately.

If it werent for that one I would be using WPA.

[+BudMan MVC]

Well -- I would suggest you update that one wireless device. Or you could always run say something like dd-wrt or openwrt on your wireless router that supports virtual wireless networks and isolate that WEP device from the rest of our network by putting it on a vlan and only allow pin holes into your network for say printing, or vpn it into your network.

Another way of doing this is adding another accesspoint that would run WEP and isolate it from the rest of your network, etc.

WEP is better than nothing - but not much ;) If at all possible I would look to updating this 1 device so you could run WPA. IF not then isolate it as much as possible from the rest of your network.

[Cyber Akuma]

Its a Nintendo DS, I can't update it and it needs internet access so denying it access to anything except say printing is useless.

[+BudMan MVC]

Well you could allow it access to the internet without giving it access to the rest of your network. dd-wrt or open-wrt can do this.

This would allow you wep only device to use your internet connection, but at the same time isolate it from the rest of your network -- so even if your wep network was hacked, they could only use your internet connection and not compromise the security of the rest of your devices.

Why they put out a product that only supports the antiquated no longer secure WEP is beyond me.

edit: you could also use a captive portal that would require a password to access the internet - which would then keep people that hacked your wep network from even accessing the internet without knowing this password. From my understanding the DS browser can be used to access the captive portal page and then allow the device access to the internet.

[Cyber Akuma]

Well you could allow it access to the internet without giving it access to the rest of your network. dd-wrt or open-wrt can do this.

This would allow you wep only device to use your internet connection, but at the same time isolate it from the rest of your network -- so even if your wep network was hacked, they could only use your internet connection and not compromise the security of the rest of your devices.

Why they put out a product that only supports the antiquated no longer secure WEP is beyond me.

edit: you could also use a captive portal that would require a password to access the internet - which would then keep people that hacked your wep network from even accessing the internet without knowing this password. From my understanding the DS browser can be used to access the captive portal page and then allow the device access to the internet.

I don't care about using my DS to browse webpages, I have other mobile devices for that.

I use it to connect online to play online games, as well as connect to a lan FTP to use a program that allows me to backup/restore saved data from my games.

[+BudMan MVC]

Who and the F said anything about browsing the internet with your DS?? :rolleyes:

Do what ever you want -- I was only suggesting method(s) to allow you to do what you want with your DS, get on the internet for whatever freaking reason to do whatever it is you do with it. Or allow it to access whatever service(s) you might want it to access on your local lan -- be it FTP, printing, whatever. And also isolate the rest of your network from the almost completely pointless antiquated protocol that is WEP.

Good luck!

[Cyber Akuma]

Who and the F said anything about browsing the internet with your DS?? :rolleyes:

From my understanding the DS browser can be used to access the captive portal page and then allow the device access to the internet.

And uhh, dude? Please calm down....

Do what ever you want -- I was only suggesting method(s) to allow you to do what you want with your DS, get on the internet for whatever freaking reason to do whatever it is you do with it. Or allow it to access whatever service(s) you might want it to access on your local lan -- be it FTP, printing, whatever. And also isolate the rest of your network from the almost completely pointless antiquated protocol that is WEP.

Good luck!

Trust me, I have considered just dropping my DS in favor of putting my network on WPA (At least I am PRETTY sure all my other WiFi devices can support WPA, if not also WPA2, not sure about my Laptop in linux mode though), but I need some of it's features unfortunately.... if I can get them to work properly, still expirementing FTP access.

[+BudMan MVC]

Accessing a captive portal page is not Browsing :rolleyes:

You never been to a freaking hotel where you have to access a website to put in a password before you can use the net??? Same freaking thing.

http://en.wikipedia.org/wiki/Captive_portal

The captive portal technique forces an HTTP client on a network to see a special web page (usually for authentication purposes) before surfing the Internet normally. A captive portal turns a Web browser into an authentication device

Like I said do whatever the F you want - I was only offering suggestions on how you could still use your DS but protect the rest of your network from anyone that might hack your WEP.. Or even leaching off your internet connection.

[Felix_]

Get rid of the wep or wpa security. Dissable the broadcasting of ssid and then tell your router to only respond to devices with specific MAC addresses. Enter the MAC addresses of all of the devices you wish to connect to that router (your pc, DS etc) and it will ignor any other device.

As an extra layer of security (if you believe you need more that the MAC filter can provide) you can turn off dynamic DHCP and use a non standard IP address scheme.

[Cyber Akuma]

Get rid of the wep or wpa security. Dissable the broadcasting of ssid and then tell your router to only respond to devices with specific MAC addresses. Enter the MAC addresses of all of the devices you wish to connect to that router (your pc, DS etc) and it will ignor any other device.

As an extra layer of security (if you believe you need more that the MAC filter can provide) you can turn off dynamic DHCP and use a non standard IP address scheme.

I honestly hope you are being sarcastic.

No, I am not trying to be mean, I am serious, and I am terrible at detecting sarcasm over the internet.

Every WiFi security article I have read had said to do the exact opposite of that, so I cam only assume you are being sarcastic.

[+BudMan MVC]

Yeah that guy is either a complete moron when it comes to wifi security -- or trying to make a joke.. Lets hope its a lame attempt at humor ;)

Sad to say he prob believes what his saying is true.. That type of FUD is all over the net.

[Felix_]

It was a suggestion no more. I am not advocating the non use of encryption.

Edited December 2, 2008 by Molajoku

[+BudMan MVC]

:rofl: ^ Yeah ok whatever you want to believe.. You might want to get a refund on whatever that so called degree you have cost you.

If you honestly are suggesting that "ANYONE" turn off SSID broadcasting and not use any form of encryption, be it wep, wpa, wpa2 in favor of mac filtering and not using dhcp :rolleyes: sorry but you don't have clue one to WTF your talking about.

MAC filtering is not a method of security, it is a method of control only. Not broadcasting your SSID does nothing to hide anything, and only will cause the user grief.. We have gone over this and over this here.

Maybe by persistent wifi thieves you mean the mentally challenged 83 year old women in the old folks home across the street? Any 11 year old wannabe script kiddie can find all the info he needs to defeat your non broadcasting ssid, mac filtering and no dhcp server so called security methods in a 10 second google.

If they want to use mac filtering as a method to help control access on their own network, sure more power too them.. But this is no way is a method of preventing access.

Lets see sniff traffic for valid macs, change mac, associate to AP, sniff traffic for IPs in use - set yours, done.. Lets see that would take about 3 minutes tops for any 12 year with the mind to do such a thing ;) And with your suggestion they don't even have to hack the wep first.

edit: I see you edited your message ;)

Given a 1st class degree in computer and network engineering you might consider that I know what I'm talking about.

You're welcome to your opinions however, I won’t deny you that.

Just consider that that chap that started this thread is a home user. Consider then that MAC address filtering and the non broadcast of ssid, combined with the use of a non standard IP address scheme might be enough to fend off all but the most persistent Wi-Fi thieves.

If you not advocating not using encryption -- WTF would you suggest such a thing for then???

Edited December 2, 2008 by BudMan

[Felix_]

An asinine rant I see. As you so perspicaciously observed I edited my message as so not to cause confusion.

A futile venture it would seem.

To reiterate, I do not advocate the non use of encryption. FFS I am running a project to asses Quantum Key Distrobustion systems and it application into cyrptography at my work.

My SUGGESTION was just that, a suggestion. Not a command. I have had a similar situation to Cyber Akuma in the past and I found that removing wep/wpa allowed me to utilize nominal functionality.

In truth if you are so concerned with security why use Wi-Fi at all. WEP and WPA/2 standards have been hacked to death.

[+BudMan MVC]

Sorry WPA2 has NOT been hacked to death -- Where and the F are you getting your FUD from?? The back of cereal box??

I assume when you mean hacked to death you are talking about bruteforcing a PSK. Sure if your going to use a Dictionary word, or something like P@55w0rD1 then you deserve to get hacked an no that is not secure.

Why don't you do the math on what it would take to bruteforce a "secure" psk, say a 20 character random and then re-address your hacked to death statement.

Here this should help in the math.

http://lastbit.com/pswcalc.asp

Lets assume this hacker has the computing power of a small nation. 1,00,000 computers all that can check 100,000,000 psks a second.. Your still looking at "Brute Force Attack will take up to 7795036469024207 years"

Hacked to death my ass. :rofl:

If your talking about the wpa tkip attack - that is not a hack, but an attack. Learn the difference and then again re-address your "hacked to death" statement.

[Felix_]

Done

Edited December 2, 2008 by Molajoku

[+BudMan MVC]

What oh come on -- you mean your not going to show us how WPA2 has been hacked to death.. Can you not backup your statement?

But your suggesting don't use anything vs MAC filtering and not broadcasting their SSID.. Much more secure that way :rolleyes:

"I found that removing wep/wpa allowed me to utilize nominal functionality." This line just kills me BTW.. you so supposedly hold some "1st class degree in computer and network engineering" and make statements that your working on some "Quantum Key Distribution" encryption project -- yet you can not get even the most basic wep or wpa encryption to work, so you just turn it off and go suggesting others do the same. Yeah that makes perfect sense :rolleyes:

[Felix_]

Go read up on Quantum Cryptography. Start with something simple like the BB84 protocol. You might be able to get your head around that. Then consider why a large consortium of defence agencies along with the ESA are spending quite a tidy sum of money on such cryptography. If the currently available systems were so secure there would be no need.

My situation was due to an error in a 3rd party firmware I was using at the time on my Linksys wrt54g. I used a MAC filter and the non broadcast of the SSID as a temporary stopgap.

I KNOW how ineffective this was as a security measure against anyone with any networking sense and something like wireshark but it served it purpose at the time.

"your suggesting don't use anything" When did I say this?

Edited December 2, 2008 by Molajoku

[+BudMan MVC]

So that's the direction you want to take your FUD now, it was just an angle of investigation -- Really? Why would he need this -- he fixed his connection issues back in post #5 by disabling IPv6. Yes disabling or changing the method of encryption could be used as a troubleshooting add, but this is not what you stated.

As to suggesting not using anything ---> "Get rid of the wep or wpa security" sure sounds like nothing to me ;)

Since your so called security methods of mac filtering and non broadcasting the ssid and not running a dhcp server are not security methods. Therefore = nothing. Even the OP knew this was FUD ;)

Our discussion after his disable ipv6 post was methods to still allow his 1 device to use his internet connection that only support WEP while his other devices support WPA.. So the logical thing to do would be to isolate it from the rest of his network due to the lack of security wep provides.

You drop in and suggest he turn off wep and wpa and just use nonsense to secure his network, you then try to state that these methods "might be enough to fend off all but the most persistent Wi-Fi thieves."

When you get called on your suggested FUD, you try and say you have some computer degree and work on high level encryption projects :rolleyes:

Here's the thing -- nobody with clue one on anything to do with wifi security would suggest to anyone, no matter if home/work/school/troubleshooting whatever that mac filtering, turning off SSID broadcast and or using uncommon ip addresses with no dhcp server as a methods of securing their network. Since they are not valid methods - they are FUD pure and simple.

For starters even if they did provide some miniscule amount of protection, they would make the network a nightmare to manage and connect to. You really expect "home" users to not only have to manually add mac addresses to their router every time they want to allow a wireless device to use their network, you also would expect them to have to manually configure said device to use a non broadcasting ssid while at the same time setup a static IP on the device. After a few times working through such nonsense they would more than likely run it WIDE OPEN because "security" is too much work ;)

If you want to suggest they run their network open - that would be better advice than suggesting such snake oil. Someone that states they have degree in computers and works in encryption should clearly understand this.

DONE ;)