Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#325062 - 13/08/2009 00:10 Windows Wireless Networking - no security supported?
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
So, I tried to get someone's Windows (XP SP2) machine onto my local network tonight via WiFi with much frustration.

It appears to me that Windows simply doesn't support wireless security of any kind. That is to say, it does have "WEP" and some "WPA" but you can't provide an arbitrary length password. Every time I input the password to my network it said it would only accept a password of X characters. I think maybe it was 13.

When you can't set your own password the way you want to set it, I don't count that as security. My WPA2 password is longer than 13 characters, something every brand of router I've tried supports and my Mac has never ever balked at.

Even after disabling the security on my network it took a while for the Windows machine to connect - every Mac I've ever tried takes no more than 2 seconds.

The next problem came trying to connect to my Mac notebook. It didn't seem it was possible unless I completely reconfigured their system, which I didn't have the time nor inclination to do. They of course had Windows configured still with pretty much all default settings (new XP-style start menu, at the bottom, no expandable menus on things like control panels, etc.) All in all, epic fail.

Another friend called the other day because they just set up a new access point - they were able to connect their Mac to it within a minute, but they weren't able to get their Windows notebook working with it. I think I'm going to have to tell them I'm not going to be able to help them. It's definitely because I'm not willing to, but I have to think up some other excuse.

I'd love to see a continuation of those laptop hunter commercials when those people get home and realize they just effectively tossed their money in the garbage.


Edited by hybrid8 (13/08/2009 00:11)
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#325065 - 13/08/2009 00:45 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Heh.. earlier this week I was trying to configure WEP on my niece's network, and even with an MS-standard 13-char passphrase her notebook still would not connect. Had to enter the 104-bit key in hex for that.

Loverly.

Top
#325070 - 13/08/2009 02:42 Re: Windows Wireless Networking - no security supported? [Re: mlord]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
SP3 adds support for WPA2. Or you can download the standalone WPA2 patch for SP2 here.

SP2 came out in August 2004, a month before any wireless device could be certified with proper WPA2 support.

Top
#325073 - 13/08/2009 10:21 Re: Windows Wireless Networking - no security supported? [Re: drakino]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
None of that helps with WEP on Vista, though.
The router only does WEP. Well, okay it claims WPA/TKIP as well, but I couldn't get that working even with Linux. Quite rare, that.

Cheers

Top
#325074 - 13/08/2009 11:08 Re: Windows Wireless Networking - no security supported? [Re: mlord]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
I do remember a lot of WEP solutions being a pain, due to a few variants of ASCII to hex conversion algorithms. Apple had their own, and other vendors were mixed as well. I almost always had to use the raw hex on my Powerbook. Sometimes the only way to be able to use the right ASCII key was to use the same vendor for router and wireless card, and use their drivers on Windows.

Top
#325075 - 13/08/2009 11:23 Re: Windows Wireless Networking - no security supported? [Re: drakino]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
Yeah, I have to agree with you there, Bruno. I do tech support, and every single time I set up a wireless network for someone, I ask them to pick a 13-character password. It's not always necessary, but I've found that 99% of the time Windows will not balk at 13 characters, so I just give the user a line like it's more secure to have a password that long (which it kinda is, considering most want a 4-6 character password) and just set it up that way to avoid complications.

On the flip side, though, I've come across one or two devices that don't like the Airport Extreme's wireless security. On those devices, if I turned off security completely, they would see the router and connect. But when security was on, they couldn't even see it. And no, SSID broadcast was not disabled.

Frankly, most aspects of home networking are overly complicated, regardless of what platform you're using.

Originally Posted By: drakino
Sometimes the only way to be able to use the right ASCII key was to use the same vendor for router and wireless card, and use their drivers on Windows.

Ugh, I've run into that too. I've installed a few cheap Netgear USB wireless NICs, and they've all required their own [terrible] software be installed in order to work properly. As annoying as wireless networking is in Windows, I always try to use the built-in Windows software to connect to the network.

Come to think of it, did you try that, Bruno? Did the computer come with alternate software for the wireless card? That stuff is almost universally junk that I uninstall immediately.
_________________________
Matt

Top
#325076 - 13/08/2009 11:59 Re: Windows Wireless Networking - no security supported? [Re: Dignan]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
The computer (yesterday) was a Vaio with built-in WiFi. Which first had to be enabled by turning on the external WiFi switch.

I didn't try typing in the password in Hex. I'm pretty confident it wouldn't work though. It also mentioned the length required when typing Hex digits and I'm pretty sure it was 26. One byte for each of the 13 characters it wanted. My Password is an entire sentence, though it's less than the 64 characters/bytes allowed for WPA.

Tom, thanks for the tip about SP3. I will go as far as mentioning this to my other friend as it could be the sole reason she's unable to connect her Windows machine to the network.
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#325085 - 13/08/2009 15:13 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
matthew_k
pooh-bah

Registered: 12/02/2002
Posts: 2298
Loc: Berkeley, California
OSX can be just as bad. Leopard broke WEP. No amount of 0x's, keychain editing, or anything would get it to connect to a Belkin wep encrypted access point. The only thing I was using wep for was to keep the neighbors off it, so the access point is on it's way to a landfill well before its time.

Top
#325092 - 13/08/2009 17:10 Re: Windows Wireless Networking - no security supported? [Re: matthew_k]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: matthew_k
OSX can be just as bad. Leopard broke WEP. No amount of 0x's, keychain editing, or anything would get it to connect to a Belkin wep encrypted access point. The only thing I was using wep for was to keep the neighbors off it, so the access point is on it's way to a landfill well before its time.

Yeah, Leopard had some issues that should have been fixed with this update. Apparently the issue there was compatibility with 3rd party routers configured to use open wep. The other fix was to change the router to use shared wep.

Top
#325093 - 13/08/2009 17:13 Re: Windows Wireless Networking - no security supported? [Re: drakino]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
Originally Posted By: drakino
The other fix was to change the router to use shared wep.

WEP in general is badly broken but shared WEP is actually worse than open WEP so I hope people just applied that patch instead of changing the settings.

Top
#325096 - 13/08/2009 17:22 Re: Windows Wireless Networking - no security supported? [Re: drakino]
matthew_k
pooh-bah

Registered: 12/02/2002
Posts: 2298
Loc: Berkeley, California
It was/is more flawed than just that update. I was using my G4 powerbook at the time, not an intel machine. Same results with the original unibody MBP last year.

On the other hand, Microsoft publishes a list of routers compatible with XBOX live. There's plenty of blame to spread around.

Matthew

Top
#325097 - 13/08/2009 19:20 Re: Windows Wireless Networking - no security supported? [Re: matthew_k]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
Compatibility with one specific product is one thing. But not supporting a password at anything but 13 characters, when the spec allows for any length up to 64 bytes, well, that's something else entirely. That's clearly a Microsoft philosophy.

Windows is a giant pile of hurt in the design department. Window 95 took a huge leap over what was there previously and put MS in front of Mac OS for usability. They hung on to this advantage for between 5 and 7 years (it's arguable). But since then Windows has been good for a single thing. Gaming. Period.

If my friend can't get her machine onto her network I'll just suggest she go grab a cheap Dell Mini 9 and run Mac OS on it. The machine will be as crappy as whatever it is she's trying to play with now, but at least it will have a half-decent OS on it.
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#325098 - 13/08/2009 19:36 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Originally Posted By: hybrid8
not supporting a password at anything but 13 characters, when the spec allows for any length up to 64 bytes

I guess you have the super-secret version of the 802.11 spec that, in addition to WEP-40 and WEP-104, defines WEP-488.
_________________________
Bitt Faulk

Top
#325099 - 13/08/2009 19:41 Re: Windows Wireless Networking - no security supported? [Re: wfaulk]
peter
carpal tunnel

Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
The passphrase is hashed to the key, though, not just used literally as the key, right? Otherwise the security would be terrible; there's a lot less than 104 bits of entropy in any reasonable 13-character password.

Now whether the hash in question is standardised across manufacturers, that's anyone's guess; that'd be why they let you enter the 26 hex digits of the actual key instead.

Having said that, I've never persuaded my own laptop to join any encrypted network, but I always put that down to the extreme antiquity of the Wifi card (which was scavenged from a Sparcstation Voyager when the laptop's internal Wifi broke).

Peter

Top
#325100 - 13/08/2009 19:57 Re: Windows Wireless Networking - no security supported? [Re: peter]
peter
carpal tunnel

Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
Originally Posted By: peter
Now whether the hash in question is standardised across manufacturers, that's anyone's guess; that'd be why they let you enter the 26 hex digits of the actual key instead.

On looking into it, in WPA/WPA2 (but apparently not WEP) the hash is standardised. So what you'd expect is that for WEP, Windows would expect 26 hex digits or an arbitrarily-long passphrase (the latter incompatible with non-Windows Wifi); for WPA or WPA2, 64 hex digits or a 64-character passphrase, compatible with anything. Either way it should show you the hex value it's actually using.

Peter

Top
#325101 - 13/08/2009 20:02 Re: Windows Wireless Networking - no security supported? [Re: peter]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Originally Posted By: peter
The passphrase is hashed to the key, though, not just used literally as the key, right? Otherwise the security would be terrible; there's a lot less than 104 bits of entropy in any reasonable 13-character password.

My understanding is that the passphrase is appended as provided to an "initialization vector" (which, if I understand the spec correctly, is either WEP's salt or nonce), which is then used as the seed to RC4's PRNG, which then is used as a stream to XOR the plaintext (and its CRC32 checksum). This is from page 160 (PDF page 208) of the spec I linked to.
_________________________
Bitt Faulk

Top
#325102 - 13/08/2009 20:13 Re: Windows Wireless Networking - no security supported? [Re: wfaulk]
peter
carpal tunnel

Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
Originally Posted By: wfaulk
My understanding is that the passphrase is appended as provided to an "initialization vector"

The key is appended, etc.; using the passphrase as-is as the binary key would be a poor way of doing it, as ASCII (or any easily typeable) key would have relatively little entropy: at worst, if everything is a-z, your 104-bit WEP has just become 61.1-bit WEP. Much better is to hash the passphrase to generate the key.

Here's the WEP help from my router (Linksys/Cisco WRT54G):
Quote:
Passphrase: You may enter a passphrase consisting of any keyboard character to be used to generate a hex WEP key. Passphrase option is only supported when you are only using Linksys devices on your network.

Key 1-4: You may enter a WEP key manually. You must use only hex characters (0-9 and A-F). 64-Bit WEP requires 10 hex characters. 128-Bit WEP requires the use of 26 hex characters.

This sounds awfully like what I just described, especially considering I only went and read it after I wrote the description.

Now of course if what Bruno is saying is that Windows only allows 13-character passphrases for WPA, then that is indeed broken.

Peter

Top
#325103 - 13/08/2009 21:43 Re: Windows Wireless Networking - no security supported? [Re: wfaulk]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
Who's talking about WEP? I specifically mentioned "My WPA2 password is longer than 13 characters."

My network is currently using WPA/WPA2 Personal. I used to use specifically WPA2/AES, but unfortunately some devices, like the Wii, don't support the same security as a $5 router.

I've never bothered using WEP. Anyone who knew enough to try and snoop packets would break the encryption, and those that didn't were easily kept out with a simple MAC address white-list.

Windows recognized the network was using WPA. It said specifically, that the WPA (not WEP) pass needed to be exactly 13 characters. Not a maximum of 13, not a minimum of 13. Exactly 13.

The security framework discussion in that PDF file starts on Page 155, and the RSNA-specific protocol stuff starts at 165. Or one can get the reader's digest version at Wikipedia searching for WPA or WPA2.
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#325104 - 13/08/2009 21:47 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
Anyone who knew enough to try and snoop packets would break the encryption, and those that didn't were easily kept out with a simple MAC address white-list.


Disagree. If I understand it correctly, breaking a WEP key takes a long time and involves storing a lot of wireless traffic, then analyzing that stored traffic. Getting around a MAC address filter takes only a sniffer trace of a few seconds.
_________________________
Tony Fabris

Top
#325106 - 13/08/2009 22:08 Re: Windows Wireless Networking - no security supported? [Re: tfabris]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
I've used keys longer than 13 characters with WPA and Windows XP before.

Top
#325107 - 13/08/2009 22:41 Re: Windows Wireless Networking - no security supported? [Re: peter]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Originally Posted By: peter
The key is appended, etc.; using the passphrase as-is as the binary key would be a poor way of doing it, as ASCII (or any easily typeable) key would have relatively little entropy: at worst, if everything is a-z, your 104-bit WEP has just become 61.1-bit WEP. Much better is to hash the passphrase to generate the key.

Yes, the key is appended. And some network devices do have some sort of "generate a key for me" utilities built into them. But we're talking about shared secret tools here. That key generation algorithm is not defined in the spec; therefore, each vendor's is proprietary, assuming it exists at all, and, more to the point, whatever 13-byte chunk that algorithm comes up with has to be typed in verbatim in all of your other devices, not the phrase you used to come up with it.

The fact of the matter, though, is that the whole encryption scheme is horribly broken and it doesn't make a lot of difference how random your key/seed is; it can be broken in a few minutes anyway.
_________________________
Bitt Faulk

Top
#325108 - 13/08/2009 22:51 Re: Windows Wireless Networking - no security supported? [Re: tfabris]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Originally Posted By: tfabris
If I understand it correctly, breaking a WEP key takes a long time and involves storing a lot of wireless traffic

Breaking the key after data has been collected takes very little time. It used to be that you had to collect a lot of data, but new algorithms have come to light that require much less data, and there are also techniques for getting the AP to generate data, instead of having to wait for that much data to be transmitted in the normal course of legitimate use. All in all, it takes maybe ten minutes, tops.
_________________________
Bitt Faulk

Top
#325109 - 13/08/2009 22:57 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Originally Posted By: hybrid8
Who's talking about WEP? I specifically mentioned "My WPA2 password is longer than 13 characters."

Sorry. I guess I didn't follow the thread back far enough. But you responded to someone who was talking about WEP.

XPSP2 basically didn't support WPA at all. Sometimes WPA networks would show up, but it just thought they were WEP networks. Install SP3 or the hotfix that Tom linked to. It'll solve your problem.
_________________________
Bitt Faulk

Top
#325111 - 13/08/2009 23:33 Re: Windows Wireless Networking - no security supported? [Re: hybrid8]
gbeer
carpal tunnel

Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
Originally Posted By: hybrid8
The computer (yesterday) was a Vaio with built-in WiFi. Which first had to be enabled by turning on the external WiFi switch.

I didn't try typing in the password in Hex. I'm pretty confident it wouldn't work though. It also mentioned the length required when typing Hex digits and I'm pretty sure it was 26. One byte for each of the 13 characters it wanted. My Password is an entire sentence, though it's less than the 64 characters/bytes allowed for WPA.

Tom, thanks for the tip about SP3. I will go as far as mentioning this to my other friend as it could be the sole reason she's unable to connect her Windows machine to the network.

If that machine has Intel wireless, go get the drivers from their website. Only way to go.
_________________________
Glenn

Top
#325123 - 14/08/2009 14:41 Re: Windows Wireless Networking - no security supported? [Re: wfaulk]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Originally Posted By: wfaulk
All in all, it takes maybe ten minutes, tops.


Wow, that's impressive. I didn't know that.
_________________________
Tony Fabris

Top
#325126 - 14/08/2009 20:03 Re: Windows Wireless Networking - no security supported? [Re: wfaulk]
BAKup
addict

Registered: 11/11/2001
Posts: 552
Loc: Houston, TX
Originally Posted By: wfaulk
Originally Posted By: tfabris
If I understand it correctly, breaking a WEP key takes a long time and involves storing a lot of wireless traffic

Breaking the key after data has been collected takes very little time. It used to be that you had to collect a lot of data, but new algorithms have come to light that require much less data, and there are also techniques for getting the AP to generate data, instead of having to wait for that much data to be transmitted in the normal course of legitimate use. All in all, it takes maybe ten minutes, tops.


That's exactly right, I was playing around with aircrack-ng and for grins I decided to break my own WEP key. Literally all I had to do was wait for just one ARP packet to be broadcast over the air, and about 12 minutes later I had my own WEP key handed to me. If it wasn't for the fact that I've got some equipment that can't handle WPA/WPA2, I'd be not be using WEP at all.




_________________________
--Ben
78GB MkIIa, Dead tuner.

Top