wep

My suse wireless has started a new trick: it will list a wep string completely different than the one I have specified. If I correct it some 12-15 times, I can eventually sign on, but not predictably.

There is also intermittently the error message that “wireless is disabled” Trying to figure that one out is a real chore.

The manual wireless switch that works under windows seems to be irrelevant under linux, but the linux wireless seems to only work if I have previously connected under windows, which raises the question, why bother with linux?

Ok, that covers a lot of ground. Lets take this in stages.

I’m not sure what you mean by “WEP” string. There is the SSID and the WEP key. The SSID can change if you have authorization set to ‘open’ and another router is broadcasting in your area. The WEP key shouldn’t change once you’ve set it. If the key changes then the software is getting another key out of /etc/sysconfig somewhere?Ok, that covers a lot of ground. Lets take this in stages.

If I correct it some 12-15 times, I can eventually sign on, but not predictably.

Are you sure you are signed it to the correct router at that point? Do you perhaps have conflicting wireless managers running?

There is also intermittently the error message that “wireless is disabled” Trying to figure that one out is a real chore.

That message may simply mean the wireless card is not associated with an Access Point. When you are connected does the card have good signal strength?

The manual wireless switch that works under windows seems to be irrelevant under linux, …

That would indicate a driver problem. The driver does not completely match your card. Since it worked at one time this would suggest a driver upgrade created an incompatibility with your card. Try rolling back the driver.

… This can sometimesbut the linux wireless seems to only work if I have previously connected under windows,

Same answer, driver problem. Or there is some setting on the card that is not getting set but which is left over from running under Windows.

which raises the question, why bother with linux?

Only you can answer that. If you are happy with Windows then use Windows. The thing I like about Linux is the tools exist to solve the problem yourself, command line tools like: ifconfig, ip, iwconfig, ifstatus, ifup, scripting tools like: bash, perl and python, and management packages like wicd. Windows machines don’t always work perfectly either and when they go castors-up I reach for my Linux CD.

The home wireless I am using is the only one available, and signal strength is recognized as good. For both my lenovo and HP laptops, pressing the wireless button to turn it on under linux does not change the color of the light or have any predictable other effect.
Exactly where the other wep string originates is a complete mystery to me.

Using WEP is the same as not using an encryption at all - then again judging by attitude you don’t know better.

I only have one ssid available, and have entered the wep string to successfully begin wireless function. However, the next time I turn on my machine, a different wep string may be specified (origin unknown) and I will not be able to gain access until the system (after several repetitions) accepts the correct wep string.

This problem is not predictable.

Have you considered replacing the router? They do go bad occasionally. If windows works better for your machines, then I would live with windows and buy a copy of vmware for $180 and run linux in a virtual world. Productivity is what counts, not which OS is native on your box.

On 02/24/2010 07:16 PM, RichardET wrote:
>
> Have you considered replacing the router? They do go bad occasionally.
> If windows works better for your machines, then I would live with
> windows and buy a copy of vmware for $180 and run linux in a virtual
> world. Productivity is what counts, not which OS is native on your box.

You could also download VirtualBox for Windows.

On Wed, 24 Feb 2010 13:16:02 +0000, Chrysantine wrote:

> Using WEP is the same as not using an encryption at all - then again
> judging by attitude you don’t know better.

Of course, not everyone who uses Linux these days is a hardcore IT
professional, either - it’s entirely possible that the OP really doesn’t
know how weak WEP is - in which case, perhaps pointing people at some
resources that explain this to a non-geek would be appropriate.

Such as http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

This link does go into some technical detail on the crypto behind it, but
the first two paragraphs should provide enough information to any non-
technical users about how weak WEP truly is.

Jim

Jim Henderson
openSUSE Forums Administrator

Hey that’s very interesting, I didn’t know the details, thanks.

On a tangent: would it be good enough to use WEP encryption/authentication plus use the network filter in the router to allow only certain MAC addresses? Or even to use no authentication/encryption, just the MAC-based network filter in the router?

Not really. Using a MAC filter with a wep encryption only leads to a key that is a bit more difficult to crack, but only a little bit (as you can easily spoof the MAC address).

The only way to use wep encryption in a secure way is not to use it. :wink:

On Fri, 26 Feb 2010 09:56:01 +0000, swerdna wrote:

> On a tangent: would it be good enough to use WEP
> encryption/authentication plus use the network filter in the router to
> allow only certain MAC addresses? Or even to use no
> authentication/encryption, just the MAC-based network filter in the
> router?

Depending on your router and your needs, that might work, but MACs can be
spoofed as well.

Before I upgraded my wife’s laptop, the only wireless she had wouldn’t
handle WPA, so we ran it open but with MAC filters and no SSID
broadcasts. I’d periodically look over the address allocations and would
boot systems that weren’t ours (which didn’t happen often, actually -
most in our neighborhood have wireless and many are totally unsecured. so
ours tended not to be a target).

But if I was doing banking transactions or other important stuff, I’d use
a wired connection here at my desk or a VPN connection to systems in the
office.

Now that all the machines can use WPA2, I’m set up for that.

Jim


Jim Henderson
openSUSE Forums Administrator

On Fri, 26 Feb 2010 12:26:01 +0000, Spyhawk wrote:

> Not really. Using a MAC filter with a wep encryption only leads to a key
> that is a bit more difficult to crack, but only a little bit (as you can
> easily spoof the MAC address).
>
> The only way to use wep encryption in a secure way is not to use it. :wink:

Yeah, pretty much what’s in the Wikipedia article is what applies - WEP
prevents unintended access, but it won’t stop someone who’s trying to get
in. It’s like locking your door with one of those small chains; someone
opens a door with that and goes “whoops, this isn’t my house”, it’ll
work. Someone who opens it and then kicks it to break the chain is going
to get in.

Jim

Jim Henderson
openSUSE Forums Administrator

Thanks Spyhawk and hendersj.

In addition to your advices, I was just digging in my router using the web interface, and came across this in the help file:

If you choose the WEP security option this device will ONLY operate in Legacy Wireless mode (802.11B/G). This means you will NOT get 11N performance due to the fact that WEP is not supported by the Draft 11N specification.

Your advices and that help file more than convinces me to switch from WEP.

It’s really cool the way you guys and many others in our forums go out of your way to help folks who are confused, thanks for that attitude.

I’m no longer puzzled by Chrysantine’s waspish advice which was wrong in two instances:

Using WEP is the same as not using an encryption at all

I see now that that’s probably just a sarcastic throw away line, unhelpful, untrue and misleading for newbies.

then again judging by attitude you don’t know better.

Which I take to be simple crankiness and bad manners

On 02/26/2010 02:16 PM, swerdna wrote:
>
> Thanks Spyhawk and hendersj.
>
> In addition to your advices, I was just digging in my router using the
> web interface, and came across this in the help file:
>> If you choose the WEP security option this device will ONLY operate in
>> Legacy Wireless mode (802.11B/G). This means you will NOT get 11N
>> performance due to the fact that WEP is not supported by the Draft 11N
>> specification.
>
> Your advices and that help file more than convinces me to switch from
> WEP.
>
> It’s really cool the way you guys and many others in our forums go out
> of your way to help folks who are confused, thanks for that attitude.
>
> I’m no longer puzzled by Chrysantine’s waspish advice which was wrong
> in two instances:
>
> - > Using WEP is the same as not using an encryption at all
> I see now that that’s probably just a sarcastic throw away line,
> unhelpful, untrue and misleading for newbies.
> - > then again judging by attitude you don’t know better.
> Which I take to be simple crankiness and bad manners

Actually, the analogy I use is as follows:

If you have a wireless connection that is unencrypted, the SSID is broadcast,
and there is no MAC filtering, it is the same as leaving your front door
unlocked with a large and lighted billboard in the front yard saying that your
door is unlocked.

Hiding the SSID and turning on MAC filtering is the same as removing the billboard.

Using WEP is the same as locking the door with a toy lock.

Using WPA is locking the door with a good lock.

WPA2 is the same as adding a deadbolt.

Thanks for that, very apt

However, if someone really wanted to get in there really is no stopping them. WPA and WPA2 is still crackable by rainbow tables. It all just really depends on how good or how determined the person is. Wireless will always be unsecure and not entirely reliable. I have a wireless router, but I still jack-in to be safe. You also get faster speeds with a hardline; 100mbps vs 56mbps, without worrying about the signal dropping.

I only run the WPA2(TKIP) because my sister like the convinence of not having a cable. Me, I like my network like sex. … fast, safe, and always there when you need it. :wink:

OK now I’ve got WPA2/AES on the lan and the phones.

Painless compared to a couple of years ago when I put WEP on the lan. Knetworkmanager wouldn’t work in those days, it had to be ifup.

It’s all fairly automatic now, and even auto in Linux too. And the KDE and Gnome network applets “just work” (for me at any rate, I know some others still have probs).

Thanks all for the advices.

I hope OP got somewhere too.

On 03/01/2010 06:26 AM, swerdna wrote:
>
> OK now I’ve got WPA2/AES on the lan and the phones.
>
> Painless compared to a couple of years ago when I put WEP on the lan.
> Knetworkmanager wouldn’t work in those days, it had to be ifup.
>
> It’s all fairly automatic now, and even auto in Linux too. And the KDE
> and Gnome network applets “just work” (for me at any rate, I know some
> others still have probs).

Other than that nasty bug where a couple of static vaiables were not initialized
and routing was screwed up, WPA and WPA2 work. What has been so frustrating
about the bug is that it was introduced in RC1 or RC2, which was after I
switched to updating and stopped overwriting the previous release. As long as
the connection existed in the NM database, the error did not show. At least 11.3
testing will be more thorough, even though 11.2 looks pretty complete. See
http://en.opensuse.org/OpenSUSE_Testing_Core_Team/Subteams/Wireless_Results. As
we get to 11.3 M8 or RC1, the testing will become quite thorough.

Thank you for your efforts, the software has come leaps and bounds. I no longer use ifup, or wires, no need.

Moderated post
url removed