M6600 Owners Thread

Given that a lot of modem/router combos were on WEP by default, your assumption is likely correct. For anyone with a house and a yard of decent size, it likely won't be a problem since the signal will likely fade enough for leechers not to bother. On the other hand, if you live in an apartment building, using WEP is a disaster waiting to happen. The sad truth about wireless security is that the best way to secure your network is to make sure your neighbors are less secure than you are. That way, anyone looking to leech someone else's Internet connection will target them before you. That basically means using WPA2-AES which is the most secure setting you can use as of now. WEP can be cracked in about 15 mins by a 15 years old nowadays (I kinda feaked out when I learned that). MAC filtering helps, hiding the SSID also helps a little, but programs like inSSIDer will show the SSID even if it's meant to be hidden. I have a friend who learned this the hard way in university, his Internet bill was through the roof thanks to someone torrenting on his wireless network. Needless to say that he switched to WPA among other things. That's partly why I'm being paranoid about wireless network security.

Back to driver updates, I've rarely seen a new driver cause issues, but it does happen from time to time. If your work depends on the reliability of your laptop, better wait a little to see if anything new breaks or take the if it ain't broken don't fix it approach like rcb said. Personally, I'm an update freak so I tend to update as soon as there is a new driver for better or worse. So far on my Precision, I didn't run into any issue aside from a broken firepro driver which was fixed by uninstalling and reinstalling it.

rcb is also right about Dell's driver download site, it's somewhat clunky to navigate. Every time I refresh the page, it defaults back to Win 7 32-bit drivers. An interesting fact, on the M6700 driver page at least, is that the drivers Dell provides usually contains the files for Win 7 and 8, x86 and x64 so even if you didn't select the right OS, chances are you're still ok. I haven't checked if all drivers available contain the necessary files for all 4 OS, but most I've seen do. Dell's site is still miles ahead of HP's website though, for anyone who wants an example of what to avoid when making a website, try shopping for computers at hp.com. If you ever feel like a website is driving you nuts, think of HP's website and the world will suddenly seem brighter.

EDIT: It's ~1 am here and I just wrote a wall of text, so if there are inconsistencies, blame it on me bring tired.

 

According to the Linksys WRT54G router.
I tried setting WPA before but had trouble ( I think it should've been WPA2). It doesn't help that I have to try to figure it out while four people want to be connected,
plus I don't know if every device can access (phones, tablets, printers).
Maybe I'll give it another go later or early tomorrow.

Snip:

Security Mode: You may choose from Disable, WEP, WPA-Personal, WPA2-Personal, WPA-Enterprise, WPA2-Enterprise, or RADIUS. All devices on your network must use the same security mode in order to communicate.

WPA Personal:
WPA Algorithm: Only TKIP is supported.
WPA Shared Key: Choose a unique key to authenticate with other devices on your network. The Shared Key must be between 8 and 63 characters in length.
Group Key Renewal: This settings determines how often your group key changes.

WPA2 Personal:
WPA2 Algorithm: You may choose from AES or TKIP+AES. Choose TKIP+AES if you have both WPA and WPA2 devices on your network.
WPA2 Shared Key: Choose a unique key to authenticate with other devices on your network. The Shared Key must be between 8 and 63 characters in length.
Group Key Renewal: This settings determines how often your group key changes.

WPA Enterprise:
WPA Algorithm: Only TKIP is supported.
RADIUS Server Address: The IP address of your RADIUS server.
RADIUS Server Port: The port your RADIUS server uses.
Shared Secret: The shared secret set on your RADIUS server.
Key Renewal Timeout: Determines how often your keys should be renewed.

WPA2 Enterprise:
WPA2 Algorithm: You may choose from AES or TKIP+AES. Choose TKIP+AES if you have both WPA and WPA2 devices on your network.
RADIUS Server Address: The IP address of your RADIUS server.
RADIUS Server Port: The port your RADIUS server uses.
Shared Secret: The shared secret set on your RADIUS server.
Key Renewal Timeout: Determines how often your keys should be renewed.

WEP:
WEP Key Bit: You may select from 64-Bit or 128-Bit encryption.
Passphrase: You may enter a passphrase consisting of any keyboard character to be used to generate a hex WEP key. Passphrase option is only supported when you are only using Linksys devices on your network.
Key 1: You may enter a WEP key manually. You must use only hex characters (0-9 and A-F). 64-Bit WEP requires 10 hex characters. 128-Bit WEP requires the use of 26 hex characters.
Keys 2 to 4 are not supported.


RADIUS:
RADIUS Server Address: The IP address of your RADIUS server.
RADIUS Server Port: The port your RADIUS server uses.
Shared Secret: The shared secret set on your RADIUS server.
WEP Key Bit: You may select from 64-Bit or 128-Bit encryption.
Passphrase: You may enter a passphrase consisting of any keyboard character to be used to generate a hex WEP key. Passphrase option is only supported when you are only using Linksys devices on your network.
Key 1: You may enter a WEP key manually. You must use only hex characters (0-9 and A-F). 64-Bit WEP requires 10 hex characters. 128-Bit WEP requires the use of 26 hex characters.
Keys 2 to 4 are not supported.

 

I've been using WPA2+AES for years and any remotely modern device will connect without issue. The only thing I've ever found that didn't work was an old Nintendo DS. Like tijo mentioned, WEP can be cracked with little effort. MAC filtering and SSID hiding help a little but someone who wants in will be able to work around that stuff. I know a network security guy who has demonstrated this to me before.

Is it likely to actually be a problem? Is there really anyone sneaking around trying to get into your network? Maybe not, but I prefer to avoid even the possibility of such things as much as possible.

On your router, WPA2 Personal is the correct choice. You just choose a password and enter the same password on your devices. If you switch from WEP to WPA2, I recommend also changing the SSID. (That will just make it easier to make sure that previously connected devices aren't trying to use the old credentials.)

 

Windows XP pre sp3 doesn't do WPA2 which could be a problem for some company laptops. Smartphones will do WPA2 just fine, game consoles too. You may have to reconnect some devices though. That's about all I can think of that won't take WPA2. Besides, if you're on xp, you have bigger security concerns, MS is pulling the plugin all support next year.

 

Security support is already dropped for XP pre-SP3.

 

@Tijo, @Aaron44126

Success! Painless! 3 computers connected quickly. I'll see about other devices a little later.

What I did:
Attach the LAN cable (Yeah, stupid [me] here tried wireless admin first. Fail.)
Backup the current config for quick reset/recovery of all prior settings.
Used the previous WEP key for a trial run; later on - will increase to 63 chars., change SSID, change wireless admin password.

What I don't understand when you say WEP can be cracked, does this mean the encryption can be cracked and reveal not just transmission data
but also get past the wireless security firewall to spoof MAC permissions, gain admin password, reveal SSID and WEP key bit and even control the router?

I appreciate the advice, thanks.

 

WEP has a "mathematical flaw" that makes it possible to get the encryption key by just observing enough traffic and doing some calculations. You can even do some tricks to get the router to spit out data so that you don't have to wait for traffic to happen "naturally." And yes, once you have the key you can decrypt network traffic (including any past traffic previously recorded), WEP doesn't make it difficult to prevent computers on the same network from eavesdropping on each other. From there you could get MAC addresses, the admin password (if they catch you typing it in), and whatever else there is that is not encrypted at the application layer.

On the other hand, WPA(2) only uses the password you provide to set up a handshake between your computer and the router, after the devices are connected each one will transmit data using a unique key. This means other traffic is safe even if someone knows the password. (There is also a shared key that can be used by all machines for "broadcast" traffic, but it is periodically reset and also changes when someone leaves the network.)

You don't necessarily need to use a full 63-character key (what a pain), just something that will survive dictionary-type attacks (maybe 16 or so characters with a mix of different cases, numbers, symbols if you're up for it) — as far as I know, the only way to attack a WPA2+AES network [that doesn't support WPS] is to brute-force the password.

 

@Aaron44126
@Tijo

Thanks for all your recommendations and advice - great for anyone reading. To think I was so ambivalent and ignorant while just a simple step away from being more network secure was shocking.
When I view the available connections near my home I see up to 18 ... large compact condominium complex that it is.

So all my previous firewalls are in place and I've switched encryption to WPA2 Personal AES, all seemingly is fine and fast, no deterioration whatsoever.

Sure - upping the key to 63 is a one time pain but I have keepass so that'll make it easier and I'll just send the users an encrypted file to copy in.

 

Wow, for some reason, the spam filter caught your post. That thing is really going crazy lately and not in a good way. Anyways, if you want primers on home networking Real Help For Your Small Network - SmallNetBuilder is my go to place.

More on the state of online password cracking: Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” | Ars Technica, scary... IT gives good insight on what not to do.

 

While Spam-O-Matic isn't fun - it's a relief to know that's all it is: a Robot. That and knowing my post isn't getting vaporized after an effort Oh and that I can alert someone that it happened

Yeah I'm just sitting here in shock that I worry about locking stuff down with the apparent oversight of - my network and the front door of my home (most of which can be picked by a pro in less than a minute anyway but no one thinks about this) that needs an overhaul of the latch recesses. Anyone could literally walk right through at most only one now.

Thanks.

Edit -----

Read the article on Wikipedia that Aaron posted about WPS. I've never used that and it has always been disabled and firmware always updated. At least didn't get lazy there.