https://lh5.googleusercontent.com/-AB5ripSm2cs/T6CBuQknYYI/AAAAAAAAFnY/o5Y19y5wac8/s800/wifi%2520connection%2520issue.JPG

Long story short I've got this IBM T42 laptop which has been formatted and had windows xp installed (updated to sp3). All drivers installed and everything working, Wireless Zero Configuration shows the various wireless networks in range, but trying to connect goes like this:

Connect to network > enter network key (wireless password) > receive dialogue as per screen shot above.

Updated netgear router firmware, iMac and iPhone both connecting to the network fine. Also tried connecting the IBM T42 laptop to my iPhone as personal hotspot (tethering) but receive same dialogue..

Any ideas what's causing this? Need to get it fixed for a client by tomorrow!

Have you tried updating the drivers for the wifi card?

Could also try changing the channel

It may be that the encryption on the connection is not supported on XP

Set your router to no encryption and try again.

If that works, try WEP encryption.

I suspect you are trying to use WPA (or WPA2) and hitting a problem

See this for some suggestions

http://www.techrepublic.com/article/windows-xp-service-pack-2-how-it-affects-wireless-networking/5320782

also see

http://support.microsoft.com/kb/884787

What Soulkill said mate. It's something to do with how the router security is configured. You may need to reset it. If an XP system can't connect to it, you'll need to get another OS machine or plug directly into it by ethernet (and then the encryption is bypassed). Then you should be able to log onto it and adjust the security settings.

To log onto it:
Start->Run-> and run 'cmd'
Type IPCONFIG
Look for the line with is your 'default gateway'
Open a browser and enter that IP address (e.g. 192.168.1.254)
That'll allow you to log onto the router and change settings.

If that doesn't work, go into an isolated room and shout rude words as loud as possible until you pass out.

No worries guys, it's kind of a favor for a client. If she's got wep or no encryption on her network then she'll probably fine. If its wpa/2 (which is what my network uses) then I might have to blimmin help with that as well.

Can't believe window's xp doesn't support wpa/wpa2? Thought that encryption was out when xp was so a bit confused :(

No worries guys, it's kind of a favor for a client. If she's got wep or no encryption on her network then she'll probably fine. If its wpa/2 (which is what my network uses) then I might have to blimmin help with that as well.

Can't believe window's xp doesn't support wpa/wpa2? Thought that encryption was out when xp was so a bit confused :(

Nope - was WEP only back then.

SP3 came out after WPA became common, but they never backported the WPA stuff as SP3 was a security update, not functionality update.

http://iampierremenard.files.wordpress.com/2012/02/inhiding-frustration-argh-66092-l-main_full.jpg

Nope - was WEP only back then.

SP3 came out after WPA became common, but they never backported the WPA stuff as SP3 was a security update, not functionality update.

XP SP3 does support WPA/WPA2, my old netbook connects to my WPA2 (AES) network fine

It was supported under SP2 with a MS patch - http://support.microsoft.com/kb/893357

Potentially could it be the wireless card in the laptop, it may be to old to support WPA/WPA2?

Please guys do not use WEP, it is so insecure my grandmother can hack any key in about 3s flat.

Once access has been gain it is trivial to grab data which you deem secure (lolSSL) - be safe!

Please guys do not use WEP, it is so insecure my grandmother can hack any key in about 3s flat.

Once access has been gain it is trivial to grab data which you deem secure (lolSSL) - be safe!

In theory you are correct, especially for 64bit WEP which can be vulnerable to a 21bit attack however hacking WEP128 requires a hacker to capture around a million encrypted packets to perform an attack, although this wont take long on a busy network (less than an hour) but on a quite network it cant take for ever.

The problem with WPA/WPA2 is its easier to crack should the user pick a crap password. A hacker simply has to capture the "handshake" between the AP / Host which happens when a host joins a network and then run that "handshake" against a dictionary file. Elcomsoft wireless auditor is pretty good if you have a decent GPU in your machine, my old gaming PC could run a handshake capture against a 12gig dictionary file in less than half an hour. Bearing in mind these dictionary files contain every single word you can imagine and the software allows you to try variations of a dictionary word such as putting a 1 on the end or making the first char upper-case

So what im trying to say is that the weakness is in the implementation and not the protocol, although ultimately the WEP standard is insecure and WPA2 (AES) is almost unbreakable if implemented correctly.
From experience its far easier to break into a typical WPA network than a WEP128 network

depending on how old the wifi card is it might not supporting WPA.

XP SP3 does support WPA/WPA2, my old netbook connects to my WPA2 (AES) network fine

It was supported under SP2 with a MS patch - http://support.microsoft.com/kb/893357

Potentially could it be the wireless card in the laptop, it may be to old to support WPA/WPA2?

I'll accept that correction, I'm not a big Windows expert.

I would agree its probably the HW thats at fault.

2 Options, leave it insecure (Calm down Hong, sometimes you have to do what you have to do) or get a USB Wifi dongle that is supported by XP and does WPA.

Not in theory, I am correct ;) In theory 128bit wep can take 1mil IV's but in reality I have done plenty myself in around 80,000. You can do this regardless of if the network is busy ot not, even if it has no associated clients. Injecting at 500pps makes this very fast. Even if it took an hour, or several, it's still insecure.

The protocol IS flawed. Something which you can break regardless of length is pretty broken in anyone's eyes.

As for WPA, yes the human element is the weakest part, unfortunately. I agree whole heartedly here. I tend to generate SSID specific hashes rather than cracking in-line, I find its much faster, and re-useable. There are many scripts which can permutate passwords and generate wordlists on almost any variable. The key point here is to pick a passphrase which is not dictionary based (i.e pick something that is not an actual word) to decrease the likihood of someone being able to bruteforce it.

However there is an attack vector against WPS which can exploit some routers and makes WPA passphrase length and complexity completely irrelevant. There are some routers which even keep WPS enabled after you disable it in the config. Cheers vendors!

From experience it is infinately easier to break WEP than WPA. Even if the user picks a weak password for WPA (say their name, or something) - from an outsiders point of view with no social engineering , this information is unknown. Whereas WEP is done and dusted in a fraction of the time in almost any scenario.

EDIT: Sorry for the derail, however security is a major bugbear of mine. Just as mechanics wince when they see ameteurs like me hanging off a seized bolt with a monkey wrench, I wince when I see people take this stuff for granted, having seen the consequences of people who believe they are not going to be hacked.

So I shud jus WEP dis bitch?

things to consider.

area the person stays in
sensitive data on the computer

erm she lives in Manchester (on the border with cheshire) and she's getting an iPad eventually but just wants this cheap laptop to do odd bits of word processing on.

Don't think she'll be into claustrophillia or looking up enclosed spaces.

if there is nowt to keep safe then WEP will do just fine dont use 128 as its a pain 64 will do fine. tell her to keep an eye out for other people connecting. the router will show another ip address has been assigned if there is.

I'll have a chat with her, don't think she's very tech orientated so don't wanna bore her socks off, need to keep it fresh and interesting lol

if there is nowt to keep safe then WEP will do just fine dont use 128 as its a pain 64 will do fine. tell her to keep an eye out for other people connecting. the router will show another ip address has been assigned if there is.

Lets just hope she doesn't enter any passwords over the internet, bearing in mind a hacker doesn't need to connect to the wireless network to steal data.

Hope she doesnt bank online etc.

If she can't work out how to get wireless connected she wont know how to tell if someone else is connected either.

Get a wireless adapter that does support WPA in XP. Seriously for the sake of £20 or something why risk it.

eeeeh ffs why did I bother "Oh yeah sure I'll sort a laptop out for you".. it should say on the box for the adapter if it supports wpa/wpa2 etc I guess?

I'll see what I can find locally.

nothing stops the professionals if they want in they will get in. wireless by nature is not secure no matter how much you think it is. the biggest threat is your neighbours wanting to share the connection for their own purpose.

if you want to secure your wireless network a little better then don't broadcast the SSID and set the network up manually with static IP addressing limited to only the users on it.

turn off file sharing and remote assistance.

there is more chance of downloading malware/spyware/virus from the internet that someone sitting outside your house trying to hack into your network.

Best bet of all, use a wired connection, quicker, more stable and secure.

Most people only use their laptop in one or two places in the house anyway...

nothing stops the professionals if they want in they will get in. wireless by nature is not secure no matter how much you think it is. the biggest threat is your neighbours wanting to share the connection for their own purpose.

if you want to secure your wireless network a little better then don't broadcast the SSID and set the network up manually with static IP addressing limited to only the users on it.

turn off file sharing and remote assistance.

there is more chance of downloading malware/spyware/virus from the internet that someone sitting outside your house trying to hack into your network.

Hiding an SSID adds no security at all, and I cant see how Turing off DHCP to manually assign everything will be of any use at all. Wireless can be very secure from a data perspective, a WPA2 network with a long random key is virtually unbreakable, maybe if you had 3 or 4 billion years to try every combination you might get it. But if someone is desperate enough to attempt to crack a network with a random 63char WPA2 key it would be far easier and cheaper and less time consuming for them to break in and beat you up or just steal you PC