lewmur Posted January 22, 2011 Share Posted January 22, 2011 (edited) I have an old Belkin wireless router without any usage logs. But it does have WPA-PSK which I have enabled. I also have mac addressing control set to only allow one mac address. That device is "on line" at all times, so no one can be spoofing that address. I have the router setup as an access point plugged into a wired port on my main router.Everything should be secure but somehow it isn't. If I plug the wireless router in, the PC using it connects and the Resource Monitor say it's activity is less than 1%. And yet my desktop browser page loading slows way down, frequently generating timeout errors.edit: This just started recently. The only change on my end is the PC using the wireless changed from XP to Vista. Edited January 22, 2011 by lewmur Quote Link to comment Share on other sites More sharing options...
goretsky Posted January 22, 2011 Share Posted January 22, 2011 Hello,You may want to make sure that the computer running Microsoft Windows Vista has the latest device drivers installed for its wireless adapter, and that the Belkin wireless router has the latest firmware installed for it. If problems persist, try disabling autotuning of the TCP stack on the computer per Microsoft Knowledgebase Article #934430, "Network connectivity fails when you try to use Windows Vista behind a firewall device".Regards,Aryeh Goretsky Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted January 22, 2011 Share Posted January 22, 2011 If that doesn't make a real difference, it may just be time for a new router.It is amazing the difference between an older Netgear and a new Linksys E2000 or E3000 router running WPA/WPA2. I think their processor in the routers are better these days and geared more for encrypted traffic. Quote Link to comment Share on other sites More sharing options...
lewmur Posted January 22, 2011 Author Share Posted January 22, 2011 If that doesn't make a real difference, it may just be time for a new router.It is amazing the difference between an older Netgear and a new Linksys E2000 or E3000 router running WPA/WPA2. I think their processor in the routers are better these days and geared more for encrypted traffic.My problem with the "older" router is the lack of diagnostic and logging built into the router. But it didn't suddenly become old. The problem popped up suddenly. My assumption was that someone cracked my WPA encryption, and was stealing a large portion of my bandwidth. So I added the mac address filtering. That should have cured the problem but didn't. Note also that it isn't the traffic that is being processed by the wireless router that is the problem. When I plug the wireless router into my wired LAN, the computer on the wired LAN suffers the slow down.BTW, I might buy a new router but I'm not going to spend $150, or even $70, on one serving a single laptop. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted January 22, 2011 Share Posted January 22, 2011 There are also some great router choices for DD-WRT. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted January 22, 2011 Share Posted January 22, 2011 You might also want to try getting the latest firmware for the Belkin router that you have, and here's the Belkin support article about updating firmware.If you already have the latest firmware, you might want to reflash it and let Belkin know that there is a chance that their firmware has been compromised. Quote Link to comment Share on other sites More sharing options...
ross549 Posted January 23, 2011 Share Posted January 23, 2011 MAC addresses can also be spoofed. Try this......Run the router without your computer connected to it. Are the lights blinking on the wireless side? If your wireless is blinking, then you probably have someone on it. Also, have you changed the password recently?Adam Quote Link to comment Share on other sites More sharing options...
zlim Posted January 23, 2011 Share Posted January 23, 2011 I also limit the leases, substantially. The default is 256. I've set mine up to 6 or 7. All the computers (that go on the internet) and the printer gets a lease. Anyone else trying to connect will get the message "no DHCP offers" and "pending" if they manage to crack the password. Quote Link to comment Share on other sites More sharing options...
lewmur Posted January 23, 2011 Author Share Posted January 23, 2011 MAC addresses can also be spoofed. Try this......Run the router without your computer connected to it. Are the lights blinking on the wireless side? If your wireless is blinking, then you probably have someone on it. Also, have you changed the password recently?AdamHow can they spoof a mac address that is already in use? There is only one allowed and it is always in use.And, no, I haven't changed the password, Someone who can steal it once would have no trouble doing so again. I want a more than a temporary fix.Lilbambi;I did update the firmware, though it surprised me there was one available. I was careful about updates back when it was newer. Figured they'd stop with new ones long ago. And the update seems to have helped. Quote Link to comment Share on other sites More sharing options...
ross549 Posted January 23, 2011 Share Posted January 23, 2011 How can they spoof a mac address that is already in use? There is only one allowed and it is always in use.And, no, I haven't changed the password, Someone who can steal it once would have no trouble doing so again. I want a more than a temporary fix.The MAC address would have to be changed in the firmware of the wifi card. That can be accomplished before it attempts to connect to the router. If you and an attacker have the same MAC address, the router is not going to know the difference. My previous statement stands- it can be spoofed. I am not sure how you would join the network when only one address is allowed. However, I am thinking about this... if a second computer was configured with the same MAC address as the first, and the first was on the network, what would happen if the second came in range of the router? Would it start responding to packets of data? I am not sure. I do not fully understand how WPA actually works at the protocol level.However, one thing I do know about WPA is that cracking the password takes quite some time. WEP can be cracked in a second or two. The better WPA password you have (better=longer), the harder it is to crack WPA. So, my previous suggestion still applies- if you change the password, it will take time for the cracker to get back in. That is why I suggested it in the first place.Also, did you try shutting this laptop down and seeing if the wireless light on the router still showed activity? That would be a dead giveaway of someone getting into your network.Adam Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted January 23, 2011 Share Posted January 23, 2011 WPA2 Vulnerability Discovered – “Hole 196″ – A Flaw In GTK (Group Temporal Key) - July 27, 2010 Well as it tends to be, when something is scrutinized for long enough and with enough depth flaws will be uncovered. This time the victim is WPA2 – the strongest protection for your Wi-fi network which is standardized.WEP fell long ago and there’s a myriad of WEP Cracking tools available. In 2008 it was reported flaws had been found in WPA and it was partially cracked.These factors of course shifted a lot of people to WPA2, which has now been found to have certain flaws. Quote Link to comment Share on other sites More sharing options...
lewmur Posted January 23, 2011 Author Share Posted January 23, 2011 The MAC address would have to be changed in the firmware of the wifi card. That can be accomplished before it attempts to connect to the router. If you and an attacker have the same MAC address, the router is not going to know the difference. My previous statement stands- it can be spoofed. I am not sure how you would join the network when only one address is allowed.A mac address can be spoofed via software. That isn't the point. The point is that there is no point in spoofing one that is already in use. When you first connect, the DHCP server uses the mac address to assign the IP, or if a static address is used, to tie that IP to the mac. So, if you spoof a mac already in use, you'd wind up with an IP conflict. Both NIC would have the same IP.And just to make things clear, mac filtering is entirely separate from encryption. It can be used with or without encryption. Quote Link to comment Share on other sites More sharing options...
Peachy Posted January 24, 2011 Share Posted January 24, 2011 I'd run Wireshark and do a packet dump to see what hosts and protocols are on your network. You should be able to easily tell what's going on. Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 21, 2011 Author Share Posted February 21, 2011 If that doesn't make a real difference, it may just be time for a new router.It is amazing the difference between an older Netgear and a new Linksys E2000 or E3000 router running WPA/WPA2. I think their processor in the routers are better these days and geared more for encrypted traffic.I used this as an excuse to upgrade to a new "N" router. Didn't cure the problem. Seems it has to do with the Vista install on the laptop. I've used the Windows Task Manager to monitor the network traffic and it appears normal. So I installed Ubuntu on it to test it and all works well. But as soon as I reboot into Vista, I start getting "timeouts" on my other computer. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 21, 2011 Share Posted February 21, 2011 Think overall you will be happier with the throughput on the N router.And it also helped you isolate the problem. ;)Very interesting about Vista doing that crap.Did you try disabling the autotuning of the TCP stack as noted in Aryeh's earlier posting? Hello,You may want to make sure that the computer running Microsoft Windows Vista has the latest device drivers installed for its wireless adapter, and that the Belkin wireless router has the latest firmware installed for it. If problems persist, try disabling autotuning of the TCP stack on the computer per Microsoft Knowledgebase Article #934430, "Network connectivity fails when you try to use Windows Vista behind a firewall device".Regards,Aryeh GoretskyBTW: What network card (model) is in that computer or what built-in network card? Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 21, 2011 Share Posted February 21, 2011 There is also an Intel article on that here: Network ConnectivitySlow or timed-out network connections under Windows Vista*Symptom(s):A number of symptoms are caused by the same issue. Symptoms might include any of the following. * Network connections are slow or time out with error messages. * Messages might include text such as "The connection to the server was interrupted" "Page cannot be displayed." * Downloading mail from an Internet Service Provider (ISP) takes longer than expected.Cause:By default, Windows Vista uses TCP autotuning to control TCP Receive Window size. If your router or firewall does not support TCP Window Scale option then slow or dropped connections might occur.Solution:There is no Intel network connection driver or software setting to control the TCP Receive Scale option. This option is controlled by the network stack of Windows Vista*. To disable the the TCP Receive Window Autotuning level in Windows Vista, follow these steps: 1. Open a command prompt window. (Click Start, click All Programs, click Accessories, and click Command Prompt.) 2. Type the following command and press Enter: netsh interface tcp set global autotuninglevel=disabledIf you upgrade your firewall or router and want to set this feature to its default value, follow these steps: 1. Open a command prompt window. (Click Start, click All Programs, click Accessories, and click Command Prompt.) 2. Type the following command and press Enter: netsh interface tcp set global autotuninglevel=normal Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 21, 2011 Share Posted February 21, 2011 Hmmm, is this a Dell machine with Vista on it?If so, apparently turning off the Dell DataSafe feature fixed it for some folks. Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 21, 2011 Author Share Posted February 21, 2011 Hmmm, is this a Dell machine with Vista on it?If so, apparently turning off the Dell DataSafe feature fixed it for some folks.No such luck. This is an Aspire 4520. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 21, 2011 Share Posted February 21, 2011 Vista 32-bit or 53-bit?Atheros Wifi? Model number? Quote Link to comment Share on other sites More sharing options...
Corrine Posted February 22, 2011 Share Posted February 22, 2011 so it would seem...Just a slip of the fingers. The numbers are right next to each other but it did give me a good chuckle when I saw it. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 22, 2011 Share Posted February 22, 2011 Oops! LOL! :' /> :hysterical: Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 22, 2011 Author Share Posted February 22, 2011 Vista 32-bit or 53-bit?Atheros Wifi? Model number?Vista 21bit Home Premium. Atheros AR5007EG Quote Link to comment Share on other sites More sharing options...
ChipDoc Posted February 22, 2011 Share Posted February 22, 2011 Vista 21bit Home Premium. Well THAT certainly explains a lot! Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 22, 2011 Share Posted February 22, 2011 Unable to connect with WPA active in VistaYou may want to go back to WEP if you intend to stay with Vista? Quote Link to comment Share on other sites More sharing options...
mac Posted February 22, 2011 Share Posted February 22, 2011 Vista 21bit Home Premium. Atheros AR5007EGlewmur, you didn't happen to visit Harrah's last night? Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 22, 2011 Author Share Posted February 22, 2011 lewmur, you didn't happen to visit Harrah's last night? No, I just figured that if 64=53 then 32 must = 21. Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 23, 2011 Author Share Posted February 23, 2011 Vista 32-bit or 53-bit?Atheros Wifi? Model number?Did some more testing to further isolate the problem and it does narrow down to the Vista wifi connection. It isn't the problem noted in prior post about Vista "stack." The Vista machine doesn't have problems connecting. I CAUSES the other computers on the network to have problems. Also, I have isolated it to the Wifi. If I connect the same Vista machine via its wired connection, to the same router, there is no problem. But as soon as I turn on the wifi connection, bam!! Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 24, 2011 Share Posted February 24, 2011 Sounds like that computer wants a wire and has a tantrum when you don't give it to it! :hysterical:Give it what it wants!!! Quote Link to comment Share on other sites More sharing options...
lewmur Posted February 24, 2011 Author Share Posted February 24, 2011 Sounds like that computer wants a wire and has a tantrum when you don't give it to it! :hysterical:Give it what it wants!!! I'm more likely to take away its Vista. What good is a laptop that has to be tethered to a wire? When I first got it, the previous owner had wiped the HDD and I installed XP on it. It worked fine with that. It wasn't until I put Vista back on that the trouble started. If I can't fix Vista, I'll go back to XP even though XP's life cycle is ending. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted February 24, 2011 Share Posted February 24, 2011 I hear ya. I wouldn't want Millennium II (Vista) either. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.