Results 1 to 13 of 13
  1. #1
    New Lounger
    Join Date
    Jul 2013
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post

    Vista Home/XP Home secure wireless networking

    Is it possible to set up my network automatically using the router and adapter "wizards" (WPAPSK/TKIP), then apply better security using Windows Home network configurations? When I try safer settings like MAC Address filtering, the XP machine can't see the network anymore.

    I'd like to keep the Vista machine (as a substitute for expensive cable TV) wired to the wireless router, and use the wireless adapter on the XP machine just to get on the internet (curse Simple File Sharing and Guest account access in XP that can't be blocked!!), because I can't thread a hidden cable from it to the router due to inaccessible spaces I'd need to use.

    This is quite complicated, I know, and would require a lot of work for anyone who tries to help me. If we figure it out together, I'm willing to compose a guide you can post on your own website without attribution. I mean hugs don't work all that well over the web!

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,139
    Thanks
    202
    Thanked 206 Times in 198 Posts
    You should choose wpa2, not wpa. It is better security.

    As far as MAC address filtering, this seems like an obvious question, but did you include the XP machine's MAC address in the list of allowed MAC addresses?

    If you would prefer to eliminate wireless altogether...

    If you can't run an ethernet cable to your Vista machine, why not try a Powerline Adapter?

    http://reviews.cnet.com/8301-3132_7-...-fi-fails-you/

    Powerline uses your home electrical wiring to make the connection.

    Because it is wired, you don't have to worry about wifi security, filtering, etc. In fact, this may allow you to eliminate wireless altogether.

  4. #3
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,095
    Thanks
    12
    Thanked 241 Times in 234 Posts
    Ah, that's one of those gotchas thanks to Microsoft's version feature discrimination; only simple file sharing is available in XP Home.
    First, the only thing you need or should be wanting to do (instead of MAC filtering or such) is secure the wireless broadcast between system and router with WPA. WEP as you probably know is not secure to a determined hacker with a little bit of skill, but it would be better than nothing.
    The follow up question is that once your network is secure, are you then looking for further permissions-based access to shares inside your network? Specifically to those shares on the XP Home system? If so, I'd leave that to more security-minded folks than me, but if it's to get on the Internet from the XP system, I would just toggle the wireless on or off as needed.

  5. #4
    New Lounger
    Join Date
    Jul 2013
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post
    Thanks for that info on the Powerline Adapter, mrjim. It's just not in my budget right now, so I'm trying to use what I've been given. I think it's a great idea for the future, though.

    I did check the MAC address. Sometimes it is the simplest thing I forget to do because it's so obvious to The Impatient! I think the router wizard being accessed through the Vista machine is confusing me. When I first set up the wireless adapter on the XP box, I did it with a cable to the router, after which everything worked fine. When I disconnected and tried to connect wirelessly, I could see the router beacon (SSID broadcast off), but not actually connect or see the Vista box.
    Last edited by erc; 2013-07-23 at 13:10.

  6. #5
    New Lounger
    Join Date
    Jul 2013
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post
    Yeah, F.U.N. - love all the extra work involved with this (NOT!). Fair warning: I might be overly paranoid and wanting a sense of security that's completely impractical.

    I do have WPA-PSK/TKID going on. And, no, I don't need to share files or printers or anything in either direction except the internet connection for the XP box. I might just try making my XP C: drive private, while putting nothing in the Vista Public (or are they called Shared?) folders.

    Toggling the wireless off when I'm not using it sounds good, but is my online banking out there for a meanie to get ahold of while I'm on it?

    And, yes, there's a good (IMHO) reason not to use the cabled Vista box for banking - no comfy place to use the danged wireless keyboard and mouse effectively in the living room! I have a grey-haired sense of entitlement to comfort!!

  7. #6
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,095
    Thanks
    12
    Thanked 241 Times in 234 Posts
    Ya, your router blocks any WAN-side file sharing access and just don't leave anything of interest in the XP All Users folders as far as unauthorized intra-network access goes. You only need something there if you want to access shares on the XP system remotely and prevent others on the same network from accessing those shares.

    As mrjim says WPA2 is better but WPA if that's all that is available or will work is fine; if you use AES encryption (supported since 2002) instead of TPIK, it's still 100% unbreakable, and even WPA with TPIK is very difficult to break and easily defeated with a long (20 characters or so) mostly random network key.

  8. #7
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,095
    Thanks
    12
    Thanked 241 Times in 234 Posts
    Toggling the wireless off when I'm not using it sounds good, but is my online banking out there for a meanie to get ahold of while I'm on it?
    If you have WPA2 going to the router, absolutely safe over wireless. When signing into a bank, good idea, though I don't always follow my own advice, is to have that be the only page/tab open in a browser, and the sign in page should already be encrypted (https. I used to run across lots of secure sites that didn't show as encrypted until after the login was sent and that made me nervous so I'd use a phony login and get to the oops, login again page and that would show as secure, but every financial institution I access online now shows as encrypted at first login...but I still check every single time.

  9. The Following User Says Thank You to F.U.N. downtown For This Useful Post:

    scaisson (2013-07-25)

  10. #8
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,139
    Thanks
    202
    Thanked 206 Times in 198 Posts
    Quote Originally Posted by F.U.N. downtown View Post
    If you have WPA2 going to the router, absolutely safe over wireless. When signing into a bank, good idea, though I don't always follow my own advice, is to have that be the only page/tab open in a browser, and the sign in page should already be encrypted (https. I used to run across lots of secure sites that didn't show as encrypted until after the login was sent and that made me nervous so I'd use a phony login and get to the oops, login again page and that would show as secure, but every financial institution I access online now shows as encrypted at first login...but I still check every single time.
    Sprint is notorious (with me) for letting you log in on an unencrypted website, and then moving you to the encrypted website.

    The way I fixed that (after complaining about it and nothing was done) was to log into https://www.sprint.com rather than http://www.sprint.com. Sprint allows the https login if you think to try it. But many won't think of trying it, and there is nothing listed on their website which offers that option.

  11. #9
    New Lounger
    Join Date
    Jul 2013
    Posts
    7
    Thanks
    0
    Thanked 1 Time in 1 Post
    Hey, guys. I haven't tackled this yet today, and "early to bed, early to rise" is my motto.

    Just wanted to tell ya'll that I use IXQuick as my home page and search engine. You can set it up so all your searches are https. So I search my bank name each time in IXQuick rather than having a bookmark, and even the log-in home page is https. I like the search results better, too - less commercial hits, more informational ones.

    I'll come back and post if I have any insights that might help others with Vista/XP wireless networking. A toast to you both for your help!

  12. #10
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,139
    Thanks
    202
    Thanked 206 Times in 198 Posts
    Quote Originally Posted by erc View Post
    Hey, guys. I haven't tackled this yet today, and "early to bed, early to rise" is my motto.

    Just wanted to tell ya'll that I use IXQuick as my home page and search engine. You can set it up so all your searches are https. So I search my bank name each time in IXQuick rather than having a bookmark, and even the log-in home page is https. I like the search results better, too - less commercial hits, more informational ones.

    I'll come back and post if I have any insights that might help others with Vista/XP wireless networking. A toast to you both for your help!
    I also use IXQuick (startpage.com) for my searches. I like it because it strips out all identifying info, then does a google search on my request. I.e. I get all the benefits of a Google search, with none of the privacy invasion.

    Go to www.spychips.com, the website of Dr. Katherine Albrecht , the director of IXQuick.

  13. #11
    3 Star Lounger
    Join Date
    Mar 2010
    Location
    USA
    Posts
    240
    Thanks
    44
    Thanked 32 Times in 25 Posts
    Just a reminder, most (almost all) wireless routers will not allow access/log-in while on wireless networking.
    To access the router, you MUST use wired connection. This is for protection and security.
    Also, most routers disallow access through the WAN.
    I sometimes forget this myself, and wonder why I cannot log-in to the router?!

  14. #12
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,662
    Thanks
    67
    Thanked 531 Times in 480 Posts
    My Netgear wireless router allow wireless login. Of course you have to initially set it up with a wired connection but once wireless is established, you can log in that way as well.
    I think most of them work that way.
    Jerry

  15. #13
    3 Star Lounger
    Join Date
    Mar 2010
    Location
    USA
    Posts
    240
    Thanks
    44
    Thanked 32 Times in 25 Posts
    My bad. On some routers, you can setup to enable or disable wireless log in.
    Maybe some brands default to 'allow wireless log in'.
    My Dlink and old Linksys do not allow wireless log in. The Dlink defaults to 'not allow'.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •