Thinkpads Forum

Hi,

I've just received a T60 and I am in the process of setting it up. Questions like mine may have been asked and answered numerous times. But I am really anxious to get it going, so please don't tell me to google for the answer.

My wireless network is set up successfully. Now I am trying to add a security option, which is WEP (Wired Equivalent Privacy).

On my Netgear Router, I have the following settings.

Authentication Type: automatic
Encryption Strenth: 64bit
Security Encryption (WEP) Key: XXXXXXXXXX

I will have to enter the identical settings on T60.
Can you point me to where I can find references on this matter?

You need to set up Access Connections. That's where you'll enter the corresponding info. Access Connections is a Lenovo program...quite handy when it's working.

A couple of notes:
WEP is not much security. It will prevent a neighbor from accidentally connecting to your network, but it will only slow down a determined hacker for less than a minute.
You really want WPA with at 20+ character key at a minimum.

Now, back to WEP. A WEP "key" can be entered as a passphrase or as hex digits. Unfortunately, different manufacturers have different ideas about how to transform the passphrase into the actual key, and so it often does not work unless your wireles adapter and access point are from the same brand. So, you want to use the hex digit option (sometimes shown as "key 1").

thank you, claudeo and uberT, for your help.

Very basic related wireless question, but not answered in the Thinkpad manuals I can find. There is a switch at the top edge of laptop screen with symbols (not the words on or off) to have or not have WIFI, but not very intuitive. Which way, left or right, do I push the switch if I want to turn WIFI wireless OFF on my T60.

Are you sure its on the edge of the screen? If you are talking about the wireless switch near the infrared port, here is how it works, switch to the left is OFF (marker will be black) switch to the right is ON (marker will be green)

This is ON (see the green marker?)
http://www.linuxsoft.cz/img/t60/radio_switch.jpg

Why not just set up security according to MAC address? That is what I do.

I have my wireless in the office set up with a DHCP Server
Wireless by MAC Address, No Brodcast of the SSID, and an Automatically Generated Key that is pushed out to the client.

NT

dfumento wrote:Why not just set up security according to MAC address? That is what I do.

That's too easy to crack. All you need is a sniffer.

Same for WEP and WPA - a good sniffer and a few minutes

redsoxidahovandal wrote:Same for WEP and WPA - a good sniffer and a few minutes

Actually, I believe you would need quite a few minutes to crack wpa; and wpa2 is even better. Mac addresses only are sent over the air unencrypted and are trivial to capture and spoof. A good combination is to do all of the following: suppress broadcasting your ssid, secure with wpa2 and use mac address security.
Oh yes, I almost forgot, the passphrase should be long(at least 26 chars) and complex with a good mix of letters (upper and lower case) digits and special characters. Changing it often also cannot hurt but is a pain in the a**.
Remember, some security methods are much better then others but none are perfect.

For good measure, choosing a strong encryption scheme will also improve your security:

AES is a better choice than TKIP if you have the option.

WPA2 + AES+ a long, strong hex key + frequent changes in your key is about the best consumer-grade solution available.

How to enable WPA2 and AES in T60? I saw only WPA+TKIP option in the ThankVantage Access Connections. I have the ThinkPad 802.11abg Mini-PCIe adapter.

Thanks!

I don't have your wireless adapter, but in my T42 with the somewhat older Intel 2200bg card, when I set up a wireless profile in Access Connections, on the Wireless Settings page, item 4. Wireless security type: I choose WPA/PSK, and when I click on Properties, I have the choice for WPA2-PSK and AES (among others). This is with Access Connections version 4.21.

Oh, yeah. I didn't notice that there were more choices after selecting WPA/PSK. Got it. Thanks!

smvp6459 wrote:AES is a better choice than TKIP if you have the option.

But I don't have the option of either TKIP or AES on my Netgear router, WGR614 v6. Which encryption scheme does it use as default?

smvp6459 wrote:WPA2 + AES+ a long, strong hex key + frequent changes in your key is about the best consumer-grade solution available.

The follow-up question is how much you care about security on your consumer-grade home network. There will be fewer hackers trying to steal your data or create DOS attacks -- most of the attacks would be just for Internet access.

And there is always the wide-open wireless two houses down. When I ran NetStumbler once in the car last spring, I would say that nearly half of the networks were wide open, with a broadcast SSID (many of them default, too!) and no security at all.

I can drive down my street with my T30 and pick up network after network. I can connect to 75% of them...easily.

I can stop in a certain spot one block from my house and pickup 8 networks. I can connect almost anywhere nowadays. I don't have to ride far to get an internet connection. I don't have NetStumbler.

uberT wrote:I can stop in a certain spot one block from my house and pickup 8 networks. I can connect almost anywhere nowadays. I don't have to ride far to get an internet connection. I don't have NetStumbler.

NetStumbler doesn't actually connect to anything -- but what it dos is tracks the networks and their signal strengths. Its good for war drives (if you're into that) as it gives you audible signals whenever it finds a new network, and excellent for finding those rogue access points at the office.