Hi,
Just got a shiny new Galaxy Note 10.1 last weekend. Yesterday, after receiving my case and keyboard from Amazon, I brought it in to school to start taking advantage of the S-Pen for note taking in classes that keyboards don't quite cut it in. Unfortunately, it revived an issue that I had and ignored on my HTC Rezound from last year... an issue that a WiFi device can't ignore, and unfortunately my phone's battery is not up to using CM10's tether function all day (and it might start running down my monthly data being used 5 days a week, all day).
So, any ideas what might cause this issue? The school primarily has Macs, and my Windows 8 Laptop sometimes has issues, but at least half the time it works fine. It is just Android devices that will not work. They connect, and get great signal strength, but just won't get any actual data. To my knowledge, nobody has ever gotten an Android device to connect. My Rezound is running an unofficial CM10 (4.1 JB) version, and my Note is using whatever the newest official update is (4.1 as well, I believe. Non-rooted). I don't know a whole lot about this type of stuff, but I'm not afraid to tinker around to try and get it working. I've tried a few other suggestions from numerous Google searches, but to no avail so far. The network is unprotected, and run by the school's IT people, so needless to say I have no way to easily change settings for the campus' network. I'd prefer not root the Note just yet, but if I need to, so be it. Any ideas what this might be?
Thanks
Some more Info
Coffeeist said:
[Original Post]
Click to expand...
Click to collapse
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
May or may not be the problem, but from what I've noticed, school networks tend to have a lot of blocked ports. I know the main Google Sync Framework uses port 5228. Try shooting an email to a network admin in your school's IT dept, asking about that port or just in general if they're aware that Android devices are unable to connect on their network.
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
IP address or no IP address
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Airplay and Arpspoof wouldn't be possible if MFP is enabled on the AP. Also the OP is stating that it is with all android devices and not 1.
Sent from my HTC One XL using xda app-developers app
responses
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Cynagen said:
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
Click to expand...
Click to collapse
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
sak-venom1997 said:
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Click to expand...
Click to collapse
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Coffeeist said:
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Click to expand...
Click to collapse
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register your laptop after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course unless you're fine with stuff randomly not working). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new. Oh, and you were right about my question of the gateway authentication page like a hotel wifi login page.
MAC
Cynagen said:
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register it after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new.
Click to expand...
Click to collapse
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Coffeeist said:
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Click to expand...
Click to collapse
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Cynagen said:
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Click to expand...
Click to collapse
I'll give it a shot, thanks.
Coffeeist said:
I'll give it a shot, thanks.
Click to expand...
Click to collapse
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Coffeeist said:
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Click to expand...
Click to collapse
Before discussing any workarounds, you may need to review the Terms of Service for your wifi on the school premises first, review the consequences for bypassing their security measures, and figure if it's worth the risk to you... At this time, it'll be kind of "hacky" to get around such a block. In order to provide you with a valid workaround though we'll need a little bit of information regarding what's going on when you connect.
First, when you connect to the WiFi with your Android device, do you even receive an IP address? If you don't then we'll stop here, the only way to get around the types of blocks they're employing at this level would require hardware hacking/firmware reprogramming to change the identity of the device itself, which is flat out illegal in just about anywhere I can think of. Here's your checklist, fill out where applicable: (Even if you set static information to accomplish this, that will be a valid Y.)
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
It's kind of a bit of a process unfortunately, however, if you pass every single one of these tests with the Android device, there's good news. They're only filtering traffic based on the User-Agent identification of all your applications (and based on the MAC address of your device, denying your DHCP requests), you should be able to bypass this with a VPN tunnel back to your home from your Android (after setting your static IP) in order to encrypt and keep this information from leaking to their systems. However, this will likely set off alarms if they monitor their network heavily. If the school IT asks, then you're "working on projects in-between classes on your computer at home and your family has a home office with VPN already, so you used that to connect back to the house". Either way, they can't say much about it besides cut you off... again. Anywhos, I wouldn't recommend trying to bypass without doing all this research first, and then also evaluating the possible consequences, however the rewards are within themselves. You'll be the only person at school with a working mobile device, (besides those iSuckers). Technically, encrypting your traffic is completely legal (and they can't say anything legally about it), however, setting a static IP address in the same range as your computer at school may be against their TOS which you abide by being on campus. Let us know how everything goes.
Cynagen said:
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
Click to expand...
Click to collapse
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Coffeeist said:
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Click to expand...
Click to collapse
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Cynagen said:
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Click to expand...
Click to collapse
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Coffeeist said:
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Click to expand...
Click to collapse
You need to make sure your networking information is entered correctly, you still haven't said anything about the netmask in this situation. However, if you're entering this information in correctly then you should have a solid connection until they realize you've forced a device into the network. The only thing you can do beyond that point is during that window, open a VPN connection without using a single browser request so they don't know what the device is unless they check the MAC address. Either way, this is a window that can be used, you just need to avoid identifying your device in any way prior to initiating the VPN connection. Turn off Sync when you connect.
Related
Hi, thanks in advance for help.
I have someone leeching off my Wifi net, who seems to be able to 'break-in' no matter how i secure the WiFi net.
Anyone know of any free Windows Mobile software that will show signal strength of Wifi CLIENTS nearby. Not Access Points, but CLIENTs.
I want to go find this guy.
thanks
Hi there!
If you got an "leecher" on your network I would recommend you to start your search on your router.
You didn't provide any specs, how did you find out that someone is on your network?
Next question, have you changed both, router pass and wlan key?
Are u using weak encryption (wep)?
Whats about your mac-filter?active?
I would guess you've got an dhcp server on your network/router... go there and check the dhcp releases. Any suspicious entrys? You should know all the devices listed there. If you have found a IP you don't know, ping it and check if its alive (those packages can be ignored by the host), try to access it via smb, you could also try a demo of languard and try to read out details like os, user, owner...
I'm almost shure you can't use your wm device to locate a client of a network, unless you can switch your wlancard to ap-mode and he connects to you ^^
Nope, need signal strenght reader if poss.
Thanks for the comment, but I'm pretty security savvy, and have done most of what you recommend.
I actually can't believe he's still getting in when I've locked down so tight.
Anyway, it's a CLIENT signal strengh program that I'm trying to find.
Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.
What means most of that what i recommended?
Did you actually change the router password AND the wlan key?
Sorry, I don't think that you can trace him with your mobile. as long as hes not connected to your mobilephones wireless network (wich requires your mobile wlan device to switch to ap-mode).
Forget about that.
Please tell us, why do you think somebody is on your network, how did you find out... whats the "evidence" for you that there is somebody.
I'd like to help u, but i need some further details to lock him out.
I hope you know that its just a matter of minutes to break a wep key. GPUs are used to decode it, which is damn fast!
So please provide more specs about your network.
Greetings
1: Use WPA instead of WEP.
WEP is crackable in a matter of seconds.
2: Assign access control/MAC filtering
3: Use your network in ad-hoc mode
Well, WPA is crackable too.
The person in question might change his MAC to yours and create collisions anyways
Can you be sure that he has really associated with your router. I have noticed some client/router combinations "apparently" associate but all traffic is blocked because they did not provide the right key.
As others say - use WPA WPA2 and use a strong (non dictionary) passphrase
get a computer that can run airodump or something similar.
run airodump with it set to the channel of you router - not in hopping mode as you will miss lots of packets.
Airodump will tell you the strength of the signal from his computer so if you have this on a laptop you can move around and possibly can an idea roughly where he is
Thank you, i will try Airodump
Thanks in particular Scote.
I didn't list the router config simply becuase I am confident it's pretty secure:
Router is a new Belkin N1
- 63 random char password from grc.com/passwords
- SSID is "netgear" even though its a Belkin : intention to mislead for access URL.
- WPA2-PSK AES encryption
- SSID not broadcasting
I didn't bother with MAC filtering, as I understand a good 'hacker' can spoof it : If this guy can get through WPA2 I would say he can probably MAC spoof.
My 'evidence', is that up to 3 unkown computers turn up on the 'Clients List', around 4 hours after I change the SSID/password : Each time.
I have 2 laptops, so I will try Airodump or maybe Backtrack (suggested elswhere) on these as a 'direction finder' based on signal strength.
Hmmm...I did read somewhere you can set a Kaiser to be an access point...
Thanks all
Yes you can.
Someone found his stolen Wii/mobile phone (don't remember which one) that way.
There was even an article on the net.
I've had the captivate about 24 hours now and dig it. I've rooted it and remove the att bloatware (per titanium backup), I've also performed a backup using Rom Manager.
I'm having trouble getting it up and running on an enterprise wireless what uses 802.1x PEAP authentication. I can get through all the auth. steps, and the device is assigned an IP, but I am unable to do anything that requires an internet connection; browser, market, etc.
Has anyone else ran into this issue?
*****EDIT*****
sigh i just realized that this is in the wrong area, it should have been over in development...i'm an idiot
I had a similar problem on a WEP-encrypted network, which I fixed by setting a static IP on the phone and then setting it back to DHCP (the correct setting). However, your problem could be entirely different than mine (not that I even am sure what my problem was, just that I fixed it!)
Best of luck!
Having the same problem on enterprise access points regardless of encryption. Home wifi netwroks work great (open and WPA2). Enterprise APs (open and WEP) connect and give me an IP, but will not transfer data. Think its a driver issue with the Wifi, it happens on every captivate ive tested, and seems to be more widespread than the GPS issue.
I have had the same issue with my work at work. I can get it to connect and get a ip but can not pass any data.
Sent from my SAMSUNG-SGH-I897 using XDA App
Had the same problem at work. Luckily I'm an admin and figured mine out. Our monowall portal was the issue. I can give a detailed answer for my problem tomorrow when I get to work.
I actually had the cap wiped to go back, then I literally figured out the problem. Thanks go out to my team mate for helping me talk through this.
Sent from my SAMSUNG-SGH-I897 using XDA App
can't wait to hear what your fix was!
Sent from my SAMSUNG-SGH-I897 using XDA App
This sounds more like your network not being allowing your device rather then the device having an issue.
it's been frustrating as I know two other guys with android devices that didn't have an issue. one is a droid eris running 2.1 and the other is a nexus one running 2.2.
Sent from my SAMSUNG-SGH-I897 using XDA App
designgears said:
This sounds more like your network not being allowing your device rather then the device having an issue.
Click to expand...
Click to collapse
Worked closely with my highly experienced network admin in my dept. for an afternoon (we had some time to kill). He checked the firewall and dhcp servers, ran packet traces, etc.
With what I'm experiencing, its the device. These wifi networks we use with Cisco APs are completely wide-open. All other phones and mobile devices have always worked great for years. We rely on this network for many custom applications and mobile tools.
Once the dhcp server leases an address, it seems like the radio stack hangs, and the device ceases communication. Here's an older thread on the exact issue over at androidfouroms: http://androidforums.com/samsung-captivate/130403-wifi-terrible.html
I have tested multiple new unmodified captivates and the issue is identical accross the board.
Now that I am at work, and have coffee in me and not beer, I will go through the problem I had with miCap and works wireless. Due to my skeptical ways, I will be semi vague for security purposes. On with it.
When I originally got miCap (pet name for it) I was able to access our public wifi. It allowed me into the public portal to agree to terms. I played a little bit on it, but wanted to see if I could access our private wifi. I got in the private no problem. But after that I never was able to get back on to our public. It did the same thing as I've read. It got an ip no problem (via dhcp) and acted like all was well. No browser, or ap could get a connection. The phone would not switch over to 3g to get info.
Armed with ip and mac address, my co-worker and I started to did through our monowall. ( He also has a cap that had no issues on public or private). We try tried reserving the ip for miCap, didn't work. We tried static ip, didn't work. I spent the morning completely wiping miCap to get it back to return worthy.
This was when I decided on last ditch effort.
Our ap's are cisco's that connect into monowall. I got into monowall and dug around. I found that with in the captive portal (how fitting) that the ip/mac associated with my phone hadn't checked in for 8 days. Even though I tried everyday. I deleted the entry to the phone there and suddenly my phone was getting access again.
Now I understand that this may not help everyone, because setups vary from place to place. But digging deeper into configurations at the access points may be what is needed. Do I think the phone had nothing to do with it? No, I think it helped aggravate the problem.
We have had problems with the Intel 3945abg chipsets with the same exact setup. That problem was fixed with driver updates on the laptops.
sorry for the long winded reply.
So in a nut shell you deleted the DNS entry for that ip/mac in the firewall and you are working.
Pmac25 said:
So in a nut shell you deleted the DNS entry for that ip/mac in the firewall and you are working.
Click to expand...
Click to collapse
Essentially yes. But it is not listed like that in the portal. Hmmm. I wonder about the combo of dhcp/dns being the culprit.
I was able to resolve this issue by changing my connection settings from DHCP to static for the Cisco APs.
Installing WiFi Buddy from the market allowed me to access these connection settings.
I just used an address from our static IP pool.
Manually set IP, subnet, gateway, and DNS, and now im finally rolling on our enterprise wifi network
I sent a help ticket into samsung; maybe if enough folks do we can get it on their radar.
jhannaman82 said:
I was able to resolve this issue by changing my connection settings from DHCP to static for the Cisco APs.
Installing WiFi Buddy from the market allowed me to access these connection settings.
I just used an address from our static IP pool.
Manually set IP, subnet, gateway, and DNS, and now im finally rolling on our enterprise wifi network
Click to expand...
Click to collapse
you can set the ip manually with out an app. When on the wifi screen, hit menu-advanced. This is a good time to set the wi-fi sleep policy also.
phlunkie said:
you can set the ip manually with out an app. When on the wifi screen, hit menu-advanced. This is a good time to set the wi-fi sleep policy also.
Click to expand...
Click to collapse
Thanks for that, i figured the menu was built in somewhere just never found it.
:thumbsup:
UPDATE
So I flashed the i9000 Eclair rom last night, and when I got into work today I can connect and use the wifi here. So looks like something AT&T buggered up, big surprise there, when they "customized" the captivate.
As much as I normally love blaming AT&T for problems, that can't be done here. My Captivate (running Stock Firmware) connects just fine to my work network. We use 802.1x with PEAP/MSCHAPv2 for authentication.
Anyone been able to connect at over 802.11b speeds while connected to an 802.1x network? I show connections at G and N speeds on my WPA2 network but nothing over 11Mbps on 802.1x.
Sent from my SAMSUNG-SGH-I897 using XDA App
Hi,
I am also having problems with my work wifi network.
It is 802.1x, on TTLS/PAP it also requires a thawte premium server ca certificate insalled.
Is there any way to connect this kind of networks?
With my previous iphone 3g it was taking only 4-5 seconds.
I Have been doing some looking and testing of my device in regards to network routes.
I have used several tools both on the hd2 and tethered with some very crouis results.
The list is as follows
Trace route android hd2 using tmobile usa
Can someone tell me if the device has be targeted by virus or worm
n
10.168.189.10 (10.189.168.10.in-addr.arpa)
9.189.168.10.in-addr.arpa
21.189.168.10.in-addr.arpa
67.189.168.10.in.addr.arpa
49.189.168.10.in-addr.arpa
173.135.164.10.in-addr.arpa
149.135.164.10.in-addr.arpa
25.189.168.10.in-addr.arpa
36.189.168.10-in-addr.arpa
Post your routes and let's compare
If you are a dev and find this can help let me know I may be able to provide more information.
i dont understand what you mean or how did you test. Can you explain please.
Usually if you are tracing, you need a source IP address and a target IP address. It can be a specific single ip address or an ip network. So how do you test this, do you use a router and connect to it via wifi or do you use data connection? Or are these IPs you provided the targeted ones?
whys this in the dev section? this should be in the Q&A section
This makes no sense. A traceroute is a command that will tell you all the hops it takes to get from point a to point b, and the latency timing between them. That will in no way tell you if you have a virus or not. If you went into a command prompt on windows, for example, and typed tracert www.google.com it would show you the route it took to get there. This route can be different depending on when it's run.
Now, if you're really worried, and you have an ip that's been connecting to you, and you're unsure of it, a good place to start would be running an nslookup or a whois and seeing who it's registered to.
Even then, however, I still have no idea what it is your even asking. Perhaps a little more info? (And like others have said, wrong section.) Perhaps if you even told us what tools you used, and what your were looking for...
Ok I used several (targets) google.com, yahoo.com, IBM.com and so on.
Ok this is not the total list of the trace log only the ip and servers i don't understand or can't explain.
I used both my hd2 as the source and as a pass-thru as a hotspot.
The trace route command tracks the path to the target. As you can see from my data the traffic I'd several address not even listed in the US but in the UK. I am wondering why the phone might doing this as in a worm, virus, ghost program?
/sigh
Again, this is not what the traceroute command is used for. It's used when you can't hit a certain address, and you want to find out where the signal is getting lost/stopping. Traceroute has nothing to do with viruses, or virus detection. You just don't seem to understand how internet routing works.
Seems like it's time for you to google networking, tcp/ip, ip4, traceroute, etc... start reading about this stuff. In the interest of saving time, however, what you're doing is like me bringing my car in for service worrying that something is wrong with it mechanically because the gps is telling me to turn on the wrong street.
?
Maybe i am confused?
Maybe I don't know what i am talking about you try it and post what you get please.
Try out the app Landroid from the market and post what your routes are.
My WiFi keeps disconnecting at random times i am running on a router/modem Belkin and comcast is my provider if that means anything,my xoom,netflix and ps3 are good.It's my old phones like droidx,samsung fasinate and bionic.All three phones are out of service but worked before when they were disconnected from verizion,it started this week.
Under wifi it will say scanning then obtaining ip address then connected to WLAN,then repeat all over again.
This is no big deal,and I have some time so I threw this question out there to try and figure it out.
THANKS
P.S.... I tried changing channels in router page,unplugged router and went back to my old settings.
Did you check the screen off settings? It's possible your MAC address of your phone has become blacklisted automatically by your router as well. Just a couple things to check.
can you tell me where i can find the mack address.thanks
The MAC Address can be found on Android phones in :
Parameters > About phone > Status
Right below your IP Address, you should have your MAC address.
.
this wont fix your router, but make sure your gateway from comcast has been bridged or else you're running a double NAT and will have sporadic DNS error when the comcast DNS servers have to outsource the lookup to other servers...
Have you set any static IPs? If so, make sure they don't fall in your DHCP range as this can cause IP conflicts. Also make sure you're close enough to your router to get a good signal.
It's also possible that you just have a crappy router. ISPs are notorious for giving out garbage.
ConfusingBoat said:
Have you set any static IPs? If so, make sure they don't fall in your DHCP range as this can cause IP conflicts. Also make sure you're close enough to your router to get a good signal.
It's also possible that you just have a crappy router. ISPs are notorious for giving out garbage.
Click to expand...
Click to collapse
+1, but he has a seperate Belkin... crap router... needs to get a highend Cisco, and bridge the gateway to prevent DNS issues...
DNS should never be a problem as long as you're not using the ones from your ISP. Use the Google public DNS (8.8.8.8 and 8.8.4.4) or some other reliable public DNS service. Years ago when I used the DNS servers from Qwest or Comcast my internet would randomly **** out every few days until I renewed my WAN DHCP.
Also, as far as routers go, I personally use a high-end Buffalo (cost me $80 new) loaded with DD-WRT and a NetGear WNDR-3700 with DD-WRT. Great routers, great firmware. If you have any reasonable amount of tech knowledge I would highly recommend using it.
Let me explain... I worked for Comcast for 2 years... He stated he is running a modem/belkin combo... That's not enough info to determine if he has two separate devices, or and all-in-one Gateway...
If he is using an all-in-one Gateway, and decides to use his own personal router, the Gateway MUST be placed into bridged mode, disabling it's built-in router. If that is not done, he is running a double NAT and will have sporadic DNS issues when the Comcast DNS servers cannot perform the lookup, and have to outsource them to another set of DNS servers...
And yes, Google DNS FTW
In any case it doesn't sound like a double-NAT issue as he said his other devices work fine, and any future double-NAT could be resolved by simply turning the wifi off on any applicable combination device (modem/router combo) and simply running any other routers in infrastructure (AP) mode. Either that or you could place the new router in a DMZ, effectively disabling NAT altogether without actually turning it off. There are many ways to skin a cat, especially in IT.
Btw I'm a developer / network admin at an information services company
ConfusingBoat said:
In any case it doesn't sound like a double-NAT issue as he said his other devices work fine, and any future double-NAT could be resolved by simply turning the wifi off on any applicable combination device (modem/router combo) and simply running any other routers in infrastructure (AP) mode. Either that or you could place the new router in a DMZ, effectively disabling NAT altogether without actually turning it off. There are many ways to skin a cat, especially in IT.
Btw I'm a developer / network admin at an information services company
Click to expand...
Click to collapse
I understand, but having the ISP place it into bridged mode is easier... It's still unclear what equipment he has.
BTW, I don't care...
Quasimodem said:
I understand, but having the ISP place it into bridged mode is easier... It's still unclear what equipment he has.
BTW, I don't care...
Click to expand...
Click to collapse
I'm not sure if you realize it, but your response seemed a little crude. My profession is every bit as relevant as you having worked for Comcast, and helps add credibility to my input regardless of whether or not you care.
Now, before this gets derailed into a geek-knowledge **** size contest...
If other wireless devices are working fine as the OP stated and all the affected devices are as small as a phone, it really starts to sound like a poor signal / interference issue. If the OP is in an older building, a building which utilizes dense materials or is full of anything else that may add to the signal attenuation, that could be part of the problem.
Another possible cause is that the DHCP pool isn't big enough to address all of the OP's devices. That's not to say there's not enough free addresses though, as the OP could just increase the pool size.
Or, again, it could just be that the router doesn't have the hardware to support as many devices as are trying to connect.
We really won't know until the OP replies with more information.
Quasimodem said:
this wont fix your router, but make sure your gateway from comcast has been bridged or else you're running a double NAT and will have sporadic DNS error when the comcast DNS servers have to outsource the lookup to other servers...
Click to expand...
Click to collapse
ConfusingBoat said:
I'm not sure if you realize it, but your response seemed a little crude. My profession is every bit as relevant as you having worked for Comcast, and helps add credibility to my input regardless of whether or not you care.
Now, before this gets derailed into a geek-knowledge **** size contest...
If other wireless devices are working fine as the OP stated and all the affected devices are as small as a phone, it really starts to sound like a poor signal / interference issue. If the OP is in an older building, a building which utilizes dense materials or is full of anything else that may add to the signal attenuation, that could be part of the problem.
Another possible cause is that the DHCP pool isn't big enough to address all of the OP's devices. That's not to say there's not enough free addresses though, as the OP could just increase the pool size.
Or, again, it could just be that the router doesn't have the hardware to support as many devices as are trying to connect.
We really won't know until the OP replies with more information.
Click to expand...
Click to collapse
If you read my post above, you will see that his equipment is unknown, and i was providing a helpful tip if in fact he does have a gateway device.
Why in the world would you have him check all you mentioned when it's most likely easily fixable?
**** measuring? I think you just showed yours is smaller..
PS - I accidentally thanked you...
I was just throwing some ideas out there as food for thought because there's a lot that can affect a wireless connection, especially on devices as small as phones.
And my comment about "**** measuring" was thrown in solely because your responses come off rather condescending, especially when you begin with this:
Quasimodem said:
Let me explain... I worked for Comcast for 2 years...
Click to expand...
Click to collapse
Sorry if I offended you somehow, and I'm sure you're actually a nice and helpful person, but you just come off as a know-it-all prick.
ConfusingBoat said:
I was just throwing some ideas out there as food for thought because there's a lot that can affect a wireless connection, especially on devices as small as phones.
And my comment about "**** measuring" was thrown in solely because your responses come off rather condescending, especially when you begin with this:
Sorry if I offended you somehow, and I'm sure you actually a nice and helpful person, but you just come off as a know-it-all prick.
Click to expand...
Click to collapse
It's all good man, sometimes I'm like that... but we still don't know if he has a gateway device... from memory, belkin doesn't make gateways.... He just needs to optimize his router settings to WPA2-PSK and limit the radio to N only if that's all he's got... A gateway is a different animal and needs to be bridged... Uncheck avoid poor connections...
Why would it only be happening with the phones though, that's my main beef.
ConfusingBoat said:
Why would it only be happening with the phones though, that's my main beef.
Click to expand...
Click to collapse
Cause it's a belkin... and uncheck avoid poor connecions...
At work i was playing around with some networking and noticed some weird things. I kept seeing a rogue DHCP server coming up from an IP that I traced to Taiwan. After some time on Wireshark and using this tool I found that every time my Nexus 6P connected to our WiFi it would for a split second send out a DHCP offer to the network on behalf of that Taiwan IP. I thought "Oh My, did I get some malware?". So I reformatted the phone and with a fresh install of the latest Pure Nexus, sure enough on the Setup screen (not even booted all the way into the ROM yet) when I put in the WiFi credentials for the first time, the same broadcast goes out over my LAN. WTF. Is this some sort of phone home backdoor from Huawei or what? I know some phone malware can get in below the ROM level and basically turn your phone into a hypervisor. Hopefully that is not the case or I'll have to toss it in the trash...
Any help is appreciated.
Any easy way for non-techie users like myself to check and verify this?
Bump
Sent from my Nexus 6P using XDA-Developers Legacy app
treesurf said:
Any easy way for non-techie users like myself to check and verify this?
Click to expand...
Click to collapse
Download the dhcp find program and run it from your workstation.
https://www.symantec.com/connect/downloads/detect-rogue-dhcp-servers-network
When it runs it broadcasts a request over your network as if it were a device needing an IP address. Your router or server that controls your DHCP will respond with an offer IP to hand out. A common malware attack is a DHCP man in the middle attack where the rogue DHCP server sends the response before your DHCP server does and it then gives the client machine a different DNS server that is usually some sort of proxy for showing you ads or changing your internet experience for the worse etc. If the wifi hotspot was enabled you'd expect this because the phone does indeed become a DHCP server in order to hand out an IP to your leeching device to tether with. But I have that turned off so that is not the case unless there's a bug in the software.
Once you run that program (your phone needs to be connected to your same network), then turn the wifi off on your phone and then back on again. For me when it joins my Wifi it pings out a DHCP broadcast as shown in my screenshot. It's from an outside IP, originating in Taiwan if you trace it. I have geographic location blocking on my router so its impossible for traffic to actually get to me from that IP but that is what the phone is broadcasting out. I'm a long time sysadmin so I pay pretty close attention to these things i guess.
@Budwise, can you fish flash factory images and check to see it if happens on stock? If not I would definitely report this in the Pure Nexus thread.
I found that I was seeing some odd behavior even when it wasnt connected via WiFi so I believe it happening when it connects is a side effect of something else going on. I think this can be closed.