34. Wireless Networking
Wireless Networking in Windows 7
Wireless networks are everywhere. From home to work to just about everywhere on the road, it seems like you can fire up a wireless-capable device and get connected no matter where you are. Wireless networks are popular for several reasons, including low costs to get started and, more important, ease of configuration and use.
With the rapid growth of wireless networking has come evolving standards. The 802.11 series of standards was implemented in wireless hardware and software to ensure interoperability among vendors. However, that hasn’t stopped wireless hardware vendors from extending their hardware with proprietary add-ons. One thing is certain: The standards that define wireless networking change rapidly. Although at the time this was written the upcoming 802.11n standard has not yet been ratified, it will be an important step in the evolution of wireless networking.
Microsoft recognized the popularity of wireless networks among its users. This recognition translates directly into a much improved and enhanced wireless networking experience in Windows 7. Wireless networking is now part of the native networking stack in Windows: Drivers have been updated and improved, and tools such as the Network Diagnostics Framework help in troubleshooting when things go wrong. Microsoft has even taken steps to reduce some of the security problems inherent in wireless networking.
Types of Wireless Networks
Most wireless networks use a wireless router, base station, or access point. These are called infrastructure networks; all communications on the network are between the computers and the access point. You can also tie a group of computers together without an access point, and this is called an ad hoc network. In this type of network, the computers talk directly to each other. A common scenario for using an ad hoc network is where a group of business people connect together at a conference table in order to share files and information.
This chapter shows you how to use infrastructure networks that have already been set up. We also discuss creating an ad hoc network for quick file sharing between a group of computers at, for example, a meeting.
For information on setting up a new wireless network for your home or office, see “Installing a Wireless Network” on p. 463.
Take Care When You Share
Wireless networking is just another network connection type as far as Windows is concerned, so file and printer sharing is also available. Other wireless users can work with your shared folders, files, and printers, just as if you and they were connected to a wired network. This might be just what you want in your home or office, but at a public location or when using an unsecured, unencrypted wireless network, everyone else who connects to the network, whether you know and trust them or not, might also be able to get to your same shared folders, files, and printers.
To prevent random, unknown people from seeing your shared resources, Windows 7’s Network Location feature helps to keep track of the relative safety of various networks to which your computer connects, and enables and disables services based on the type of network. The three predefined location types are domain network, public network, and private network. In more detail, the standard types are as follows:
• Public network—A network where other computers and users can’t be trusted. The Public network location should be selected for any network link that is directly connected to the Internet without an intervening router or hardware firewall, a network in a café, airport, university or other public location, or a home or office that you are visiting. When you designate a network as a Public network, Windows file and printer sharing is blocked to protect your computer.
Note
If you need to change the location, just click on the displayed location name displayed in the Network and Sharing Center.
Windows can take up to a couple of minutes to prompt you after you’ve connected to a new network for the first time. For whatever reason, you can’t hurry the process along. During this time, it will treat the network as a public network, and nothing will happen if you click on the location name to try to change it. Just wait for Windows to prompt you.
• Home network or work network—A network that is trusted to be secure. If the network has an Internet connection, you know it to be protected by an external firewall or a connection sharing router. You trust the users and the other computers on the network to access files and printers shared by your computer (with or without a password, depending on the Password Protected Sharing setting in the Network and Sharing Center window). Examples of Private networks are home or business networks managed by you or someone you trust.
• Domain network—A network that is managed by one or more computers running a Windows Server OS. This is a trusted network, and the security of the network and its member computers is managed by network administrators.
Caution
Be sure to select the appropriate network location when Windows prompts you after you’ve connected to a new network. If in doubt, select Public. You can always change it to a less restrictive setting later if you find that you can’t use the network services you need.
The first time you connect to a given network, Windows will prompt you to select the appropriate network location. You can view the current setting through the Network and Sharing Center. On Domain networks, this location is automatically set but it can be changed for other types of networks through the Network and Sharing Center.
Several settings that affect the security of the computer are changed automatically by Windows 7 when you connect to these various types of networks. On Domain networks, Group Policy configures the settings for network discovery and file and printer Sharing alike. When you connect to a Public network, Windows disables network discovery and file and printer sharing.
After connecting, you can change these default settings, but you really should not enable file and printer sharing when you’re connected to a network that might contain computers that are unknown to you or are not under your control.
Joining a Wireless Network
Windows 7’s new “View Available Networks” pop-up list makes connecting to a wireless network easier than ever. This section shows you how to connect to wireless networks in some common—but distinctly different—scenarios.
In the Corporate Environment
Wireless networks in a business setting are frequently configured using automated means. For large enterprises, your computer will be preloaded with a certificate, a sort of digital fingerprint that identifies your computer as being authorized to use the corporate network, and the wireless network will be configured for you. Wireless network clients can now be configured via Group Policy (“Via Group Policy” is short for “By other people, and there’s nothing you can do about it”) and through the command line by using new netsh commands for wireless adapters.
At Home or the Small Office
A wireless network at home or in a small office usually doesn’t have the same configuration needs as in a large enterprise setting, and home users and small offices usually don’t have domain controllers and Group Policy infrastructures at their disposal. Wireless network configuration is usually done manually in these environments, first by purchasing and obtaining an access point, then by configuring that access point, and finally by configuring one or more wireless client computers to connect to the wireless network.
When you first plug a Windows-compatible wireless adapter into the computer (or if your computer has an adapter built in), you can begin the process of connecting to a wireless network.
Tip
Always be sure to change the default management password on any access points or routers that you purchase. Even if it means writing the password on a piece of paper and taping it to the bottom of the device, this is still more secure than leaving the default password in place.
When you are not currently connected to a wireless network, but your wireless adapter can receive signals from one more networks, Windows may pop up a notification box letting you know that a connection is available. Alternatively, you can click the network icon in the taskbar, over near the clock, and Windows will display a list of available wireless networks, as shown in Figure 34.1.
Figure 34.1 Click the network icon in the taskbar to open the View Available Networks popup window. Then, select the wireless network you wish to use.
To begin the process of connecting, click on a network name, and then click Connect.
If the network is secured, Windows will prompt your for the network’s security key or passphrase, which you must obtain from the network’s owner. By default, Windows will display the letters and/or numbers you enter so that you can see that you’re typing them correctly. If you’re concerned that someone might be peeking over your shoulder, check Hide Characters. Click OK, and the connection will be completed.
Windows will save the settings you entered for this network as a profile, which will let you reconnect to this network the next time you start Windows at the same site. You can change these settings, as described later in this chapter under “Managing Wireless Network Connections.”
Windows Is Unable to Find Any Networks
If you are using a laptop and the list of available wireless networks is empty, check to see whether your laptop has an on/off switch for the wireless adapter (this is put there to let you save battery power when you’re not using the network). Be sure the switch is turned on, and then click the Refresh icon in the upper-right corner of the View Available Networks pop-up window. This usually solves the problem!
Also, be sure the wireless network adapter is enabled in software. Click the network icon in the taskbar, select Open Network and Sharing Center, Change Adapter Settings, and see if the wireless network connection icon is labeled “Disabled.” If so, right-click it and select Enable.
If that’s not it, there is a chance that your computer isn’t within range of any wireless access point. I’ve been in hotel rooms where the wireless signal is almost nonexistent in one room but excellent in a nearby room. Radio interference is just one of the causes of weak or no signal when connecting to a wireless network. Unfortunately, there is little that can be done about this problem aside from moving closer to the access point or, in the case of interference, removing the source of the interference.
Once you’re connected, you can configure file and printer sharing from the Network and Sharing Center. For more information on sharing files and folders, see “Sharing Resources,” p. 561.
In Someone Else’s Office
When you’re away from home or the home office, you might find yourself connecting to another person’s wireless network. A common scenario is where you visit someone’s office and need to access files on their network, or people on that network need to access files on your computer.
When connecting to a someone else’s network, it’s important to make sure that you’re not inadvertently sharing files and folders that you don’t want to share. Refer to Chapter 20 for additional information on sharing files safely. You should be sure that your network location is set correctly to protect your computer from being explored by other users:
1. Click the network icon in the taskbar, and then select Open Network and Sharing Center.
2. Note the network location type, which is displayed under the name of the network in the View Your Active Networks section. Click the location name to change it. Your options are as follows:
• If the people at the new network won’t need to access files that are located on your computer, set your network location to Public so that Windows disables file sharing entirely. You can still access shared files on their computers.
• If you need to let others use files or printers shared by your computer, select the Work location. If you want to require others to have an account on your computer in order to access files you’re sharing, be sure Password Protected Sharing is enabled: Click Change Advanced Sharing Settings, scroll down, and select Turn On Password Protected Sharing.
At a Public Hot Spot
Public wireless network hot spots (also called WiFi hot spots) are quite helpful when you’re on the road and need to check email, get travel information, or just surf the Web. But public hot spots can also be places for would-be attackers to find easy victims.
One path for attack at a public hot spot is through files that client computers accidentally share. Be sure that the network location on your computer is set to Public, which will disable file sharing:
1. Click the network icon in the taskbar and select Open Network and Sharing Center.
2. Note the network location type, which is displayed under the name of the network in the View Your Active Networks section. If it doesn’t say Public, click the location name and select Public.
On open, unsecured public hot spots, it’s quite common to have eavesdroppers listening to other people’s wireless traffic. Even if the network is secured with encryption, it’s possible for an eavesdropper to listen to traffic by using software to break the encryption scheme—it can take them mere minutes to break WEP encryption, for example.
Tip
On a public wireless network, it’s best to avoid using an email program that uses the POP or SMTP server protocols, and to avoid using FTP (File Transfer Protocol) with a username and password, unless you are certain that the client programs use an encrypted connection.
So, at a public location, you should be very careful when you use websites that display sensitive information or that require you to enter a password. It’s best if the website uses the https: URL prefix, so that even if someone was eavesdropping on the network they couldn’t see your passwords or data.
Unable to Connect to Wireless Network
Sometimes, when you attempt to connect to a wireless network, you are not asked to enter a key, or the connection never completes.
For several reasons, you might not be able to connect to a wireless network even though Windows says that the network is otherwise in range and available. With anything from poor signal strength, an incorrectly typed encryption key, to problems with the wireless access point or DHCP server, the range of problems that can arise when connecting to a wireless network seems limitless.
The View Available Networks list that pops up when you click the taskbar’s network icon indicates signal strength next to each wireless network, as a series of green bars. If all or most of the bars are gray, the signal might be too weak at your location to use.
In the case of an incorrect security key, Windows won’t be able to connect, and it won’t be entirely sure why it can’t. If you are establishing a connection to the network for the first time, a dialog box will report the vague diagnosis “possible security key mismatch.” The thing to do if this happens is to try again until you’re sure that you’re entering the key correctly.
On a previously successful, established connection profile, you won’t see a dialog box, but instead the connection’s status will be reported as “limited access” (meaning, really, no access at all, but Windows is hanging on to some sort of unwarranted optimism). The network’s owner may have changed the security key. To fix this, right-click the icon in the list of available connections, select Properties, check Show Characters, and correct the security type, encryption type, and security key.
Ad Hoc Networks and Meetings
Earlier in the chapter, I discussed joining a wireless infrastructure network, where computers with wireless adapters communicate with each other, and possibly also with wired networks and the Internet, through a base station called an access point or a wireless router.
Another use of wireless networking, called ad hoc networking, involves two or more computers with wireless connections that can communicate directly with each other without an access point or router.
You can set up an ad hoc wireless network between two or more Windows computers so that you can share files without requiring any additional hardware. This can be handy at a meeting, in a conference room, at home, or when working with a client—anywhere that you want to connect computers to share files and printers.
One computer needs to “create” the network. Then, any others can join it using the standard connection process described in the previous section “Joining a Wireless Network.” To create an ad hoc network on Windows 7, follow these steps:
1. Click the network icon in the taskbar and select Open Network and Sharing Center.
2. Click Set Up a New Connection or Network, scroll down and select Set Up a Wireless Ad Hoc (Computer-to-Computer) Network, and then click Next twice.
3. Choose and type in a name for your new network. This name will appear in the list of available connections on other computers.
4. Select a security type. If all the computers that need to join the network support WPA2 (Windows 7, Vista, and XP SP3 certainly do), select WPA2-Personal; otherwise select WEP, or if you want no security at all, select No Authentication. (However, because you’re almost surely setting up this network to share files, using no security means anyone could connect and possibly see the shared files—it’s dangerous!)
5. If you selected WPA2 or WEP, enter a security key. For comments about selecting a key, see “Longer Is Better” on page 466.
6. If you might want to reconstruct this network again, at a future meeting perhaps, or if want to you use this as your permanent office or home network, check Save This Network. Finally, click Next.
7. When the setup wizard has finished, click Close. The network will start functioning once other users locate it and connect to it.
To connect to this new ad hoc network, other users can have their OS display a list of available networks and locate the one you created; or, if you elected to save the network profile in step 6, you can give them the setup profile using a removable USB (flash) drive, described shortly under “Copying Wireless Profiles to Other Computers.”
To terminate an ad hoc network, click the taskbar’s network icon, select the ad hoc network, and click Disconnect.
Managing Wireless Network Connections
If you travel and connect to different networks, you will soon collect a list of several preferred (preconfigured) networks.
When Windows is not currently connected to any wireless network, Windows scans through this list of preferred networks in order and automatically connects to the first one that is in range. In most cases, you will only be within range of one of the networks you want to use, and this system will work without any adjustments. Windows will automatically connect to a network that you have previously selected, and will ignore any other networks that are in range.
Changing Wireless Settings
If you have to change the security information for an existing wireless connection, find the connection’s name using one of these methods:
• Click the network icon. If the connection is in range, it will appear in the list of available connections.
• If the wireless network is not listed, click Open Network and Sharing Center, Manage Wireless Networks. The network should be listed here.
Right-click the network name and select Properties. You can change the security type and security key in the Properties dialog box.
Switching Between Wireless Networks
If you are in an area that has several wireless networks to choose from, you may notice that Windows always connects to your network and doesn’t bother you with the others (unless yours goes offline for some reason). The reason is that once you successfully connect to a new network, Windows remembers the network’s details as a “profile,” which is a collection of settings for a given network. By default, Windows searches this list of wireless profiles and automatically connects to the first one that it finds is available. This lets you move from place to place, while Windows automatically connects to whatever network is appropriate.
However, if you find that your computer is in range of more than one of the networks you actually use, you may have to manually instruct Windows as to which one you wish to use, because given a 50/50 chance of picking the wrong one, 9 times out of 10 it will.
To deal with this, you can manually switch networks: View the list of available networks by clicking the network icon in the taskbar. Click on the active network and click Disconnect. Click on the desired network and click Connect.
This will take care of things until you leave the area and then return. If you want to make the network preference permanent, you need to prioritize your wireless connections as described in the following section.
Prioritizing Wireless Network Connections
If you routinely work in an area where your computer can receive signals from several networks that you actually use, you can tell Windows which one to use in preference to the others.
To prioritize your wireless network profiles, follow these steps:
1. Click the network icon in the taskbar and click Open the Network and Sharing Center.
2. Select Manage Wireless Networks, to see the window shown in Figure 34.2.
Figure 34.2 Manage Wireless Networks lets you prioritize, rename, delete, reconfigure, or copy wireless network profiles.
3. Right-click a wireless network that you prefer to use when other listed networks are also available. Then, select Move Up. Repeat this until the entry is above the entries for other networks that are available in the same location.
Tip
The names shown in the list of network profiles are the networks’ SSID names by default, but you can change the names to something more meaningful to you. A network might have the SSID “evelyn,” for example, but “Home Wireless” might be more informative. To rename a network profile, right-click its entry and select Rename. The taskbar network icon’s View Available Networks list will display the new name, too.
By default, Windows will “stick” with one connection until it goes out of range. If you have a preferred network that you want to use whenever it becomes available, even if another network is connected, prioritize that network higher than the others. Then, for each of the others in turn, right-click the network profile, select Properties, and check Connect to a More Preferred Network if Available. If you have networks that you use occasionally but do not wish to use automatically, right-click the network profile, select Properties, and uncheck Connect Automatically when This Network Is in Range.
Copying Wireless Profiles to Other Computers
If you have created a regular or ad hoc wireless network profile on your computer, you can easily copy the profile to other computers so that they can access the wireless network without anyone having to type in the security key again. To copy a wireless profile, follow these steps:
1. Click the network icon in the taskbar, click Open the Network and Sharing Center, and then click Manage Wireless Networks.
2. Right-click the icon for the desired wireless network and select Properties.
3. Click Copy This Network Profile to a USB Flash Drive. Insert a USB drive and Windows will copy a program named setupSNK.exe and some supporting files to the drive.
4. When the wizard has finished, remove the USB drive.
Now, you can take this drive and insert it in other Windows 7, Vista, or XP computers. If AutoRun is enabled, the setupSNK program will run automatically. If AutoRun is disabled, as it is by default on Windows 7, browse into the drive’s contents and double-click setupSNK.exe. It will add the ad hoc network’s profile to the computer.
When you have finished adding computers to the network, delete from the USB drive setupSNK.exe, autorun.inf, and the entire folder named SMRTNTKY, so that your network’s security key isn’t left hanging around for others to discover.
Adding a Network Manually
When Windows encounters a new network and you elect to connect to it, Windows will automatically create a profile to save the network’s settings. A network that does not broadcast its network name (SSID) will not appear in the list of available networks. To connect to such a network, you must enter its connection information manually. You can also create a profile manually in advance of first encountering a network. To create a new profile, follow these steps:
1. Click the network icon in the taskbar and click Open Network and Sharing Center.
2. Select Set Up a New Connection or Network, and then select Manually Connect to a Wireless Network.
3. Enter the network’s name (SSID), set the security type, and enter the key, if required.
4. For a network that broadcast its SSID (a network whose name will appear automatically in the available network list), you can check Start This Connection Automatically.
For a network that does not broadcast its SSID (a choice the network’s owner made in a futile attempt to hide his network from hackers), Windows may display the network in the list of available connections if it overhears the network in action. This might or might not happen. So, for such a network, check Connect Even If the Network Is Not Broadcasting. This network will now always appear in the list of (potentially) available connections. You should not also check Start This Connection Automatically. If you do, your computer will frequently broadcast the name of the network it’s looking for, which makes you vulnerable to being tricked.
5. Click Next, and then click Close to save the new profile.
To later connect to a network with a hidden SSID, open the list of available networks, click the name of the “hidden” network, and click Connect.
Deleting Network Profiles
To remove wireless network profiles—to unclutter the list after traveling or so that Windows will not automatically connect to them in the future—follow these steps:
1. Click the network icon in the taskbar and click Open Network and Sharing Center.
2. Click Manage Wireless Networks.
3. Select an unwanted profile, and click Remove.