Network and Internet Problems: Fixing Wired and Wireless Networking and Problems – Page 2

pcbuyerbeware.co.uk

Custom Search

This website has lost 75% of its visitors due to Google's search-algorithm update called Panda, which now favours Google's own ads and products, business sites and Wikipedia on the first page of search results, making finding information sites like this one difficult, so if you value it as a source of computer information please bookmark it.

Visit the Networking section of this site for information on wired and wireless networks.

NETWORK AND INTERNET PROBLEMS - Page 2

Click the relevant link below to go to that Q&A article. Use your browser's Back button to backtrack.

1. - What is the best way to install a wireless home network?

2. - How can a wireless network be made secure?

3. - One of the laptop computers connected to a wireless router is being blocked from accessing the web - Any program that tries to communicate via http:// using port 80 is getting communication errors

4. - How can I monitor my laptop's wireless network connection to make sure that no unauthorised users are logged on to it?

5. - Infected with password-stealing software: How can a computer be made secure against other such ActiveX vulnerabilities?

6. - Why is my @~#* ADSL modem NOT always on? AND Is it a security risk for a PC to have an ADSL connection always on?

7. - What do I need in a laptop/notebook computer to be able to have a wireless connection to the Internet?

8. - DHCP fails when connecting with a wireless adapter

9. - Sharing a broadband Internet connection: I tried using ICS and then a router and still can't make it work

10. - Is a second DSL connection possible on the same line?

11. - Worm infection: A "Remote Call Procedure" (RCP) error keeps Windows XP shut down

12. - A security alert prevents access to sites on the Internet AND Why can't I access secure websites?

13. - Why can't my wireless network work all over my house?

14. - Two dial-up disconection problems: Dial-up modem disconnects intermittently AND Dial-up connection gets dropped after a few minutes online

15. - An modem with a V.92 Intel chipset runs slowly

16. - Addressing the "A website has hijacked Internet Explorer's Home page setting" issue - AND other infections

17. - Two problems: Dial-up modem won't hang up in Windows XP, PLUS "You have just ignored an incoming call" message comes up when the modem disconnects

18. - Various problems with Outlook Express

19. - I don't want to use Internet Explorer but I can't get rid of it

20. - Proxy server problem: The 127.0.0.1 localhost address keeps coming up and blocking the download of an update from a particular site

21. - Is there any way of using two PCs with one monitor, keyboard, and mouse without using a KVM switch? - Using Remote Desktop in Windows XP Professional

22. - How can I remove the Apropos virus/spyware from my PC?

23. - How can I limit the bandwidth used by a computer sharing a wired Internet connection?

24. - A problem with the Norton Personal Firewall of the Norton Internet Security suite

25. - SMART enabled in the BIOS can cause reboots or crashes on a networked computer

26. - Problems with the Norton Internet Security suite

27. - How can I add extra wired (Ethernet) ports to my wireless router?

28. - How can I add an external hard disk drive or network storage device to my wireless network in order to record television programmes to it from my laptop?

29. - When I add extra laptop and desktop computers wirelessly to a mixed wired Ethernet and wireless network, all of the computers lose their Internet connections

30. - Why does only one of my two laptops connecting to the web via a wireless G+ router have a very weak signal stength?

31. - Both of my networked PCs can connect to the web, but one PC can't access the other's hard disk drive

32. - When I enter search words in Google, my Google search history is displayed. How can I delete it?

33. - Mixed media networks: Why can't I get my mixed wired and wireless network to share files?

34. - Why can't I find a router for my USB ADSL modem

35. - Internet Explorer running on Windows XP Pro SP3 brings up a privacy screen asking accept a cookie from 127.0.0.1 then locks completely

36. - Troubleshooting a wireless network consisting of a notebook and a desktop computer

37. - The sudden and inexplicable loss of their wireless 802.11b (Wi-Fi) Internet connections when using Windows XP

What is the best way to install a wireless home network?

The problem and questions

You have a four-bedroomed house. Three of the bedrooms are upstairs. You use one of them as a study, and you have a desktop computer in there that uses an ADSL broadband Internet connection via a wired router. It is networked by cable to a computer in one of the other upstairs bedrooms that shares the Internet connection. You want to install a wireless network connection in the computer in the bedroom downstairs, set up so that a laptop can be used to connect to the network from anywhere in the house. From reading up on the subject, you have identified several potential problems that you would like clarified. Would the speed of the wireless part of the network be significantly slower than the wired network? Would the use of mobile phones cause serious interference to the wireless network. Would there be interference from the microwave oven in the kitchen? And, finally, some articles you've read state that if the antenna of the wireless adapter is not in the line of sight of the wireless Access Point, the performance is reduced to an unacceptable level.

Answers

Note that if you don't use a broadband connection, you can network two or more computers together as an Ad Hoc network by using only PCI network cards or USB adapters in the computers and use the software called Internet Connection Sharing (ICS) that is built into Windows 98, Me, and XP, but not into Windows 95. The network cards/adapters don't require an Access Point (AP) in order to communicate with one another. However, you should use a router that has built in security options that protect the network from being hacked into or accidentally logged on to by neighbours that are using wireless equipment.

For more information on security read How can a wireless network be made secure? on this page.

The microwave frequencies used in wireless networking - the 2.4GHz and 5.0GHz bands - can travel for miles if they have clear line of sight, but they are bounced off buildings. The signal can pass through walls, but doesn't pass with the same strength through all of the different types of wall. Wood-framed plasterboard walls are easier to pass through than solid brick or walls containing metal reinforcements. The signal will also be reflected by objects, particularly from metal surfaces such as filing cabinets. These reflections could help the signal reach other parts of the building, but could cause problems if the receiving equipment is plagued with multiple reflected signals.

802.11a wireless networks (used in the US not Europe) operate using the 5.0GHz band. The disadvantage of using this band (only in the USA where it does not conflict with reserved usage) is brought about by its reduced wavelength, which is less than half that of the 2.4GHz band used by 802.11b equipment. This means that walls and other obstacles are much more of a problem for 802.11a devices, because they appear twice a thick to the shorter waves of the 5GHz frequency. (The higher the frequency, the shorter the wavelength.) Therefore 5GHz equipment will be far more adversely affected by obstacles and distance than equipment that uses the 2.4GHz band. This is the main reason for thinking that equipment using the 2.4GHz band will remain the more popular of the two types of equipment, even though the 5GHz band is much more free of interference and has many more channels than the 2.4GHz band. A latest available standard is called 802.11g. It uses the 2.4 GHz band, and is compatible with the original 802.11b standard, which means it has a more promising future.

The 2.4GHz band is also used by microwave ovens and the cordless phones that connect to an ordinary phone line. However, mobile phones use different frequencies, which, in theory, could still cause interference with a wireless network, but mobile phones are unlikely to present much of a problem.

802.11g isn't perfect; interference in the home can sharply degrade performance. Hence the move to 802.11n, which hasn't been approved as a standard yet, but is supposed to address the interference problems, provide backward compatibility with 802.11g, and become the new, "perfect" standard. Unfortunately, we probably won't see much of 802.11n until 2006/2007. Read the information on the Networking3.htm page of this site for the latest information on the 802.11n wireless standard.

Some routers have a turbo mode that is supposed to improve wireless data transfers, but using it can be problematic, because the turbo mode only works with network adapters made by the same manufacturer that supports that mode. In other words, if you have a laptop PC that uses Intel Centrino Mobile Technology and you have a Linksys router that supports turbo mode, you will have to buy a Linksys wireless adapter PC card for the laptop instead of using the laptop's built-in wireless adapter.

That said, you shouldn't have any difficulty obtaining an adequate signal anywhere in a house of average size - if you don't have a lot of metal in the walls, which could be the cause of multiple reflections.

To obtain the strongest signal throughout the house, place the wireless Access Point unit in a central location that is clear of large metal objects such as major appliances and radiators. Placing the wireless Access Point in the attic usually gives a strong signal throughout the house, but that position would be a hassle if the equipment needs to be reset.

You shouldn't pay any attention to the speed of the equipment quoted in its literature. At best, with the computer with wireless network adapter having a clear line of sight to the Access Point, you'll only be able to achieve about half the claimed speed of connection. In the most remote areas of the house the connection speed will drop to between 1Mbit/s and 500Kbit/s, which is very slow compared to the speed of a wired Ethernet connection, but it should be more than adequate for an Internet connection, because most broadband connection only operate at about 500Kbit/s or less.

You should keep your wired network, and add the wireless elements as you planned. Wired connections are always going to be quicker and more reliable. Remember that the available bandwidth for the wireless connection is shared among all of the wireless devices, so it is best to use a wireless connection only for places that are difficult to reach by cable, such as to the downstairs bedroom.

If you live in the US, in order to avoid the interference of the 2.4GHz band used by 802.11b and 802.11g equipment, you can use 802.11a equipment, which uses the 5.0GHz band. In the UK, you should buy 802.11g equipment, because 802.11a equipment isn't allowed to use the reserved 5.0GHz band, and it's the latest and fastest available. Linksys, 3Com, US Robotics, and Netgear wireless equipment is probably the best you can get.

You just have to install a wireless 802.11g adapter in each desktop computer, and obtain a wireless 802.11g PCMCIA network card for the laptop if it doesn't already have an inbuilt network card, and buy a wireless 802.11g Access Point. Almost every wireless 802.11g router (that you can use to share an Internet connection with the desktop and laptop computers) has three or four Ethernet ports that can be connected by cable to desktop computers. Alternatively, you can obtain a basic wireless 802.11g Access Point that can be plugged into your existing router. Just remember that to avoid compliance problems it's always best to buy the equipment made by the same manufacturer.

Once the equipment is set up and installed, the easy configuration is mostly an automatic process. Just follow the instructions that come with the wireless Access Point or wireless router.

How can a wireless network be made secure?

Question

I have a wireless Linksys router. I want to know how to configure its setup to make it secure from my neighbours (US: neighbors) and hackers.

Answer

A wireless router broadcasts a signal that can be picked up by a scanner or another suitably equipped computer that is within its range. Spammers can make use of unsecure networks to send spam all over the Internet from your network and hackers can infiltrate and make use of hundreds unsecure computers to launch Denial of Service attacks on websites. Therefore, it's crucial that the proper measures are taken to prevent unauthorised access to the network and/or Internet connection even if you don't have any data worth protecting yourself.

The only totally secure system is one that is not plugged in, or is turned off completely all of the time, neither of which is a realistic option for a network or an Internet connection. By its very nature, even with the best security measures employed, wireless networking is still an insecure means of transferring information. A determined and able hacker could find a way into your home network, even if gaining entrance has to involve going as far as breaking into your home to search for documents containing passwords, etc.

Complete security from hackers is nearly impossible, but the vast majority of wireless routers and wireless Access Points (WAPs) are set up with no security measures implemented at all. I have come across situations, both residential and commercial, where a wireless Access Point has been left wide open to any outside user who happens to be within its range. The main reason for this is that the person who set up the router or Access Point has ignorantly left the settings at the factory defaults.

Here are the security precautions listed in the user manual for a Linksys router:

"The following is a complete list of security precautions to take (at least steps 1 through 5 should be followed): 1. Change the default SSID. 2. Disable SSID Broadcast. 3. Change the default password for the Administrator account. 4. Enable MAC Address Filtering. 5. Change the SSID periodically. 6. Use the highest encryption algorithm possible. Use WPA or WPA2 if it is available. Please note that this may reduce your network performance. [There is more information on WEP, WPA, and WPA2 encryption in this Q&A.] 7. Change the WEP encryption keys periodically."

It is not advisable to use WEP encryption. Read the following articles to find out why that is the case

[WEP] Wi-fi security system is 'broken' - http://news.bbc.co.uk/1/hi/technology/7052223.stm

"Don't use WEP for Wi-Fi security" researchers say - German researchers got into a 'protected' network in 60 seconds -

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9015559&intsrc=hm_list

Tutorial: How to set up WPA2 on your wireless network - "It's worth the extra steps to keep your communications secure." -

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=15&articleId=9002706

WPA stands for Wi-Fi (WiFi) Protected Access, and SSID stands for Service Set Identifier (a changeable password).

Episode 1 - Wireless router security [WEP and WPA and WPA-PSK] -

Shows you how to set up the security options in a wireless router.

http://www.veoh.com/videos/v228005fD2HxAkq&source=embedVideo

The following article deals with the crackability of a WPA/WPA2-encrypted WiFi network. -

http://www.tomshardware.co.uk/wireless-security-hack,review-32252.html

The following article provides the state of play with regard to the crackability of the three main wireless encryption standards used to secure wirless networks.

How To Crack WEP and WPA Wireless Networks - Cracking WEP, WPA-PSK and WPA2-PSK wireless security using aircrack-ng -

http://www.speedguide.net/articles/how-to-crack-wep-and-wpa-wireless-networks-2724

Cracking Wireless Networks [and how to prevent your wireless network from being cracked] -

http://www.youtube.com/watch?v=Ep3CRtzAM_E&feature=related

The router's or wireless Access Point's user manual provides all of the information you need in order to be able to enable or disable any of the settings.

Visiting someone who was having problems with a wireless network, I discovered that there were several other wireless networks in the vicinity that were completely open to access by his computer from within his house. Every one of the Access Points was left at the default name or SSID, the default channel (6), and the default security level (NONE). Believe it or not, many of these networks were installed and configured by the technicians of major broadband Internet Service Providers.

The first step in making a wireless router secure is to change the SSID from linksys (the default for a Linksys router) to something else. Use a combination of numbers and letters (capital and low case) to make it more difficult to guess or crack with password cracking tools. Definitely don't use your last name, because using that would just make it easy to guess and for an unscrupulous neighbour to know exactly who it is whose network he has successfully broken into. Most people use something like their child's name or pet's name. Don't do that! The most effective passwords are long and composed of alphanumeric characters (both letters and numbers). Some routers are even case sensitive. So a capital "P" or lowercase "p" would make a telling difference to its crackability.

There are ways to create a clever password that you can remember. For example, by using the first letters (capital letters and lower case letters) in each of the words and the number in full in these two sentences - "I was born in Plymouth. My son is 25 years of age" - you get the password IwbiPMsi25yoa, which is made up of lower case and capital letters and contains a number, making it impossible to guess. It doesn't appear in a dictionary so software that uses the words in a dictionary to gain access won't be able to crack it. The more imaginative the sentences you use are, the more uncrackable the password they create is. "The screwy British parliament contains 650 mostly useless MPs," gives the excellent password TsBpc650muMPs.

To secure a wireless network, you should use suitable passwords for the router/wireless Access Point and for the computers on the network, which should be running Windows XP, Windows 2000, or Windows NT, all of which are based on the same basic architecture, for the best levels of security. You can also use password techniques when creating secure keys for Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) encryption.

Encryption levels vary among the router manufacturers. Most WEP-enabled routers support encryption levels of 40-bit to 128-bit. However some routers, such as those made by D-link can support 256-bit encryption. For maximum protection, you should always be using the highest encryption level that your router supports. Remember, the higher the encryption level and the more complex the SSID is, the longer it's going to take a hacker to crack it.

Change the administrator password, and turn off the SSID broadcast option, which means that the router will no longer be screaming, "Here I am, and this is my name!" Even though a site-survey program would be able to pick up the presence of a wireless network, the name of the network can't be identified, making it much more difficult for intruders to gain access to files on that network.

Note that you must use an encryption method that is supported by all of the wireless equipment on the network. For example, if all of the computers (desktops and laptops) support WPA encryption, but you need to connect to a PDA (Personal Digital Assistant) that can only make use of 64-bit WEP encryption, you have to use 64-bit WEP encryption for the whole network.

Some routers allow you to type in a word or a phrase for the WEP/WPA encryption key, which they use to create a key that they encrypt, but other routers require you to enter a series of hexadecimal digits, which is the base 16 number system that uses the first ten decimal numbers from 0 to 9 (the base 10 number system), plus the letters A,B,C,D,E, and F for the other six numbers from 11 to 16. An example is 0A DB 4C. 0A is 11 in the hexadecimal number system, because 0 is zero, and A is worth 11. 0F is worth 16, etc. DB is worth 14 + 12 = 26. Therefore, to generate the key you can only make use of the digits 0 to 9 and the letters A to F.

A 128-bit encryption requires a 26-digit key, which can be tedious to create, so there are sites that can generate a key for you, such as:

WEP Key Generator - http://www.andrewscompanies.com/tools/wep.asp

There is also a password generator on the site here:

Secure Password Generator - http://www.andrewscompanies.com/tools/passwords.asp

Of the wireless equipment manufacturers, Buffalo has done the best job of simplifying the encryption process with its AOSS system. The current Buffalo routers and wireless equipment that supports it have an AOSS button. You just have to have the wireless equipment set up on the computers in the network and then press the AOSS button on each bit of equipment that has it, and the device transfers all of the settings across the network automatically.

Every authorized user of a wireless connection should have a unique user name and password that should be a mixture of alphanumeric (letters of the alphabet and numbers) and punctuation characters, chosen as randomly as possible, that is at least six characters long. A wireless Access Point's administrator's account (a router has one) is especially sensitive and should have a particularly strong password in order that a hacker can't guess his way into that account and take over the entire wireless connection. The following article has some good advice:

Langa Letter: How To Build Better Passwords: http://www.informationweek.com/story/showArticle.jhtml?articleID=164303537

As a security tool, WEP, or Wired Equivalent Privacy, is much maligned, but it does create another barrier to overcome, which helps to diminish the chances of being innocently hacked into by someone driving past your house, or someone deliberately on the lookout for an insecure network and Internet connection to make use of anonymously.

Look at the Wireless Security section of the router's setup screens (which its user manual shows you how to access) and turn on the WEP option. If all of the wireless components are from the same manufacturer, use the highest possible setting, which is probably 128-bit encryption. If the equipment is made by several manufacturers, a lower setting, such as 64-bit encryption, may have to be used in order for the devices to be able to communicate with each other. Use the more secure WPA encryption if it's available.

Unfortunately, even with a fast broadband connection you may experience noticeable network and Internet performance degradation. Some website servers may time out before they finish loading pages. Network file sharing also slows down.

The security mechanics of WPA are substantially different from WEP. In WEP, the same static encryption key is used all the time, but the encryption process used by WPA, called Temporal Key Integrity Protocol (TKIP), addresses all of WEP's known vulnerabilities. It uses the original master key merely as a starting point, and derives its encryption keys mathematically from this master key, and then regularly changes and rotates the encryption keys so that the same encryption key is never used twice. This all happens automatically in the background. However, it takes time to implement and therefore slows the connection down compared to how fast the connection would be if it wasn't being used. But, apart from that downside, WPA is a far stronger security solution than WEP. While no security mechanism can be considered absolutely secure, the protection provided by WPA is strong enough to prevent most hacker attacks — even the most sophisticated ones that require the hacker to have a high level of networking knowledge.

Finally, MAC Address Filtering can be added, which only allows networked computers that have been cleared via their Media Access Control (MAC) address (a unique identifier for each network card) to connect to the router. MAC filtering is a process in which the MAC addresses of every network adapter in use on a network on its router's Access Control List (ACL). By enabling it, router is instructed not let any network adapter gain access to this network if it has not previously been given authorization.

MAC Address Filtering is found on most firewall routers. This is also not a completely secure option, but it adds yet another barrier, which requires a hacker to have a fairly high level of knowledge in order to be able to get round it by spoofing the address (MAC address spoofing). However, using it will no doubt prevent your average neighborhood broadband freeloader from logging on to your network.

MAC address spoofing is far too involved a subject to go into here. It might be more accurately described as MAC address impersonating or masquerading. To find some of the plentiful information about it use the term as a search query in a search engine. A good article on the subject in the PDF format can be found by entering this search query: "detecting wireless lan mac address spoofing" + "joshua wright".

After you've enabled MAC Address Filtering, as an extra precaution, you should find out what all of the MAC addresses on the network are and list them in order to be able to check if an intruder's computer has added its MAC Address to the network.

Begin by listing all of the MAC addresses on your network. A MAC address is a unique identifier stored in the firmware of every network adapter, including wired network interface cards (NICs), wireless network cards, and the network circuitry built into some motherboards. No two network adapters have the same MAC address. 00-11-09-14-43-6E is an example of a MAC address. Some computers may have two MAC addresses - one for an RJ-45 Ethernet network card and one for a wireless network card. An easy way to make a list of your MAC addresses is to make use of the logging features in the control software of your firewall router called the Access Control List (ACL).

Turn on all the computers on your network and enable all of their network adapters. Your firewall router, if it's being used to assign IP addresses dynamically, should provide a list of all the computers on your network and display the MAC addresses of each of them. Double check that the MAC addresses listed correspond with the MAC addresses of your actual hardware. Many mobile network devices have their MAC addresses on the bottom of the case. Look under its Network heading and open Windows Network. The Hardware Address is the MAC address. Note that if a computer contains two network adapters, a utility that provides information on the hardware installed on a system may only show the MAC address of the one that is active. If the number of computers on your network is constant, it's a good idea to make sure that the DHCP IP Address assignment feature of the router can't assign any extra IP addresses than those already on your network. Another option is to use static IP addresses, although that isn't a suitable option for networks where new computers can log in, even if only occasionally. Another good idea is lengthen the "lease time" on your IP address assignment to a week in the beginning so that you have a longer-lasting record of any unauthorized MAC addresses. Then you can change that to three days or less.

Note that this security measure requires constant monitoring. You need to check the DHCP area of your router's control software at least three times a week to to find out if unauthorized MAC addresses have been assigned IP addresses. If you discover unauthorized access, you have to block those MAC addresses from accessing your network. Thereafter, any broadband-stealing neighbours and drive-by opportunists with notebook computers will have to use different network hardware in order to be able to attempt to log on to your network.

You should never take the security of a wireless network lightly, because if you do, you could be compromised in all kinds of distressing ways, such as having someone make illicit use your identity, depending, of course on the data you have on the network and how it has been set up.

There are some good articles and Q&As on wireless-network security on http://www.practicallynetworked.com/.

Beware of phoney laptop hotspots

For those of you who don't know, a hotspot is a place that allows a user equipped with a laptop computer that is itself equipped with a wireless network adapter to log on to the Internet, either as a free or as a paid-for service.

It can be difficult to determine if you have logged on to to genuine hotspot or not. All a con artist has to do is give the wireless connection installed on a laptop a plausible name or SSID (Service Set Identifier), and set it to be connected to on an Ad Hoc basis that connects computers equipped with wireless adapters directly to each other instead of via a wireless access point (a wireless switch). Then, when someone comes along to the bar or pub, etc., who is under the impression that it offers a hotspot to its customers, that person's wireless-equipped laptop will identify all of the open networks in the area. If the person decides to network with the con artist's computer instead of make use of the genuine hotspot, he or she won't be connected to the web. If the genuine hotspot requires users to enter a credit-card number before it allows them to use it, the con artist can create a phoney web page that allows those details to be stolen. If the unsuspecting person is able to make use of websites, such as the sites of banks, etc., they have been cached on the con artist's laptop computer. Any logon or account details that the person enters will also be made known to the thief.

Anyone who makes use of a hotspot is best advised to make use of them to access public websites only, but if you have to access a private account of any kind, you should make sure that the site address starts with https:// instead of just the http:// and that the secure yellow padlock icon appears on the bottom bar of the browser that means that the connection to the site is securely encrypted. You should also make sure that your wireless network settings are set so that you have to connect manually instead of automatically to wireless networks or hotspots.

To disable the ability of Windows XP to connect automatically to any available network or hotspot, double-click the wireless network's icon in the System Tray (Notification Area) in the bottom left corner of the screen. In the window that presents itself, click Change the order of preferred networks, and then click the Advanced button that appears under the Wireless Networks tab. Enable the Access point only option and disable the the Automatically connect option, and click on Close.

Interesting articles on network security

How to protect your wireless network - http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9037321

Practice 'safe surfing' with public Wi-Fi signals -

"You see them everywhere your Wi-Fi laptop goes: unprotected wireless signals offering "Free Internet Access" or "Free Public Wi-Fi." But connect to them and you'll be disappointed. In a few cases, you may even have your computer hacked. Here's the scoop on how to protect yourself..." -

http://windowssecrets.com/comp/070614#story1

Wi-Finally: wireless security that actually works -

"The security of Wi-Fi has largely been a joke. Wireless vendors have routinely shipped their products with all of their security features turned off, rather than take support calls from end users when things didn't work. Fortunately, the pieces are now in place for you to have safe and secure Wi-Fi networking, wherever you may roam..." - http://windowssecrets.com/comp/050526/#story1

One of the laptop computers connected to a wireless router is being blocked from accessing the web - Any program that tries to communicate via http:// using port 80 is getting communication errors

Problem

All of a sudden, one of three laptop computers connected wirelessly via an ADSL wireless modem router can't access the web. Any program that tries to communicate via http:// using port 80 is producing communication errors. The other two laptops that share the same connection using this router can connect properly. I have scanned for viruses and malware with updated scanners, but nothing was found. All three computers are running Windows XP Home fully updated to SP3.

Answer

Make sure that any cables are plugged in properly to the router and that the wireless connection is working properly. The wireless network icon in the notification area (the one that looks like a monitor with waves emanating from it) can show that a computer is connected when it is not, or the icon indicates Internet access when in fact only local wireless network, not web access is available. Right-click on the icon and choose View Available Wireless Networks. You should be able to see that the computer is connected to your network, which should have it own name that was provided during the setup process with the router. Windows Vista and Windows 7 provide similar access to the wireless networks available in your area but use different names.

If the laptop is connected properly, make sure that only one firewall is operating on it. If you are using a third-party firewall, such as Comodo, make sure that the Windows firewall in the Control Panel is turned off. Only one firewall should be monitoring your system. You should open the firewall and go through its settings, which vary from firewall to firewall, and make sure that there is no setting blocking port 80, which is used for most web traffic.

If you are using the Windows Firewall, read Microsoft's Knowledge Base article 308127 - How to manually open ports in Internet Connection Firewall in Windows XP. The article called Open a port in Windows Firewall deals with Windows Vista's firewall settings.

You should make sure that any block-all setting of an active firewall is not enabled on the affected computer. Windows XP does not provide a block-all setting, but Windows Vista and many third-party firewalls do. Note that the different firewalls do not use the same names for this setting.

If none of these measures work, try using a different firewall. Make sure you uninstall the current firewall by running its uninstall option.

If the problem still exists, try uninstalling the firewall and then uninstall the wireless network adapter in the Device Manager. To open the Device Manager in Windows XP enter devmgmt.msc on the Start => Run box ( it's the Start => Start Search box in Vista). Open the Network adapters category of device. The laptop's wireless adapter should be listed there. On my laptop it is called Intel Pro Wireless 3945ABG Network Connection. I would right-click with the mouse pointer over that entry and choose Uninstall in the window that comes up.

You don't have a web connection on that laptop, so you should visit the network adapter's website from another computer and download the latest device driver for it, which you can install on the affected laptop. Doing that rebuilds the affected laptops networking subsystem. Next, reinstall the computer's firewall. With a new wireless adapter driver installed and a fresh installation of the firewall, the problem should be solved.

If that is not the case, the router itself might be the cause of the problem, so enter its webpage settings interface (its user manual will tell you how to do this if you haven't done so before) and check its configuration to make sure that it is not set to block port 80 requests from the affected laptop.

How can I monitor my laptop's wireless network connection to make sure that no unauthorised users are logged on to it?

Question

Recently the national press has featured articles on Wi-Fi theft in which unauthorised users use wireless network connections in order to steal bandwidth or to to commit online crimes. I have tried to find out how to monitor my wireless network that consists of two laptop computers that have built-in wireless adapters and a Netgear DG834PN RangeMax MIMO-G Wireless ADSL Modem Router with 4-port 10/100 switch. My original laptop runs Windows XP Professional and my newer laptop runs Windows Vista Business. If I open the My Network Places in Windows XP and selected View workgroup computers will any intruder's computers be shown there? In Windows Vista, I look under Start => Network => Network Sharing Center => Tasks (top left) => View computers and devices. If not, can you tell me the best way to monitor my wireless network?

Answer

The computer's of intruders will only show in My Network Places (XP) and the Network Sharing Center (Vista) if the intruder has his/her computer set to use the same workgroup name as the computers on your wireless network. Each computer must have a unique computer name and belong to the same workgroup. You set the computer and workgroup name under Start => Control Panel (with Classic View enabled) => System => Computer Name (tab) in both XP and Vista.

A router's settings are accessed by opening its webpage that contains the settings. You do that by entering its IP address in a browser (Internet Explorer, Firefox, etc.) the router's user manual will provide its default IP address or you can find out what it is by entering cmd in the Start => Run box in XP or the Start => Start Search box in Vista. You the enter the command ipconfig at the Comand Prompt. The router's IP address is the Default Gateway, which could be, say, 192.168.1.1. To bring up your router's settings page, you would enter http://192.168.1.1 in a browser. To find out which computers are connected to your wireless network, the best place to look is on the router’s Administration page. Note that you will have to search through the tabs on the settings page to find the applicable settings because they differ from router to router.

If your router is set to act as a DHCP server (the DHCP setting is enabled), which most are by default, it will provide IP addresses to the computers that connect to it automatically, then the computer name of an intruder should be shown - at least in a log of the computers that have connected to the router. If DHCP is not enabled, the IP addresses have to be assigned manually to the computers on the network. You would do that in Windows XP by opening Network Connections in the Control Panel, right-clicking on the wireless connection and then clicking on Properties. (If it is a wired connection, you would right-click on the LAN connection.) Doing that brings the Wireless Network Connection Properties window up. On its General tab scroll down to Internet Protocol (TCP/IP), select it and click on its Properties button. Doing that brings up a window that allows you to set the IP address manually, which has to be in the same range as the router and the other computers. For example, 192.168.1.2 if the router has the IP address of 192.168.1.1. The next computer could have the IP address of 192.168.1.3, etc., all the way up to 192.168.1.254. 255 and higher cannot be used in any range of internal IP addresses in a network.

That said, there won't be any intruders if your network is secured properly by doing the following:

1. - Log in to your router by entering its IP address in a browser, which will produce its settings page as a webpage. The page will be like any other home page, giving access to other pages, some of which will allow you to change the settings. Make sure that the DHCP setting is enabled. If a list of attached devices is provided, if you don’t recognise any one of them, it may be an intruder. If your router provides a log of the computer IP addresses that have logged on to it, if you don't recognise any one of them, it may be an intruder.

2. - The best way to prevent unauthorised access to your router is to use WEP or preferably WPA/WPA2 encryption. Note that WEP encryption has been cracked and anyone with the knowledge can bypass it. Set your router to use WPA-Personal and the WPA2 standard if possible. Choose and enter your password (SSID) and give it only to the users that you have given permission to connect to your network. You should not continue using the default SSID and password.

Change Default SSID - http://netsecurity.about.com/od/stepbystep/ss/change_ssid_2.htm

3. - If you router does not support WPA or WPA2, you should get a new router that does support it. You can use what is called MAC authorisation as an additional protection. You have to know the unique MAC addresses of all of the wireless adapters on the computers that you want to give access to the network, and then enter them into your router, which should have a provision for that. However, note that hackers are adept at using a technique called "Mac address spoofing" to get around that measure, so it has limited protection value from hackers, but would probably prevent your neighbours from accessing your network if you weren't using WPA/WPA2 encryption.

To find out what the MAC address is for a network adapter follow this clicking path in Windows XP: Start => All Programs => Accessories => Command Prompt. Enter the command ipconfig /all. In Vista, enter the command cmd in the Start => Start Search box to bring up the Command Prompt. The Physical address is the MAC address. It takes this form: 00-17-16-28-51-44.

Detecting Wireless LAN MAC Address Spoofing - http://www.net-security.org/article.php?id=364

The following FAQ page provides information on all the topics discussed above: Student village network > frequently asked questions - http://www.yok.utu.fi/faq.php.

Infected with password-stealing software: How can a computer be made secure against other such ActiveX vulnerabilities?

Problem

My computer running Windows XP was infected with password-stealing software via the security exploitation known as Download.Ject or Scob. I had to restore a master image of the system made before the infection, and change all of my passwords. To avoid having to do that again, I'd therefore like to know how I can make my computer secure from such security violations.

Answer

Many thousands of computers were infected by the Download.Ject exploit in June 2004. Although the computer server that hosted the attack was soon shut down, the computers were infected when their users did nothing more than access well-known websites.

Current websites are no longer just HTML pages that download images to a computer browser, they almost always run program code such as harmless JavaScript code and the potentially dangerous ActiveX code.

Most websites have JavaScript code within their HTML code that runs Google ads, forms, etc. JavaScript is safe because its designers limited the ways in which it can interact with a computer. It cannot read files or write to files on a hard disk drive.

However, as the Internet evolved, interactive sites such as Microsoft Update and online virus scanners had to be able to access files on the computer. Microsoft's ActiveX controls, which are Windows programs that are downloaded from such a site and run automatically, can be programmed to do anything that Windows itself can do, such as erase a hard disk drive. An ActiveX control can be programmed to run as a virus or Trojan that is capable of sending information back to its creator. It can be distributed and activated from a webpage without the computer's user being aware of it. An ActiveX control could scan the system for specific records such as tax records or password files and e-mail them to any e-mail address.

Obviously Microsoft wouldn't unleash something that has such power without building some kind of security feature into it that governs how it can be used. Java (which is a compiled object-orientated computer language, not a script computer language that a web browser runs, such as JavaScript) uses a concept called 'sandboxing', which limits what a Java program is allowed to do on a computer. ActiveX controls use digital certificates that are supposed to identify the control's creator. When a new ActiveX control is downloaded from a website for the first time, a warning message pops up, which most users allow to run by clicking its Yes button without reading the message. It is then incorporated into the system and will run whenever it's called to run without producing another warning message.

Richard Smith has created the following website that explains the problems to do with ActiveX and allows a user to test a system for the security weaknesses that allow rogue ActiveX code to do mischief: http://www.computerbytesman.com/acctroj

The following actions can be taken to improve the security of a system against the misuse of ActiveX controls:

At Microsoft Update, you can choose the latest security updates to install. This one addresses the vulnerability that allows the Download.Ject exploitation of ActiveX: http://support.microsoft.com/?kbid=870669

Windows XP Service Pack 2 (SP2) is now available. [Since this was written, SP3 has been made available. It is the last service pack for Windows XP.] It introduces many new security features and updates, so, if you're running Windows XP, you should install it, but make sure that you can restore your system to its previous state, just in case the installation goes awry, or there are bugs in it that don't agree with your particular system.

You should examine the following area of Internet Explorer to check who is registered as a trusted author of ActiveX controls: Tools => Internet Options => Content => Publishers. Most users shouldn't find any entries there. It should be examined because an application can add its author to the list in order to avoid a prompt coming up to warn the user that a new ActiveX control wants to be incorporated into the system.

You can strengthen the security of Outlook Express by opening Tools => Options => Security and enabling the Restricted Sites Zone setting instead of the less secure but more functional Internet zone setting. If you can't use any facility that you used to be able to use, revert to using the Internet zone setting.

It's also a good idea to use an e-mail program, such as the free Mozilla Thunderbird from http://www.mozilla.org/, instead of Outlook Express, which the virus writers and hackers concentrate their endeavours on. If you want to keep using Outlook Express, you should consider setting it to read messages as text instead of as HTML, because HTML code can be used to launch other malicious code. You would do that under its Tools => Options => Read tab, where you would enable the Read all messages in plain text option.

You can disable the use of ActiveX, Scripting, and Java by disabling the relevant settings in Internet Explorer under its Tools => Internet Options => Security => Restricted Sites => Custom Level button, or choose to have a prompt come up every time a restricted site wants to make use of one or more of them. The Spybot Search & Destroy anti-spyware utility places the addresses of many sites in this zone.

All of the zones under the Security tab - Internet, Local intranet, Trusted sites, and Restricted sites - have their own Custom Level settings. You should check Trusted Sites zone from time to time, because the security level is much lower by default for sites that are listed under it. However, each of the zones can have their security settings set from Low to High, with the Medium low and Medium settings between them. I would set Restricted sites to High, and the others to Medium low.

The level of security you set creates the balance you want to achieve between the level of security and the inconvenience of having some sites not working properly when accessed, because if the security level is set too high for some sites, you won't be able to access them, or they won't work properly.

If you set the security level to High under the Internet zone, you'll have to add the web address of sites that run ActiveX controls, such as Microsoft Update, to the Trusted Zone, and have its security setting level set to Medium or Medium low, or Low, otherwise the site won't be able to run ActiveX controls, and probably won't function properly as a result.

For an approach that isn't annoying and also maintains an adequate level of security, set the Internet zone's security level to Medium, and then select the Prompt option for the individual settings not already set to use the Disable option for that level of security.

Setting the Active Scripting setting in the Internet zone to Prompt, will probably drive you crazy with the amount of messages requiring you to click OK to run a script, because JavaScript and VBScript is used on so many sites. Therefore, I would set Active Scripting to Enable under the Internet zone, which has its security setting set to Medium. If you don't run an intranet network (a network that shares an Internet connection), set the security level of the Local intranet zone to High, just in case a malicious script adds its site to that zone.

You can strengthen the security settings for the Local Machine, but there is no way to do it from the Security settings tab of Internet Options. You have to make changes to the Windows Registry. This MS Knowledge Base article tells you how to do it:

http://support.microsoft.com/?kbid=833633

Remember that new security features in the Windows XP SP2 update include improvements to the Windows Firewall, and add a pop-up blocker to Internet Explorer, etc. If you're using Windows 98, you should add a pop-up blocker, or use a browser such as Opera, that has one built into it that can be enabled or disabled. Good pop-up blockers are made available free as part of the Bing, Google and Yahoo! toolbars

[Note that since this was written, SP3 has been made available. It is the last service pack for Windows XP.]

Why is my @~#* ADSL modem NOT always on?

Problem

By unsuccessfully attempting to access my home computer from work, I've discovered that my D-Link ADSL broadband connection is constantly dropping instead of being on all the time. When I get home and check the modem's status, it's disconnected, and nothing I do has been able to change this state of affairs.

The modem's manual clearly states that if the Idle Time is set to zero it will maintain an always-on connection. But when I phoned D-Link's support, I was told that the manual was wrong and that my modem isn't designed to maintain an always-on connection. I asked if this was also a problem with the latest D-Link 300T ADSL modem. He told me that it was, and that to keep the connection alive I should schedule a ping command to run every few minutes.

I need my connection to be on all the time because I run an e-mail server. I don't understand why I can have this happen out of the box, so to speak, because ADSL broadband is marketed as an always-on connection.

Answer

Unfortunately, always-on simply means that the connection gives the impression of always being on because it turns on almost instantly when the computer activates it on demand. This situation works if the computer only uses an outward connection, but it is problematic for anyone who wants to access the computer from a remote location. D-Link ADSL modems are not alone in this respect. The situation is the same with modems made by Netgear and Linksys, including the provision of erroneous manual information.

"Keep alive" or "stay alive" software simulates human activity on a connection to fool the ISP's monitoring software into thinking that the connection is active. There are paid-for and free programs available.

KeepAlive - http://www.tucows.com/preview/356395 - shareware

KeepAlive 1.1 - http://freewareapp.com/keepalive_download/ - freeware

Free alternatives can be found by entering a search query, such as keepalive + free + utility, in a search engine. Make sure that you have a website monitoring utility such as Web of Trust or AVG Linkscanner because there are many websites that are providing malware instead of valid software.

The only other way to keep the connection alive is to schedule a ping command to run at regular intervals. It doesn't matter which website you ping. You can use Notepad to enter the ping command, which can take this form: ping www.pcbuyerbeware. Save the command as a .bat file, such as ping.bat. Then all you have to do is use the Windows Task Scheduler to run the command periodically just before you go online. Don't schedule it to run while offline or it will attempt to access the web every few minutes, depending on the period you set for it to run.

Is it a security risk for a PC to have an ADSL connection always on?

Question

When ADSL became available in my area, I switched from my old slow 56K dial-up to 1Mbit ADSL connection, which is very much faster. However, I am worried about the security of my PC now that it has an "always on" connection, because it is usually turned on for several hours a day. If the connection is not currently in use, the logon screen is available so that can member of my family can log on. I think that I have good security measures in place, but I'm wondering if the connection is open to the Internet when it's sitting at the logon screen. I know I could turn the firewall's Internet lock on, or switch the modem off, but my family would probably complain about the inconvenience. The PC runs Windows XP Home Edition, the Zone Alarm firewall, AVG Anti-Virus, Spybot S&D, and all the latest security updates etc. but it doesn't have a hardware firewall.

Answer

Here are two security tools that you could add to your system to make it more secure:

Microsoft's Windows Defender - http://microsoft.com/athome/security/spyware/software/default.mspx

Mike Lin's Start-up Monitor informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up. This is a valuable line of defence that is well worth installing. You can obtain the program free of charge. If you find it useful you can give Mike a donation from his site - http://www.mlin.net/.

Security tools, such as many of the major virus scanners, run as "services", and are not just tied to one User account; they load with Windows and therefore provide basic protection even when there is no one logged in. When you log in to a User account, what you see being loaded is the software that allows you to access and modify these services; it is not the services themselves, which are already running. Thus, your PC does have some level of protection even when all of the users are logged off. Moreover, when a PC has all of its users logged off and is just sitting idle, not much can happen to it from a security point of view. For viruses, worms, etc., to be a danger, they have to get into your PC in the first place and then install themselves as start-up programs, or they can't do anything, because they won't be running the next time you start up the PC. With nothing running on your PC to allow malicious files to get in, it's not going to happen, because there is also no e-mail program, such as Outlook Express, running that could deliver them, and no FTP utility (file-transfer program) running to accept or send files, etc.

However, a hacker could still attempt to log on to your PC from a remote site. But if you use good security measures your PC won't allow one to get in. Good security measures are: 1. - Log on to the web via a User account, which doesn't allow software to be downloaded and installed by default, instead of via the Administrator account, which does. 2. - Make sure that all passwords are very difficult to crack and are changed regularly. See the Security pages on this site for information on creating secure passwords. 3. Open Network Connections in the Control Panel, right-click on the entry for Internet Service Provider (ISP), click on Properties, click on the Networking tab, and make sure the File and Printer Sharing option is not enabled by removing any check mark in its box with you mouse. Do that for each ISP that you use. 4. Disable a feature, such as Remote Assistance, or any other program on the PC that allows it to be connected to from a remote location. To prevent someone from using Remote Assistance to take control of this computer open System in the Control Panel. On the Remote tab, click Advanced. Clear the check box labelled Allow this computer to be controlled remotely. Reverse the procedure if you want to enable Remote Assistance.

If you want to make absolutely sure that your PC is secure, then block access to it by engaging Zone Alarm's lock, or simply disconnect the ADSL modem from the phone line. Some ADSL and cable modems have a connection switch or toggle on them that allows you to do that without disconnecting the cable. An external hardware firewall, which can be provided by connecting the PC and modem to a router, will add an additional layer of protection. If you use a wireless router and install a wireless adapter in each of them, you can also connect up any other PCs in your home to a network and share an Internet connection, instead of using User accounts in Windows fro each member of your family.

Shared Computer Toolkit for Windows XP

If you don't use a router, you should have a look at what this free toolkit from Microsoft has to offer for shared computer users:

"Shared Computer Toolkit for windows XP - Microsoft created the Shared Computer Toolkit to help make shared computers more reliable and less time-consuming to maintain. Unlike personal computers, shared computers are: • Used by many different people who generally don't know or trust each other • Used in public places where personal privacy and security are big concerns • Subjected to greater wear and tear due to their frequent use and public availability.

"The Shared Computer Toolkit is ideal for computers in schools, public libraries, community technology centers, and Internet cafés. It allows those who manage shared computers in these environments to easily: • Defend shared computers from unauthorized changes to their hard disks. • Restrict users from accessing system settings and data. • Enhance the user experience on shared computers." -

http://www.microsoft.com/windowsxp/sharedaccess/default.mspx

What do I need in a laptop/notebook computer to be able to have a wireless connection to the Internet?

Question

I want to buy a laptop computer that allows me to be able to connect to the web wirelessly or to which a wireless connection can be added. But I am confused by what I have read on the subject. What I've 'understood' so far is that some laptops come with a specification called HSDPA, a faster version of 3G that 3G mobile phones use to access the web. I take it that I don't have to add anything to a laptop with HSDPA. I know that you can insert a data card into a laptop that has the correct slot that provides wireless web access. Is that an HSDPA data card?

I have also noticed from reading the specifications of different laptops that some of them have a PCMCIA adapter card slot, others have an ExpressCard adapter slot, and some laptops have both types of slot. Apparently, the ExpressCard cards are smaller than the PCMCIA cards, so can an ExpressCard adapter fit into the slot for a PCMCIA card, or must you only buy specific cards for specific slots?

Answer

HSDPA stands for High-Speed Downlink Packet Access. It is one of several technologies that are collectively referred to as 3G. Another is called Universal Mobile Telecommunications System (UMTS).

3G - http://en.wikipedia.org/wiki/3G

High-Speed Downlink Packet Access - http://en.wikipedia.org/wiki/HSDPA

Universal Mobile Telecommunications System - http://en.wikipedia.org/wiki/Universal_Mobile_Telecommunications_System

If a particular area is covered by a 3G network, with a 3G mobile phone or a suitably equipped computer, you can access the Internet at broadband speeds. However, you must check the 3G reception in your area, because within a relatively small area, at different points, or at different times of the day, you can have no reception to excellent reception. If the reception is weak, the equipment will probably fall back to using a relatively slow GPRS (General Packet Radio Service)connection, which is about as fast as a dial-up connection.

General Packet Radio Service [GPRS] - http://en.wikipedia.org/wiki/General_Packet_Radio_Service

[Note that since this Q&A was written, most mobile Internet providers have changed from using CardBus or ExpressCard adapter cards to using wireless USB dongles, which can be used from any laptop PC with a USB 2.0 port.]

The mobile phone service provider you intend to use should provide a service on its website that provides reception strengths for 2G and 3G reception on a post/zip-code basis. You enter your post/zip code and a map is delivered showing the reception in that area. In my experience, some areas have a constantly strong 3G reception, while other areas nearby can have variable reception that wavers from strong to weak. There are also areas that don't have any reception, which is why you must check the reception at your post/zip code. T-Mobile's site in the UK provides you with the reception at home and at work.

A 3G data adapter card can be added to almost any notebook that doesn't come with built-in 3G support, but it will make use of an adapter card slot or a USB port.

Most of the HSDPA data cards have an aerial that protrudes from the computer, but some data cards use UMTS, which doesn't use an aerial. An example in the UK is the data card that T-Mobile currently provides for its Web 'n' Walk service. The data card requires a PCMCIA CardBus card slot in a laptop. Use in a desktop PC using a PCMCIA adapter is not supported because of the variation in reception from even different areas in the same house or building. Another service is provided via a Vodaphone3G Datacard, which also uses a PCMCIA CardBus slot.

Most computers purchased within the last five years have a 32-bit PCMCIA CardBus slot, but new computers often only come with an ExpressCard slot, which is not compatible with the PCMCIA standard. As you said, some laptops have both types of slot. You wouldn't be able to use T-Mobile's or Vodaphone's 3G data cards in a ExpressCard slot.

Laptops that have built-in HSDPA, will just have a slot for a SIM card. You will have to subscribe to a mobile phone provider that will provide you with a SIM card that you could also use in a mobile phone. In fact, you might find that you have to install the SIM card in a mobile phone to get it registered with the network the first time that you use it.

DHCP fails when connecting with a wireless adapter

Problem

You are running a wireless network, consisting of three desktop computers and a laptop, using Windows XP Pro and a Netgear WGR614 router. The problem involves the TCP/IP addresses assigned by the DHCP [Dynamic Host Configuration Protocol]. When you first installed a wireless adapter in one of the desktop computers, it obtained a DHCP-assigned address automatically. This happy state of affairs exists for a week or two, when, for no apparent reason, the adapter loses its network connection and reconnects with an IP address reserved for private connections that begins with 169.254.x.x - the default alternative address if DHCP address-assignment fails. From then on, there's nothing you can do to make the network adapter obtain a DHCP-assigned address.

Solution

Automatic IP address configuration was introduced so that small peer-to-peer networks could use dynamic IP addressing without a DCHP server having to issue those addresses.

If TCP/IP => Properties (under Network in the Control Panel) is set to "Obtain an IP address automatically" in Windows 98, Me, 2000, and XP, the computer will first attempt to find and use a DHCP server on the network to obtain a dynamically-assigned IP address. If a DHCP service can't be found, Windows assigns an auto-configuration address, which starts with 169.254.x.x - where x stands for a block of three figures that are assigned to the IP address.

However, doing this seldom produces the correct result, because most small networks use IP addresses that are in the range of 192.168.x.x. This means that the computer with an auto-configured IP address won't have one that is in the same range or block of addresses assigned to the other computers, and so direct connections between it and the other computers will fail.

Even if the small network had adapters that were all configured to use auto-configured IP addresses, the initial delay before the IP address was assigned would make booting a computer very slow.

Note that, unlike Windows 2000 and Windows XP, Windows 98 was not designed for wireless networking.

Windows 98 doesn't have a way of detecting if there is a network connection established before it asks for an IP address, and wireless adapters often take some time to search for and establish a wireless connection. When a wireless adapter is first installed, everything seems to go well. The adapter waits for the network connection to be established, and then it looks for an IP address. But when the computer is switched off and started up again, the adapter takes some time to set up the network connection. During this time, it tires of waiting for Windows 98 to look for a DHCP-assigned IP address. To begin with, it may use the previously assigned IP address, provided that its lease is still valid, but, once the lease expires, it defaults to using the auto-configured IP address. After that happens, in practice, it never looks for a DHCP server if one becomes available, even though the documentation claims that it will do so.

Therefore, for Windows 98, you should disable the auto-configuration IP address feature. You can do this by entering regedit in the Start => Run box. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE => System => CurrentControlSet => Services => VXD => DHCP. In the right-hand window, click IPAutoconfigurationEnabled, and set its value to zero. If there is no entry for IPAutoconfigurationEnabled, right-click in the right hand window, and select New => Dword Value, then enter IPAutoconfigurationEnabled, and set its value to zero.

For Windows 2000 or Windows XP, this value has to be inserted under HKEY_LOCAL_MACHINE => System => CurrentControlSet => Services => tcpip => Parameters even though it's not usually a problem with those versions of Windows, because they don't start up asking for an IP address until the hardware indicates that there's a network connection.

DHCP should then work properly.

How to force a computer to obtain a new IP address

If things go wrong with a LAN (or Internet connection), you sometimes have to force a computer to obtain a new IP address.

In Windows 9.x, you can use a tool called Winipcfg. Enter winipcfg in the Start => Run box. Then select the Ethernet, wireless, or dial-up adapter from the list, and click Release, followed by Renew.

If you have a laptop connected to a network using Windows 98, you'll be aware that Windows often remembers the dynamic IP address that was assigned to it during the previous session. This address probably won't work if you connect the laptop to a different network, so you can used Winipcfg to release and renew it.

Windows 2000 and Windows XP don't have the Winipcfg tool. Instead, to do the same, enter cmd in the Start => Run box to bring up a command line prompt, and enter the text command ipconfig /release followed by ipconfig /renew.

For your information, a tool similar to Winipcfg called Wntipcfg works with Windows 2000 and Windows XP. It is included in the Windows 2000 Resource Kit, and it can be downloaded from:

http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/wntipcfg-o.asp.

You can use it to release and renew IP addresses in Windows XP instead of using the commands ipconfig /release and ipconfig /renew at the command-line that you bring up by entering cmd in the Start => Run box.

Sharing a broadband Internet connection: I tried using ICS and then a router and still can't make it work

Problem

My Internet desktop computer uses a cable modem. I discovered that Windows has Internet Connection Sharing (ICS) software that allows an Internet connection to be shared, so I tried networking the computer with a laptop, both of which are running Windows XP Professional. The desktop computer is the host machine. But I couldn't get ICS to work, so I took some advice and purchased a router. I connected the router to the network according to the instructions. The cable modem is connected to the router's WAN port, and the computers to two of the router's LAN ports.

I tried running Microsoft's Network Setup Wizard. But when I did this, an error message came up saying, "Cannot complete the Network setup wizard: Other computers cannot connect to the Internet through this computer." I double-checked the connections and everything looked all right.

Answer

I take it that when you tried using ICS that the desktop computer being used as the host machine was equipped with two network cards, with one of them being used for the cable modem and the other for networking the laptop to the host machine. After you obtained the broadband router, you didn't need the host computer to have the network cards or use ICS to share an Internet connection. I also take it that you have provided both computers with the same Workgroup name, and that each of them has a unique Computer name.

Go to Troubleshooting a wireless network consisting of a notebook and a desktop computer on this page if you need to know how to enter those names in Windows 95, 98, Me, and XP.

It looks as if the host machine is still running Internet Connection Sharing. Having ICS installed and running is undoubtedly the cause of the problem, so you have to disable it. To do this, open the Control Panel and select Network Connections, right-click on the network adapter, click Properties, click the Advanced tab, and uncheck the Internet Connection Sharing option.

With ICS disabled, you must now verify the router settings and configure the two computers to obtain IP addresses automatically.

If you haven't done so already, you need to configure the router to work with your Internet connection. This is usually done by using a web browser, such as Internet Explorer, to run the router's web-based setup program. The log-on information is provided in the router's user manual. Enter the provided IP address in the browser's address bar, as is (usually 192.168.0.1), and enter the provided password.

Once that has been completed, verify that your router's Dynamic Host Configuration Protocol (DHCP) service is enabled. The DHCP service automatically assigns a valid IP address to any TCP/IP device that it locates on the network.

Read How can a wireless network be made secure? on this page to find out how to enable the security settings, which you should do after you've got the shared connection to work properly.

With the router properly configured, you have to make sure that both computers are set to Obtain an IP address automatically. This setting allows a computer to accept the IP address that the router's DHCP service assigns to it.

To do this, open the Control Panel and select Network Connections, right-click on the network adapter, select Properties and double-click on the option Internet Protocol (TCP/IP). If it isn't already selected, enable the Obtain an IP address automatically option, and click OK. Other than a reboot, this should be all that is necessary to get the two computers to share an Internet connection.

Note that just as it's not necessary to use the Windows Internet connection wizard to establish a connection with an ISP, it's not necessary to use the Windows Network Setup Wizard. I don't use it because it has a tendency to make the setup unnecessarily complicated. It's best just to use the router's own web-based setup program.

Is a second DSL connection possible on the same line?

Question

You have a 512Kbit/s BT ADSL Internet connection, and you would also like to have a 1Mbit/s AOL connection. However, you don't know if a connection to both ISP's can be run simultaneously across a single telephone line, or if it's possible somehow to switch between the two, or if a second telephone line has to be installed, or, for that matter, if the idea of two ADSL connections from the same house is possible at all.

Answer

ADSL (Asymmetric Digital Subscriber Line, aka DSL) is an always-on technology that piggybacks a normal telephone connection by running at a much higher frequency.

Unfortunately, it isn't possible to have two DSL connections running on the same line simultaneously, because a single DSL Internet connection for each line is permanently routed to a specific Internet Service Provider (ISP), so it's not even possible to log off from one broadband ISP and then log on to the other, as you could with a DialUp connection.

It's not even possible to have two DSL connections running in the same bundle of telephone wires under the street, because they would cause interference with each other. So, if you were adamant that you wanted two DSL connections, not only would you have to have a second telephone line installed, you would have to make sure that the installers routed the second line through a different bundle of cables, and that the line came into the house well apart from the first line.

That said, you shouldn't need two DSL connections, because it's possible to connect to AOL over another ISP's Internet connection, and a network of computers can share a DSL connection by using a cheap wired or wireless router that has Ethernet NIC ports, such as the WRT54G router.

Unfortunately, such routers cannot be used with an AOL broadband connection, which connects you to a private network, not to the Internet. As with an AOL DialUp connection, you can only access the Internet once AOL's software is running.

But when AOL's software is running on a computer connected to the AOL DSL modem, you should be able to run an Internet-sharing program, such as Windows' own Internet Connection Sharing (ICS), to allow the other networked computers to access the web. However, the other computers would not be able to use AOL's software in order to access any of AOL's web content.

Worm infection: A "Remote Call Procedure" (RCP) error keeps Windows XP shut down

Problem

You're experiencing a very frustrating problem when connecting a Windows XP Home system to the Internet. The connection is successful to begin with, but after about five minutes an error message appears that says: "Windows must now restart because the Remote Call Procedure was terminated unexpectedly." You've tried unsuccessfully to restore the system by using its Restore CD, and removing and reinstalling your DSL ISP's software achieved nothing.

Solution

The MS-blast or a similar worm has infected your computer.

MS-blast started infecting systems in August 2003. At one time, the worm was so omnipresent that computers were being infected within a few minutes of going online. The infection rate subsequently died down, but there has been a noticeable resurgence of infections since then.

Worms are viruses that travel the Internet seeking out vulnerable computers, which they then infect. So, unless a computer is well protected from them, they can infect it without the user having to do anything other than go online and have the worm locate the connection. Therefore, in order to be protected from them, it's essential to install Microsoft's security updates as soon as they become available.

Unfortunately, the Remote Call Procedure (RCP) error makes the system restart before you can do anything to remove the worm. Here is how to get rid of it. Disconnect your broadband connection and start the computer. Enter services.msc in the Start => Run box and click OK. The Services Control Panel comes up. Select the entry for the RCP service, then right-click on it and click Properties. Open the Recovery tab. There are boxes there with options on what actions can be taken should the service fail. These are set by default to Restart. You must set all three actions to Take No Action.

You had to do that because even after you used the Restore CD to restore the system, the computer was reinfected with the worm, so there's no point in removing it until you've blocked the holes that allow it to keep reinfecting the system. That action will prevent the computer from restarting, thereby enabling you to go online. You must now run Microsoft Update on the Start menu and download all of the security updates for your system that are marked as Critical. It's the Critical updates that fill the gaping security holes that allow worms to invade your system.

There will probably be plenty of them. It's not unusual for brand new systems that have just been delivered to their owners requiring 50MB of updates, which can be painful to download over a dial-up connection. Many users don't update because of this, so a security update CD for the older Windows systems (that Microsoft still supports, namely Windows 98, 98 SE, and ME, for which support ends after 30 June 2006) is set to begin testing early in 2004. Microsoft wants to allow users of older Windows systems with dial-up connections to bring their PCs up to date easily as a major tactic in its long-term strategy to defeat the virus and worm writers.

Windows XP has far too many services running, and these open many of the 65,000+ available ports that are available on such a connection, and it is opened, unprotected ports that worms are programmed to seek out as they travel the web. Of course it's possible in theory to close all of these ports, but it's much too difficult for the average user to do.

If you have a broadband connection you should be using a better firewall than the one that Windows XP uses - its Internet Connection Firewall (ICF).

A broadband router that uses Network Address Translation (NAT) to route Internet traffic to networked computers (with private LAN IP addresses) via a single public Internet IP address, acts as a firewall that provides reasonable protection, because hackers or worms can only locate the router, not the Windows system behind it.

Computer Shopper recommends these software firewalls:

ZoneAlarm - one of the best firewalls - free but a paid-for Pro version is also available.-

http://www.zonelabs.com/

The "Anti-Hacker" firewall from Kaspersky Labs UK site - given five stars by Computer Shopper for passing all the tests with flying colours. - http://www.kaspersky.co.uk/

otherwise http://www.kaspersky.com/buyonline.html?info=967571

With the security updates installed, you should use a special tool designed to remove the worm. Symantec provides free tools to remove many worms plus tutorials on how to remove them here: http://securityresponse.symantec.com/avcenter/tools.list.html

Click the link named W32.Blaster.Worm.

A security alert prevents access to sites on the Internet AND Why can't I access secure websites?

Problem 1: A security alert prevents access to sites on the Internet

Because of a worm infection, I had to format my hard disk drive and reinstall a master image of the system. But when I try to access the Internet with Internet Explorer, a Security Alert notice keeps appearing that says: "The security certificate has expired or is not yet valid. loginnet, passport.com valid from 11/06/03 to 11/06/04." I've tried to activate this certificate, but without success.

Solution

You should always state the versions of Windows and the software involved when asking a question. You didn't provide the versions of Windows and Internet Explorer.

I take it that you are using Windows XP (or perhaps Windows 98).

Your computer probably has the wrong date set. It's a simple matter to correct the date, just open Date and Time in the Control Panel, or click the time shown in the System Tray and correct the date. You can also do it via MS DOS mode in Windows 9x systems. Just enter the word command in the Start => Run box, and enter the word date.

If the problem returns after the computer has been switched off for some time, you will probably have to replace the BIOS battery, which is usually a coin-shaped battery of about 20mm diameter on the motherboard. Take the old battery to any good computer shop to buy a replacement. The following webpage has an article on it on how to remove and replace the battery. -

BIOS (CMOS) battery replacement site - how to replace a BIOS battery - http://www.computerhope.com/issues/ch000239.htm

If it's not the date, then you're probably using an old version of Internet Explorer, such as version 5, which only has 40-bit data encryption. Most secure sites require the use of browser's with 128-bit encryption or they don't allow access. Versions 4.x and 5.x of Netscape Navigator and Internet Explorer have had 128-bit encryption upgrades available for them for some time, and that level of encryption is provided by Internet Explorer 6.0 by default.

To check the level of encryption, open Internet Explorer and click on its Help => About menu item. The second line should say "Cipher Strength: 128-bit".

Problem 2: Why can't I access secure web sites?

A secure site is one that has https:// in the URL of the web address. A standard insecure site just has http:// in its URL. Only a secure site can place the yellow padlock icon on Internet Explorer's bottom taskbar.

Even if the computer's date and time are correct, and the latest 128-bit encryption and the browser's security settings are correct, there is another possible reason for a browser not being able to access secure websites.

1. - Having two active firewalls can be the cause of the problem. A firewall such as ZoneAlarm switches the Windows Firewall off in Windows XP, but the third-party firewall you have installed might not do so. You can check if the Windows Firewall is enabled or disabled by accessing it in the Control Panel. You can check the firewall information under the Security Center that is opened by clicking Start=> All Programs => Accessories => System Tools => Security Center. Also make sure that any antivirus scanner you're using isn't running a firewall of its own.

2. - Enter services.msc in the Start => Run box. For the Cryptomatic Services, make sure that Started appears under the Status column. If not, click on the service to bring up its Properties window. Its Startup type should be Automatic. If not, open the drop-down menu and select that option.

3. - If you don't have it already, download and install the FireFox browser from http://www.mozilla.org/. Try using it to access secure sites. Some secure sites are designed to work only with Internet Explorer, but you should be able to connect to secure sites with Firefox, even if the features of the sites themselves don't function. If Firefox works, the problem lies with Internet Explorer and toy can try the next steps.

4. - Open Internet Options in the Control Panel to bring up the Internet Properties window, or do it from the Tools menu in Internet Explorer. Note that for security reasons Spybot S&D has a setting that disables access to Internet Properties via the Tools menu in IE. It has to be disabled before you can access it that way.

On the General tab under Temporary Internet Files, remove the cookies and the files. Open the Security tab, click on Trusted sites and click on the Default Level button. Open the Content tab and click the Clear SSL State button under Certificates. Doing that clears any temporary files that are corrupt. Open the Advanced tab and scroll down to the Security section. The Use SSL 2.0 and Use SSL 3.0 options should be enabled and make sure that the Check for server certificate revocation option is disable (remove any check mark in the box beside it by clicking on it with your mouse's pointer).

5. - You can run the System File Checker (SFC) that has a graphical user interface in Windows 9x and is still present in Windows XP, but must be run from the command prompt. To run it, enter cmd in the Start => Run box, and then enter sfc /scannow at the command prompt. Click here! to go to more information on this site about the SFC. You have to be careful how you use it.

6. Re-registering certain DLL files can solve the problem. To do this; open the command prompt. Type in the following lines exactly as they appear and press the Enter key after each line. After each entry a message saying DllRegisterServer succeeded should come up. Click OK.

regsvr32 softpub32.dll

regsvr32 wintrust.dll

regsvr32 initpki.dll

regsvr32 dssenh.dll

regsvr32 rsaenh.dll

regsvr32 gpkcsp.dll

regsvr32 sccbase.dll

regsvr32 slbcsp.dll

regsvr32 cryptdlg.dll

7. - A corrupt user profile in the Registry can also be the cause of this problem. If you have more than one User that was set up under User Accounts in the Control Panel, log on as a different user and see if you can access secure sites. If you can, then the problem lies with the user profile that doesn't allow access to secure sites. You can create a new user profile under User Accounts and then follow the information provide in this MS Knowledge Base article to transfer the settings from the old user account to the new one: http://support.microsoft.com/?kbid=811151.

After you have transferred the user settings, you can remove the old user profile. Right-click with the mouse pointer on My Computer, click Properties, followed by the Advanced tab. Click the Settings button under User Profiles. All of the available User Profiles are listed there. Click on the profile that you want to remove, and click the Delete button.

8. - The maximum transfer unit (MTU) value could be set incorrectly, as is explained in the article here: http://www.isaserver.org/tutorials/onlinebanking.html.

If the TCP/IP packet size is too small, a secure server's operating system could be programmed to regard the the information in the packets as malicious, and, if so, would drop them. Then the requesting computer waits for a response until the connection itself is timed-out and dropped.

Apparently, this problem can also be caused by a router, a firewall, or another computer in the path between the affected computer and the server that is blocking ICMP Code 3 Type 4 packets, which prevents the sending computer or firewall from discovering the MTU information.

The solution is simply to increase the MTU value. There is a maximum permissible MTU value, which differs for dial-up and ADSL connections.

The article to which the link is given above, provides a Registry patch for Windows XP and Windows 2000, but not one for Windows 98 and Windows ME.

But there is no need to mess about with the Windows Registry, because many utilities, such as DrTCP from http://www.dslreports.com/drtcp or System Mechanic from http://www.iolo.com/sm, allow the MTU value to be changed very easily from within them.

Just setting the MTU to 1,492 - the maximum allowed for an ADSL connection - has allowed many ADSL users to access secure sites who were previously unable to do so. However, even this value can be optimised to speed up an ADSL connection. See further down this article for information on how that is done.

This peculiarity has resulted because Microsoft-based web servers have departed from Internet standards. The problem usually only occurs when Windows 2000 and Windows XP systems are run behind particular makes of routers and firewalls on a broadband connection. A misconfigured server set to filter out ICMP packets and for Path-MTU-Detection, can also produce the problem, which are likely to be the default parameters on servers running Windows 2000 or Windows Server 2003. The problem can also occur if a utility has been used to tweak the MTU value by making it too large.

The problem with secure sites is not that the starting size of data packets is too small, it happens because they're too large. The oversized packets are split up on the way to the secure server, usually because a router is set to use a lower maximum packet size than Windows wants to use.

The maximum transfer unit is the maximum amount of data that a single TCP/IP packet can contain. For maximum speed of transmission, the ideal is to have it set as large as possible while being small enough to pass through all of the Internet routers along its path without being broken up (fragmented).

Depending on which version is being used, Windows can set the MTU value to 1,500 by default, but many Internet routers use a default value of 1,492, since that is the maximum MTU size allowed by many implementations of the Point-to-Point Protocol over Ethernet (PPPoE) used by many ADSL and some cable providers. Consequently, each 1,500-byte packet is split in two, with the second packet containing only 8 bytes of data - the difference between the two maximum packet sizes. PPPoE uses a lower MTU value because it has to add a few extra bytes of header information to each packet.

The connection should be able to solve the problem itself and set the correct MTU value automatically by using a process called Path-MTU-Discovery. Unfortunately, although Microsoft has set its servers to use Path-MTU-Discovery by default, another part of its programming team chose to set its defaults to filter out the incoming ICMP packets that tell Windows that it is using an MTU value that is too high. This amounts to the server sending out packets with a flag attached to each one saying: "Tell me if this packet is too large," and then ignoring the reply.

To correct this state of affairs, if the broadband provider doesn't use PPPoP, the MTU value use by the router could be increased. Alternatively, the MTU value being used by client computers can be reduced.

The correct MTU value for a connection can be determined for Windows by using the ping command with parameters to prevent fragmentation (-f) and to set the size of the packet (-l).

From a command prompt enter: ping -f -1 1500 allproblems.com

If the reply says something like "Packet needs to be fragmented but DF set", it means that the packet size is too large and that you have to experiment with lower values until the error message no longer appears.

After the largest packet size that can be sent without fragmentation has been determined, add 28 to the value. This is the MTU value to use, because 20 bytes are reserved for the IP header and 8 bytes must be allocated for the ICMP Echo Request header.

But, as already mentioned, there is no need to mess about with the Windows Registry, because many utilities, such as DrTCP from http://www.dslreports.com/drtcp or System Mechanic from http://www.iolo.com/sm, allow the MTU value to be changed very easily from within them.

Optimising an ADSL Connection

If a ping test for an ADSL connection determined 1,492 as the maximum MTU size, calculate a multiple of 48 that is equal to or below 1,492, because ADSL lines in the UK use asynchronous transfer mode (ATM) networks to carry the data between the telephone exchange and the broadband service provider, and these ATM networks use small packet sizes, which have 48 bytes of data plus a header of 5 bytes.

For example, if the maximum MTU is determined to be 1,492, then 1,488 (31X48) is the largest multiple of 48 that is equal or just under it. Subtracting 8 bytes for the PPPoP header gives an MTU size of 1,480, which will give better performance than 1,492.

Note that the built-in PPPoP client for Windows XP already uses an MTU of 1,480, which cannot easily be changed or set manually, and most cable service providers don't use either PPPoP or ATM networks. If so, it is safe to use an MTU value of 1,500 - or the largest MTU value that your router can handle.

Why can't my wireless network work all over my house?

Problem

I installed an 802.11b wireless network consisting of two desktop and two laptop computers in my old Victorian house that has three floors. The wireless 802.11b Wi-Fi router is placed in my first-floor study, which contains the host desktop machine that uses an unproblematic ADSL connection. I wanted to be able to use the laptop computers anywhere in the house, but the signal barely reaches everywhere on the first floor. No signal is available at all on the ground floor, and there are several dead areas in the top floor. Moreover, I can't even use a laptop to connect to the network in the garden. Will I have to forget about using a wireless network and install a wired network instead?

Answer

If your neighbours are also using wireless networks, they could be interfering with each other. Moreover, devices such as cordless phones, closed-circuit cameras, baby monitors, and some microwave ovens operate at 2.4GHz (the frequency used by 802.11b wireless networks and can therefore also be a cause of interference.

Once a wireless router or Access Point experiences interference, it's usually unable to perform properly until it's powered off and powered on again. And it's not uncommon to have to do this regularly.

There are a number of things that you can try to reduce interference. First, find out if one or more of your neighbours have a wireless network. If any of them do, try asking them to turn off their equipment to find out if doing so allows yours to perform properly.

The general range of a wireless router or Access Point is about 30 to 150 metres in a normal residential setting, but it can extend two or three times further than that if there are no obstructions, such as walls or second floors. A survey of the effective range of most 802.11b wireless adapters has suggested that even outdoors with no obstructions between nodes, about 300 meters is the maximum range with the standard adapters and antennas.

However, you have an old Victorian house. They usually have very thick walls that the signal probably can't pass through properly or not at all.

In a standard modern house of one or two floors, changing the location of the wireless router or Access Point can sometimes help by avoiding the interference. Lowering the speed at which the network is operating, is another option worth trying.

The first thing you should do in your Victorian house is perform a site survey, which just involves walking around the house with a laptop equipped with a wireless network adapter that is running a free program called NetStumbler from http://www.netstumbler.com/. It shows you how strong a Wi-Fi signal is at any given position, and therefore enables you to locate dead spots. It can also tell you if there are any other wireless networks in the vicinity.

Wi-Fi networks can operate on any one of thirteen channels. If possible, neighbouring networks should use different channels in order to minimise interference between them. If NetStumbler locates any neighbouring networks it should tell you which channels they're using. Then, all you have to do is visit the applicable neighbours to negotiate which channels you and they should use in order to avoid interference.

The best channels to use are 1, 6, and 11, because they have the least overlap with neighbouring channels.

This isn't applicable in your case, but if anyone is using 802.11g equipment, disable its 802.11b support, which can negatively affect 802.11g performance. Doing that will also prevent any 802.11b networks from interfering with your 802.11g equipment.

802.11b wireless networks operate under two schemes called Frequency Hopping and Direct Sequence. The higher speeds (5.5Mbit/s and 11Mbit/s) use Direct Sequence, which is much more susceptible to interference than Frequency Hopping, which does what it implies - it can change frequencies, but can only operate at a maximum speed of 2.0Mbit/s. However, Frequency Hopping can detect interference on certain channels, which it can therefore avoid by not using those channels.

The most effective solution to the problem of unreliable or non-existent connections in your case is first to extend your wireless network, and then, if necessary, boost the signal from the router.

To extend your network, you would merely add wireless Access Points where required. These connect wirelessly to your router via their own external antennas, which are much more sensitive than the built-in antennas that most laptop computers have. A wireless-equipped laptop can then connect to an Access Point's stronger signal instead of to the router. However, note that not all routers support connecting to an Access Point. Moreover, not all router manufacturers produce Access Points. Since it is best to use wireless equipment made by the same manufacturer, if the make and model of the router that you have doesn't support Access Points, or you have to use one made by another manufacturer, it would be best to buy an 802.11g router made by a manufacturer, such as Linksys, that supports Access Points and makes them.

The so-called pre-N routers (half way between the 802.11g standard and the 802.11n standard that is still in development) use multiple antennas and have features that overcome many of the signal problems that occur with 802.11b and 802.11g equipment. They can only be used with other pre-N equipment that is usually also made by the same manufacturer. Moreover, note that there is no guarantee that pre-N equipment will support the new 802.11n standard that is still under development.

In you case, I would try installing an 802.11b or 802.11g Access Point (802.11g equipment is compatible with 802.11b equipment) on each floor first. But if that isn't good enough, there are several types of antennas that can be purchased that make it possible to boost the signal of your router.

A high-gain antenna can boost wireless coverage on a single floor.

With most wireless routers you can unscrew the antenna and replace it with one that produces a stronger signal.

An omni-directional antenna provides all-round coverage, and a directional antenna aims the signal in a specific direction, such as out into the garden.

Some router manufacturers provide these kinds of signal-boosting antennas, but, if not, generic signal-boosting antennas are made available from sources in the UK such as Maplin Electronics - http://www.maplin.co.uk/.

You can also try building you own antennas. Visit http://www.freeantennas.com/ for information on how to make simple card and foil antennas that slip over a router's existing antenna(s) in order to improve signal coverage. If you enter the word cantenna in a search engine, you should be provided with links to pages containing information on how to make an effective directional antenna from a tin can.

Anyone who is experiencing reliability problems in a modern house should reduce the speed the network is set to run at until, hopefully, it stabilises. Since most users of wireless networks use them in order to share an Internet connection, even the maximum 2.0Mbit/s speed of the Frequency Hopping scheme is more than enough for that purpose, because residential Internet connections are usually only in the lower ranges of 56K (on a 56K V.92 dial-up modem) to 1.5Mbit/s (on a DSL or cable connection).

Always make sure that a router or any other wireless equipment is situated away from other microwave-generating devices, such as a microwave oven.

If you live in Europe, you could try using the faster 802.11g equipment, which, since it uses the same 2.4GHz frequency band, is backward compatible with 802.11b equipment. But there's not much point in buying an 802.11g router or Access Point for use with 802.11b wireless adapter cards.

802.11g isn't perfect; interference in the home can sharply degrade performance. Hence the move to 802.11n, which hasn't been approved as a standard yet, but is supposed to address the interference problems. It provides backward compatibility with 802.11g, and is set to become the new, "perfect" standard. Unfortunately, we probably won't see much of 802.11n until late in 2005 or early in 2006.

If none of those options work, and you reside in the US, you could try using a wireless standard known as 802.11a, which operates at a much higher frequency (the 5.0GHz band). It has a faster rated speed (54.0 Mbit/s), which equals the rated speed of unenhanced 802.11g equipment, but avoids the crowded 2.4GHz band completely. 802.11a is currently quite a bit more expensive than 802.11b, and, because it is not compatible with it, will require the purchase of new equipment.

Remember that if you just want to network three or four computers with wireless equipment on an Ad-Hoc basis, all you need to use are wireless PCI or USB network adapters. An Access Point is only necessary if there are too many computers for an Ad Hoc network, or if you want to improve reception.

Two dial-up disconection problems: Dial-up modem disconnects intermittently AND Dial-up connection gets dropped after a few minutes online

Dial-up modem disconnects intermittently

A newsgroup devoted to modems with excellent people involved is comp.decom.modems.

Here is a typical thread taken from it that addresses a very typical problem with dial-up modems. -

"I posted back a few weeks ago about the frequent disconnects involving my Supra 56K PCI modem. I have since determined that, much to my chagrin, that unit is a "Winmodem", and although it connects at a good speed (up to 52000), there is a software conflict somewhere in my system which causes it to disconnect spontaneously. I have "solved" the problem by rebooting immediately before using the modem, and when I do this, the modem works flawlessly for at least two connections; after that, it disconnects again. Obviously, something happens when I reboot that "clears" something. I have tried to defrag the memory (MemTurbo II), but this does not help without a reboot (the system has 256MB of physical RAM, and there is at least 120MB free when the modem disconnects). I know that some will say to junk the modem; but is there a way to determine what the software conflict is and eliminate it?

"Many thanks,

"Bob

"Don't assume the problem is in the modem. Determine the reason for disconnect first and operate from there. Query the modem in a terminal program [such as the Windows Hyperterminal] immediately after one of these unexpected disconnects occur with [the AT command] at&v1 and look for "Termination cause". That info will be most helpful. I seriously doubt it is any kind of conflict that's causing these but, if it was, that conflict would likely be evident when you checked where all your IRQs are are assigned. The reason I don't think it's a conflict is because a conflict would not be cleared temporarily by a reboot or anything else. You might try something as simple as reducing the max speed the modem can attain. This limits errors which lead to retrains and sometimes disconnects. Something like +ms=,,,,50667 placed in Extra settings [under Modems in the Control Panel] (assuming Win95 through WinME here) should be enough. -

Hooda Gest"

****

Dial-up connection gets dropped after a few minutes online

Problem

Ever since upgrading to Windows XP SP2 my dial-up connection gets dropped after a few minutes online, then disconnects entirely no matter what I'm doing, but it does seem to happen more quickly during large downloads when no browser activity is taking place. Disabling the Windows Firewall eliminates the problem, and I've uninstalled a version of McAfee's firewall that I discovered had some processes running in spite the fact that it was disabled long before the SP2 upgrade. I know that installing a software firewall without removing all of the traces of an existing firewall can cause problems, but, in my experience, these have always resulted in totally dead connections.

Answer

Most dial-up Internet Service Providers (ISPs) monitor web activity - not the content - in order to be able to free idle dial-in points of presence when someone logs in and stays online for hours regardless of whether or not they're actively using the connection. Dial-in points of presence are expensive to setup, and each port can only serve one customer at a time, so it's in an ISP's interests not to allow an idle connection to continue. If the connection is idle for a particular length of time, the server drops it.

Everything depends on what the ISP's monitoring software interprets as activity. For example, a long FTP upload or download may be interpreted as inactivity if the monitoring software is programmed to look for webpage accesses only. If the FTP upload or download exceeds the allowable idle time, the ISP breaks the connection. Periodically, an ISP can also execute a ping command on an IP address to find out a computer is still on the other end. But, if the computer's firewall is set up not to reply to ping requests, the ping won't work, and the ISP's monitoring software breaks the connection.

"Keep alive" or "stay alive" software simulates human activity on a connection to fool the ISP's monitoring software into thinking that the connection is active. There are paid-for and free programs.

Keep It Up - $15 - http://www.geocities.com/pbsftwr/Keepitup.html

Free alternatives can be found by entering a search query such as keepalive + free + utility in a search engine.

The only other way to keep the connection alive is to schedule a ping command to run at regular intervals. It doesn't matter which website you ping. You can use Notepad to enter the ping command, which can take this form: ping www.pcbuyerbeware.co.uk. Just save the command as a .bat file, such as ping.bat. Then all you have to do is use the Windows Task Scheduler to run the command periodically just before you go online. Don't schedule it to run while offline or it will attempt to access the web every few minutes, depending on the period you set for it to run.

A modem with a V.92 Intel chipset runs slowly

Problem

Your computer uses an internal V.92 modem, which has an Intel 536EP chipset. Under Windows XP Home, it used to connect at a relatively fast 50Kbit/s (kilobits per second; 8 bits = 1 byte), but it has suddenly started connecting at only 32Kbit/s. The line has been verified to be working properly, and the modem connects at its former speed of 50Kbit/s when Linux (SuSE Linux Pro 9.0) is the operating system being used. Windows XP has been updated with Service Pack 1 (SP1), and with all of the other security and bug patches made available by Microsoft Update. The modem's maximum speed is set to the maximum of 115,200 under Modems in the Control Panel. You downloaded the latest driver file for the modem from Intel's site, but couldn't install it because when you uninstall the modem, Windows XP just re-detects it and installs its drivers. Any attempt to install the new driver file via the Device Manager brings up an annoying message saying: "The device is already using the best driver available".

Answer

Windows XP is very prone to installing its own drivers for modems with Intel chipsets in preference to the latest downloaded update. The reason for this is most probably because the downloaded Intel driver file doesn't possess a Windows Hardware Quality Labs (WHQL) digital signature. Windows will always install the qualified, signed drivers instead of a file that has no such signature.

You have to follow the instructions made available on the modem manufacturer's website (Intel does not manufacture modems, only the chipsets for modems). Some modem drivers are installed via their own setup program, and others have to have the driver files unpacked to a destination folder, and then have to be installed from it.

To force the issue, open the Device Manager by right-click on My Computer, click Properties and then the Hardware tab. Select the entry for the modem as shown in the image below, and click Update Driver...

By the way, the Scan for hardware changes option (shown in the image above) can make Windows XP install the modem, which, if it is an external modem, might not have been loaded at start-up if it was switched off before Windows was shut down. This is because Windows stores the hardware configuration that existed just before shutdown, and it loads the same devices at start-up. The modem will therefore not be on the list of start-up devices, and this option makes Windows detect and install it.

Windows XP does its utmost to persuade you that its choice of driver files is the only safe choice, so you have to choose the next option that reads: Install from a list or specific location. Select the option: Don't search. I will choose the driver to install. Next, click the Have Disk button, and then use the Browse... option to find the folder containing the downloaded driver file, or the folder containing its unpacked files. Of course, true to form, Windows warns you that it has already installed the best driver for the modem, so you have to confirm that you want to install the update.

If the new drivers don't fix the problem, then, it's as I suspected, not really a problem at all. 56K modems are at the limit of how much data can be sent down a standard telephone line without using the much faster ADSL technology, and the speed of the connection depends on the quality of the line. Many V.92 and V.90 modems start off by using a higher speed (really a frequency not a speed) than the line supports. They then fall back to a slower supported standard. Therefore, the initial connection speed reported by Windows is not usually the speed at which the modem is receiving data. Some 56K modems, such as the ones made by US Robotics, allow the use of the ATI11 command to be used to report the final speed of the connection session prior to a disconnection, otherwise it is very difficult to determine what the connection speed is during a session.

To establish a connection in about half the usual time that is the case with V.90 and earlier standards, V.92 modems remember the connection speed used in the previous connection, and use it instead of going through the lengthy handshaking process of negotiating a connection speed with the modem at the other end of the line. In the case of your modem that would be 32Kbit/s. However, once connected, the modem tests the quality of the line, and increases the speed of the connection if the condition of the line allows it.

It's possible to disable this Quick Connect feature. You can do that by adding the command +PQC=3 in the Extra settings box, under Control Panel => Modems => Properties => Connection tab => Advanced button).

To get an idea of the modem's actual download speed, download a large compressed file, such as a Zip file, from a fast server, which would preferably be your own ISP's server. It has to be a compressed file or the modem will have to compress it and doing so will distort the download speed.

File download speeds are reported in bytes, which are made up of 8 bits. The transmission adds approximately 10% overhead, therefore multiplying the file transfer speed - that is given in kilobytes per second (KB/s) - by nine will give an indication of what the real download speed is in kilobits per second (Kbit/s).

In your case, you can experiment by downloading the same files under Linux and Windows. That way, you'll be able to determine if there really is a different download speed between the two operating systems.

Note that while its download speeds are significantly faster than a 33.6K modem, even a V.92 modem would only have a slightly faster upload speed than a 33.6K modem on the same line.

Various problems with Outlook Express

Note that if your problem is not addressed here, Inside Outlook Express at http://www.tomsterdam.com is an excellent source of information and help for problems with Outlook Express.

Click Articles Relevant to the Internet Explorer Browser & Outlook Express to go to the list of Microsoft Knowledge Base articles on this site.

Problem 1: How to recover lost Outlook Express DBX files

Problem

I lost my entire Inbox in Outlook Express that had 600+ folders. I've tried to use DBXtract, a $5 shareware program, to recover them. DBXtract is designed to extract e-mail from Outlook Express database files (.dbx files) that are not corrupt, and save them as .eml (e-mail) files. It can also recover deleted messages. It can circumvent my problem by transferring e-mail out of the troublesome DBX format. It can also be used to recover e-mail from corrupted .dbx files. I recovered some of the files with it, but the unrecovered files give me an "extracted" comment, but nothing is transferred. Is there any other way to recover my e-mails?

Answer

The Inbox in Outlook Express (OE) is an .dbx file called Inbox.dbx.

There are other measures that you can take to recover corrupt .dbx files.

Compacting OE folders might fix mildly corrupted .dbx files, or it may cause more damage to such files that are more severely corrupted. Therefore, you must make backup copies of the files, and then compact the OE folders to see if doing so solves the problem.

Next, find the folder that holds all of the .dbx files, and make copies of all them into a second folder.

You can locate the files from any open folder in Windows. Choose Folder Options from the Tools menu, and click on the View tab. Under Hidden files and folders, enable the Show hidden files and folders radio button with the mouse, then click OK. Run a Search from the Start menu and look for files with the filename *.dbx, which looks for all files with the .dbx extension. After you have have found them, right-click on one of the .dbx files and choose Open Containing Folder from the menu that comes up.

Now that you have backup copies of the .dbx files, you can try compacting the ones that Outlook Express accesses.

To compact your folders, choose Options in the Tools menu in OE. Choose the Maintenance tab, and click the Clean Up Now button. Click the Compact button. When that is done, click Close, and then OK, and have a look to find out if all the e-mail is in the Inbox. If doing that doesn't work, return the copies to the original folder to replace the compacted originals.

You can try buying one of the many repair and recovery programs designed to work with OE, many of which have free trial periods.

Here are some of their names: OutlookEX Recovery, R-Mail for Outlook Express, DiskInternals Outlook Express Repair, Repair Tool for Outlook Express, Easy Outlook Express Repair, OE-Mail Recovery, SoftAmbulance 4 Outlook Express, Accurate Outlook Express Mail Expert, Recovery Toolbox for Outlook Express.

To find download locations, enter each name, enclosed in double quotation marks, in a search engine.

You can also use a search engine to find other programs by using a search query, such as, outlook express recovery tool. You can try using the words utility or program instead of tool.

Problem 2: How to force Windows XP to make Outlook Express the default e-mail program

Problem

On a Windows XP Home system, Outlook was originally listed as the default e-mail program under Internet Properties => Programs. The computer came with Outlook Express (OE) installed, but for some unknown reason its name never appeared in the list. The listing for Outlook disappeared when the user tried to make OE appear on the list. All the same, when the user tried to e-mail from within application programs, they wanted to use Outlook. The user wants to know how to make Windows XP recognise OE as the default e-mail program (client).

Answer

If downloading the latest version of OE from http://support.microsoft.com/, uninstalling Outlook and OE via Add or Remove Programs in the Control Panel, deleting the remaining folders for both programs via Windows Explorer, and then installing the download of OE doesn't do the trick, then there is probably a problem with its registration.

Try this solution. Click Start => Run. In the Open box, type in the following entry exactly as it is shown: "C:\Program Files\Outlook Express\MSIMN.EXE" /REG

MSIMN.EXE is the executable file for OE. Clicking on it runs OE.

Click OK. You may have to restart the system for the change to be registered. Open Internet Properties, click on the Programs tab, and select OE (from the drop-down box) as the default e-mail client.

If it's still not possible to e-mail from within application programs, there is probably a problem with the Messaging Application Programming Interface (MAPI), which is what allows e-mails to be sent from within programs such as MS Word.

Each program that can send e-mails may have installed its own version of the MAPI files, and these could be preventing other programs from accessing OE. Microsoft has a fix for this problem aptly called Fixmapi. To run it, use XP's Search facility to find a file in the Windows\System32 folder called Mapi32.dll. Rename this file Mapi32.old by right- clicking on it and using the Rename option.

This file might be set to Read-only. If so, you'll have to remove that attribute in order to rename the file by right-clicking on it, clicking Properties, removing the checkmark in the Read-only box, and then clicking Apply and OK.

To run the fix, open Start => Run and type in Fixmapi, and click OK.

MAPI file conflicts can sometimes be the cause of other problems. If running Fixmapi doesn't work, visit article 228457, called Description of the Fixmapi.exe Tool Included with Internet Explorer 5, by clicking http://support.microsoft.com/?id=228457.

Problem 3: E-mail messages sent and received by Outlook Express appear as attachments

Problem

When I send and receive e-mail messages using MS Outlook Express 6.0 SP1, they appear as attachments that I have to open to read. To protect against viruses, I prefer having the option set that blocks attachments from being opened, so how can I get Outlook Express back to normal?

Answer

Try changing the encoding method that is in use. Make sure that the Western Europe (ISO) setting is being used. There are three areas in Outlook Express to check that this is the case: Tools => Options => Read => Fonts and Tools => Options => Read => International Settings and Tools => Options => Send => International Settings.

You should also check in Format => Encoding when creating new messages. Those options are available in the window in which the new message appears.

Problem 4: The mail servers for Outlook Express accounts appear as localhost accounts

Problem

Having entered the correct information, every time a user switches off a computer, the incoming and outgoing mail servers for each account set up (under Tools => Accounts) in Outlook Express gets switched from the mail server address to the localhost setting. Why?

Answer

This problem is almost certainly caused by scanning or filtering software that the user has installed prior to its occurrence.

Many antivirus and spam-filtering programs use a mail proxy server that runs on the host computer. The localhost address is used by its networking software to refer to the system on which it is installed. Such a proxy server reads the incoming mail settings under Tools => Accounts in Outlook Express, and replaces them with the localhost setting.

Then, when OE checks for new mail, the request is sent to localhost, which alerts the proxy server to intercept the request and pass it on to the real incoming mail server. It can then filter the incoming mail, scanning for viruses or removing spam, depending on what type of program it is serving, before passing the messages on to OE.

The process works well enough most of the time, but can become problematic if more than one program is making use of such proxy servers. For example, if the user is running both an antivirus program and a spam-filtering program, to overcome any problems, one of the proxies should be set to operate on a non-standard port such as port 8110 instead of the standard 110 port used for Post Office Protocol 3 (POP3) mail. Changing the port setting can be done easily from within one of the programs.

Note that not all such programs make use of proxy servers to intercept mail. For example, Norton Antivirus 2003 (and all later versions) makes use of a low-level software driver to intercept the messages that pass between OE and the mail server(s). In this case, no localhost setting would appear in OE.

Problem 5: E-mails (emails) keep connecting to the Internet

Problem

I am using Windows XP, Outlook Express XP, and a dial-up connection. I download e-mails from my ISP's e-mail server for reading offline, but some of them attempt to dial out to the Internet as soon as I highlight them. Is there any way to prevent this from happening?

Answer

Believe it or not, this isn't only annoying, allowing it to happen can be expensive, dangerous, or both .

All users of a dial-up connection should make sure that the Internet Options are not set to dial out automatically, because not only e-mails seek to do dial out on their own. Many programs, such as virus scanners, are set by default to obtain updates. For example, Norton AntiVirus has its default updater scheduled to run every five minutes. It checks if there is an active Internet connection before it attempts to connect to its update server. It doesn't dial out itself, but if a connection is already active it checks for updates every five minutes, and therefore will keep the connection alive because most Internet Service Providers (ISPs) wait for longer than that before they disconnect due to inactivity. In the UK, there are reports of users being sent huge telephone bills because their computers have been online without their knowledge. This is not the case in most of the USA, because local calls are free.

You can access Internet Options via the Control Panel or under the Tools menu within Internet Explorer. Under the Connections tab there are three options: 1. - Never dial a connection 2. - Dial whenever a network connection is not present 3. - Always dial my default connection.

If you select the first option, your browser won't dial up a connection automatically. You have to enter a web address (URL) in its address bar, or in the Start => Run box, or click on a link on a web page or in an e-mail message before the dial-up window appears. If you have either of the other two options enabled, Windows attempts to dial out every time Internet Explorer, or your default browser, is opened to run. The Dial-up Connection window that comes up when the first option is selected has a Connect to box that contains your ISPs, which can be selected from the drop-down menu, and boxes for the User name and Password that have to be used to connect to the selected ISP. It also has two check boxes described as Save password and Connect automatically. No program or e-mail message will be able to dial out automatically if either or both of those boxes are not checked, because the Dial-up Connection window has to present itself so that you can enter the missing information. Therefore, you can have options 1. or 2. enabled as long as the Connect automatically check box isn't enabled. I always have both of those check boxes in the window unchecked so that I always have to enter a password and click the Connect button to establish a connection.

Spammers send e-mails that contain HTML code that make Outlook Express fetch images from a network server. It's possible to make an image invisible and only one screen pixel in size. If such an image is downloaded to arrive in an e-mail message, it informs the server belonging to the originator of the message that it has been opened. That confirms that your e-mail address is valid, and the originator of the message can then sell it as a proven address. As a result you'll receive more spam. You only noticed the attempt to connect to the originator of the message's server because you were reading the messages offline. Most people who read their messages online won't notice that anything amiss is occurring.

You shouldn't use an e-mail program that allows an e-mail mesage to connect with a remote server without asking for permission to do so, because if the e-mail program can run a scripted computer language such as JavaScript it can download Trojan files and spyware that can send information from the computer to its home server.

Spybot Search & Destroy and other programs such as Winpatrol and Winpatrol Pro, can be set to monitor the system in order to prevent known bad webpages from running, alerting the user if any program, such as a Trojan or spyware, attempts to make changes to the Windows Registry. You can choose to allow the change or prevent it.

Until recently, the versions of Outlook and Outlook Express never asked for permission to download images, which made it difficult to delete spam online before it contacted its web server. However, fortunately, there are programs, such as MailWasher that allow you to preview e-mail and delete it before it is downloaded. Web-based e-mail accounts, such as Yahoo! Mail, can allow that to be done online, can mark e-mail as spam, allow its deletion, and/or transfer it to a Trash folder for deletion.

Microsoft has added the ability to prevent images being downloaded by Outlook 2003 and the version of Outlook Express that comes with Windows XP SP2. If an e-mail message attempts to download an image file, a message comes up saying: "To help protect your privacy, Outlook Express prevented automatic download of some pictures in this message." You can click a button to display the image(s) or add the sender to a safe list. If a sender is on the safe list the warning message doesn't come up, and the images are all downloaded.

Users of earlier versions of Outlook Express than the above-named version should make sure that all of the relevant updates for their version of Windows are installed by running Microsoft Update. The users of earlier versions of Outlook should download the latest updates from:

http://office.microsoft.com/en-us/officeupdate/default.aspx

The security updates have removed the ability the earlier versions of those e-mail programs have to run script-language code and ActiveX controls, but they haven't done much to block the downloading of image files.

If your computer uses Windows XP, you should install the SP2 upgrade, which installs many essential security patches and updates. It's a large download, so if you're using a dial-up connection, or aren't connected to the Internet, you can order a free CD from http://support.microsoft.com/.

If you're using an an earlier version of Windows than Windows XP, instead of using Outlook Express as you e-mail client, you should be using the free Mozilla Thunderbird e-mail program from http://www.mozilla.org/.

I don't want to use Internet Explorer but I can't get rid of it

Problem

Recently I downloaded and installed Mozilla's Firefox Internet browser on a computer running Windows XP Home Edition updated to SP2 that I bought at the beginning of 2005. I use a broadband Internet connection. I wanted to use it as the default browser and remove Internet Explorer 6 because of its never-ending security updates that have a Critical rating. However, it isn't even listed under Add or Remove Programs in the Control Panel, and if I delete the program's iexplore. exe file from the Program Files => Internet Explorer folder, it just restores itself. My question: how can I remove IE6, or is there a way to disable it so that it can't be used by anyone else or succumb to viruses, etc?

Answer

You shouldn't try to remove Internet Explorer from any version of Windows since Windows 98 because it is an integrated part of it and because many parts of Windows use Internet Explorer's files. Even when you try to rename the iexplore.exe file, Windows changes it back to its original name.

There are instructions for removing IE and programs that can do it for you that be found on the web, but it's not advisable to remove it because many website require IE to work, including Microsoft Update.

However, fortunately, if you have a broadband connection, there is a way of only allowing certain sites to use IE. Open Internet Options from Internet Explorer's Tools menu, or via the Control Panel. Follow this clicking path: Connections (tab) => LAN Settings (button). Under the Proxy server heading, there is a check box there with this description beside it: Use a proxy server for your LAN (These settings will not apply to a dial-up or VPN connection. You have a broadband connection and you aren't using a Virtual Private Network (VPN), so you can place a check mark in it with your mouse. Enter a fake name in the Address box, such as Notaproxy, and leave the other boxes empty. Next, click on the Advanced button and enter *.microsoft.com under Exceptions. Doing that will allow you to use Microsoft's Windows Update. But for all websites not included in the list, IE will look for the proxy server from which to obtain them, but since it doesn't exist IE won't be able to go any further, and, for all intents and purposes, is disabled.

For your information, a proxy server (a computer used as a gateway to the Internet) is often used on a shared Internet connection to store copies of web pages locally. If set to do so, IE asks the proxy server for any web pages that are requested instead of looking up the IP address on a domain name server (DNS) and then visiting them. If it is the first request for that particular page, the proxy server goes to a domain name server for the site's IP address (e.g., 195.101.94.150) and then locates it and brings it to IE from the web. If the page has previously been accessed by the other people that share the connection, the proxy server can visit the site and read the information there that tells it whether or not the page has been changed since it was downloaded. If the page hasn't been changed, it serves up the copy it has saved instead of downloading it again.

Proxy server problem: The 127.0.0.1 localhost address keeps coming up and blocking the download of an update from a particular site

Problem

My PC runs Windows XP Home SP2. When I attempt to download an update from a particular site, the localhost address 127.0.0.1 appears at the beginning of the download, blocking it and producing this error message: "A connection with the server could not be established". I removed that address in Internet Options in the Control Panel. I also enabled Automatically detect settings under the Connections tab => Settings for my service provider, but the accursed 127.0.0.1 address continues to appear when I attempt to download the update. GhostSurf may have caused the problem, because when I removed it, my Home page was cleared from Internet Options. Is there any way around this problem?

Answer

GhostSurf may have been responsible, but not necessarily so, because spyware is more likely to be the cause.

The nub of the problem revolves around the fact that Windows wants to access that particular site via a proxy server that is running on your PC. The 127.0.0.1 localhost address refers to your PC, not to an address on the web. Your experience can occur if a PC has been running through a proxy server, which was removed, but the browser, such as Internet Explorer, is still expecting to find and run through it. It can't, so it won't be able to make connections.

Proxy servers running on the local system can be used to good effect to filter websites, provide parental controls, block adverts and spyware, but spyware can also set them up on a PC and use them to monitor what the user is doing and even add adverts to the web pages of other websites.

GhostSurf is a program that makes use of a proxy server to protect your anonymity online by sending all of your requests to access web pages through a proxy server that is located on a remote host. You enter a site's address into the browser, the request is sent to the proxy server, which accesses the page and forwards it to your computer's browser. As far as the accessed site is concerned, only the proxy server requested access to the site. When you removed GhostSurf, you would have had to remove the 127.0.0.1 localhost entry from Internet Options, which you say has been done.

For your information, if a program that makes use of a proxy server is removed without removing the references to it in the Windows Registry or in Internet Options, all web access (apart from any excepted sites under Connections => Settings => Proxy server => Advanced => Exceptions for a particular Internet service provider) will be blocked. Removing a proxy server that has been installed by spyware might leave those settings in place.

To check proxy-server settings in Internet Explorer, look under Connections => Settings and Connections => LAN Settings. For the Firefox browser, look under Tools => Options => General tab => Connection Settings.

Checking the HOSTS file

You should check your computer's HOSTS file for incorrect entries.

All of the versions of Windows have a hosts file that doesn't have an extension. You can find it just by entering hosts in Search/Find. In Windows XP and Windows 2000 it is usually here: C:\Windows\System32\Drivers\etc. In Windows 95/98 and Windows Me, it is usually in the C:\Windows folder. Windows won't know which program to use to open it, because the file has no extension, so, when the window comes up asking you to choose a program with which to open it, choose Notepad. Note that when you save the file after editing it, you must make sure that Notepad doesn't add a .txt extension to the file, because it must not have an extension.

The hosts file may not be present at all, and, if it is present, it usually only contains the following explanation of its function:

# Copyright (c) 1993-1999 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

In short, it is a file that can contain a list of web server addresses (rhino.acme.com) and their corresponding IP addresses (102.54.94.97). If any site's address and IP adress appears in the list, Windows uses that information instead of going to a DNS server on the web for it. If the information is incorrect, the browser won't be able to access the site, because it will be just like entering the wrong information into the browser. Some spyware removal tools add the web addresses of blacklisted sites to the hosts file and give them the 127.0.0.1 localhost address so that they are blocked. However, Spybot S&D adds blacklisted sites to Restricted sites under Internet Options => Security tab.

As you might have guessed, some spyware and viruses add the information for virus and spyware scanners to the the hosts file incorrectly so that they can't download updates or access their home sites. Moreover, if malware that can insert information in the hosts file can be installed in a system, it can also take the user to faked sites instead of to the real ones. If you provide user names and passwords to a fake site, you are almost certainly handing it over to criminals that are intent on stealing from you.

You should therefore install and run software that is capable of detecting and warning you of changes made to the hosts file. Microsoft's Windows Defender, and WinPatrol are two such programs.

Is there any way of using two PCs with one monitor, keyboard, and mouse without using a KVM switch?

Using Remote Desktop in Windows XP Professional

Problem

I intend to buy a new computer base unit. I want to run the new computer and my existing computer from the same monitor, keyboard, and mouse. I know that a KVM switch would allow me to use two or more computers so that when necessary I can switch between PCs from one set of controls, but I can only use the speakers with one computer, my ADSL modem can only be plugged into one computer, and the same applies to the scanner and printer. Is there a fairly easy way that I can link the two computers so that I don't have to keep replugging the printer speakers, etc.

Answer

The simplest way would be to buy a router and network the computers. If one of them is running Windows XP Professional Edition, you can really simplify matters by using its Remote Desktop feature. As for the speakers, try using headphones on one of the computers when you're running outside Remote Desktop.

Wired routers are easy to setup. The only thing that might be problematic, depending on your service provider, is setting the router up to connect to the WAN (web). If you have to enter a user name/password, you'll have to log in to the router and configure it. However, if your ADSL connection is simply always on and does not require any kind of sign on action then you simply have to attach the WAN side of the router to the modem and then attach the two computers to the LAN side of the router, power the router up, boot the machines, and you should be up and running. Run the Network Setup Wizard in the Control Panel, or enable and configure File and Printer Sharing manually from Network Connections for the network adapter on each machine, and then you'll have a peer-to-peer network. Share the printer so you don't have to swap cables and if you have Windows XP Pro, enable Remote Desktop.

Remote Desktop is not available in Windows XP Home Edition. It allows you to log in to another computer - even one with Windows XP Home installed on it, so you only need to have one PC with Windows XP Pro installed on it in order to use the feature. I have worked with four networked computers, including a laptop, and I seldom had to use the keyboards on the other three. I didn't even open the laptop, even though it was in use. The setup used dual monitors so that both remote desktops were displayed simultaneously on full screens.

You would only need a KVM switch when you have to do something such as an installation or repair installation during which you would have to interact with the system with Windows down. With a LAN network, you shouldn't have to worry about reconnecting the scanner, because you can scan on one system, save the file, and then access it from the other system.

You can use Remote Desktop for whatever maintenance you need to run on the workstations on a network. By making one of the workstations the Remote Desktop host and the Windows XP Pro computer the client, only a copy of what would normally be on the host computer's screen will come through to the client computer. All of the opening and running of files/programs and any malware that might be activated will be contained entirely within the host system. Using Remote Desktop is therefore a very safe way of accessing and working on another computer.

Using Remote Desktop - http://www.microsoft.com/windowsxp/pro/using/howto/gomobile/remotedesktop/default.asp

XP Professional's "Remote Control" Option - http://informationweek.com/story/IWK20030221S0012

How To Ensure Remote-Control Security With XP - http://www.informationweek.com/showArticle.jhtml;?articleID=164300008

How can I remove the Apropos virus/spyware from my PC?

Problem

Avast AntiVirus has detected a virus called Apropos, but it cannot remove it. I have done some Googling of the name and it seems as if most other antivirus programs also can't remove it. Is there a way to get rid of it, or do I have to save my files, reformat the drive and reinstall Windows XP to get rid of the infection?

Answer

Spyware.Apropos is the name of adware that is associated with a company called ContextPlus and is installed with certain advert-supported programs, including one called PeopleOnPage.

Apropos is extremely difficult to remove because it uses a Rootkit technology that hides files from Windows, randomly generated file and folder names, and also polymorphic executable files (the files that install or run a program). A polymorphic file can change its form every time it is installed so that each installation is different from any other installation of its contents in order to escape detection by virus scanners that look for certain definite characteristics in a file that mark it as a virus or spyware.

Removal tools are available. You can try using this one on Symantec's site: Spyware.Apropos - removal tool -

http://www.symantec.com/avcenter/venc/data/spyware.apropos.html

But, because of the difficulty in detecting all of the polymorphic components, it is best to remove them manually.

In order to do this, you must start the PC in Safe Mode because that is the only way to prevent the Rootkit from running. You can do that by pressing the F8 key repeatedly after startup and before Windows XP starts to load. The boot menu with several boot options, including Safe Mode should present itself. Safe Mode can take quite a long time to load, so be patient.

Next, enter regedit in the Start => Run box to open the Registry Editor. You can use Edit => Find to search for Registry keys that contain the word ContextPlus, or look for suspicious files under HKEY_LOCAL_MACHINE => SOFTWARE. A key with a randomly generated name such as C5xgoA27gVp5 is what you should look for.

When you open the key, it will contain the paths to the file components on your computer. For example, for the entry called DrivePath in the right windows pane, you might see an entry such as C:Windows\System32\drivers\silkdump9.sys. It will also contain web addresses that contain contextplus.

Make a note of all of the paths to the files referred to, and then delete the whole key by right clicking on its reference in the left window pane.

Next, obtain the program called HighjackThis! from http://free.antivirus.com/hijackthis/, run it and use it to remove all of the entries relating to the files and folders that appeared in the Registry key.

There will have been an entry such as C:\Program Files\Inttpage\infgrcoi.exe. Search the Registry as you did initially for entries that refer to the Program Files subfolder name, which is Inttpage in the example. Doing that should identify Class id strings and other entries created by the malware. Then run spyware scanners such as Microsoft's Security Essentials, Malwarebytes and Spybot S&D to remove anything that might be left over.

How can I limit the bandwidth used by a computer sharing a wired Internet connection?

Problem

I have a router and ADSL modem in one unit, with three computers wired up to three of the four Ethernet ports it provides. One of the users uses her computer for downloading all kinds of files and is connected via a webcam to all of her friends. This chews up a lot of the available bandwidth, making ordinary web access from the other two computers slow down. As the network administrator (her father) is there any way I can limit her bandwidth? The computers all use Windows XP Home edition.

Answer

Sharing network bandwidth between several computers means that it has to be done from the ADSL router being used. You can't do it via Windows XP. Routers - for business and home use - are available that allow bandwidth to be limited. The feature required has several names, such as Quality of Service (QoS), bandwidth throttling, and bandwidth limiting.

Since Linksys was taken over by Cisco Systems, it has been introducing features into its inexpensive routers, such as QoS, that used to be found only on high-end routers. You must buy a router that has this feature. The Linksys BEFSR81 router has it and was priced at only around £62 in March 2005.

You could buy one of these routers to replace your ADSL modem router, or keep your existing setup and plug the new router into one of the ports on the old modem router.

All routers have the option to set a password to log on to its web-based setup program. You don't have to use special software to prevent someone from changing the settings. Your daughter won't be able to change the them if she doesn't know what the password is.

Then, all you have to do is read the user router's manual to find out how to use QoS.

Alternatively, there is a way to do it using the Linux operating system. If you have an old computer, install a distribution of Linux on it. You can download all of the main distributions of Linux free from the distribution's site, or purchase the retail product that comes with technical support and user manuals. Most of the major distributions of Linux come with a program called Squid that allows shared bandwidth to be limited. All you have to do is find out if the distribution you have in mind provides it. You won't go wrong if you use SuSE Linux Pro 9.2.

You would have to install two PCI network cards in the computer. You would use suitable network cables to connect one of them to the ADSL modem router and the other to a hub or switch that networks all of the computers. I would use an inexpensive switch that can be purchased for around £20 from most retail and online computer dealers - and from Amazon.com/Amazon.co.uk.

SMART enabled in the BIOS can cause reboots or crashes on a networked computer

Enabling the SMART diagnostic program in the BIOS may cause spontaneous reboots in networked computers. Apparently SMART may be sending packets of data through the network even though there is nothing monitoring those data packets. Try disabling the HDD SMART Capability setting in the BIOS if reboots or crashes occur while you are on a network.

Problems with the Norton Internet Security suite

Problem

I have a new computer running Windows XP Home edition on which I was running a particular virus scanner on trial, but, in order to achieve better protection, I was advised by some pillock to install the Norton Internet Security suite (NIS). I installed it not realising that I had to remove the existing virus scanner first. Neither Norton AntiVirus nor the original virus scanner was working, so I removed NIS and the original virus scanner, and then reinstalled the original scanner. After the trial period ended, I removed it. When I checked the system files in Windows Explorer, I discovered that there were still some files remaining in the folders that were used by NIS and the virus scanner. I deleted them. I want to reinstall NIS as a whole, or just Norton AntiVirus, and I also have to install Windows XP SP2 that I have on the cover CD from a computer magazine. SP2 provides a new firewall that the booklet that comes with NIS says should not be run with NIS. If I install SP2 first, how do I uninstall its firewall?

[Note that since this was written, SP3 has been made available. It is the last service pack for Windows XP.]

Answer

For your information, Norton AntiVirus, sold alone and as part of the Norton Internet Security suite, is no longer the best anti-virus program on the market. It's virus protection is reviewed by most sources as being merely adequate, providing about the same level of protection as the Grisoft's AVG Anti-Virus Free Edition. Superior products are F-Secure Anti-Virus, McAfee AntiVirus and Steganos AntiVirus.

Although NIS works properly on many systems, there are many reports on the web about it blocking Internet access and ending up in a half-installed and half-uninstalled state when a user uninstalls it. McAfee AntiVirus, even though its performance is usually very well reviewed, is just as difficult to remove completely.

Unfortunately, being the least important in the order of rank, the uninstallation program of many applications and utilities are badly programmed and leave remnants that can cause problems. NIS has added a feature that makes the removal of a corrupt installation more difficult than is usual. The Parental Controls feature won't allow NIS to be uninstalled unless the user logs on as the supervisor and activates permission to do so. If the user can't log on as the supervisor there is no apparent way of uninstalling it.

Symantec, the creator of NIS, provides manual removal instructions in the Support area of its website, but if NIS is blocking Internet access, the only way to obtain the instructions is to make use of another computer connected to the web.

Fortunately, there is a way of resolving the problem. Just rename the NIS folder by using Windows Explorer. The default location of the folder is under Program Files. Just right click on the folder, click on Rename, and enter a new name for the folder. Then rename the names if the NIS executable program (.exe) files within the folder. Now you should be able to use Add/Remove Programs in the Control Panel (in Windows 9.x and XP) to uninstall NIS. The entries in the Windows Registry will be removed, but, since they've been renamed), error messages will come up when the uninstallation program tries to remove the NIS files and its folder. Just click to ignore each of the messages. When NIS has been uninstalled, delete the NIS folder that you renamed.

It is strongly recommended that any firewall, Internet security (spyware removal tools) and anti-virus programs should be removed before upgrading a Windows XP system to SP2.

[Note that since this was written, SP3 has been made available. It is the last service pack for Windows XP.]

The user should then check the manufacturer's site to find out if the program is compatible with SP2. If a security program or utility has been declared compatible with SP2, the user can decide whether to reinstall it. Just remember that SP2 installs the new Windows Firewall, and a system should never have more than one firewall or virus scanner installed. Moreover, remember never to connect to the Internet until you have recommended security programs loaded and running, because a worm can invade a system without any action being taken by the user other than logging on to the web without virus and firewall protection.

How to remove the Windows [SP2] Firewall

Although the new Windows [XP SP2] Firewall is better than the first version - Microsoft's Internet Connection Firewall (ICF) - it is still not as good as many free third-party firewalls, such as the free version of ZoneAlarm, and it is definitely not as good as most of the paid-for firewalls.

To make use of a third-party firewall means having to disable the Windows Firewall. To do this, open the Control Panel and click on Network Connections. Right-click on any of the connection icons and click Properties on the menu that presents itself. In the Properties window, click on the Advanced tab, and then click on the Windows Firewall Settings button. A window should present itself that has the option to disable the firewall.

At present (February 2005), Windows doesn't come with anti-virus protection, so you are strongly advised to use one of the scanners I named. The free version 7 of AVG Anti-Virus is set by default to check the web for updates as soon as the user logs on. It also has an e-mail scanner that is set by default to check incoming e-mail from any e-mail program that starts running while online.

How can I add extra wired (Ethernet) ports to my wireless router?

Question

I need some extra wired Ethernet ports on my wireless router. Is there any way that I can add extra ports to it?

Answer

You just have to add a a network switch. Five-port and eight-port Gigabit Ethernet switches can be purchased inexpensively. You need a crossover Ethernet cable to connect it to your wireless router. Unplug one of the computers or devices that is connected to an Ethernet port on the router and then use the cable to connect the router to the switch. Now you have the extra ports that any devices you want to connect to the network can be plugged into.

You must have a Gigabit Ethernet router if you want gigabit connection speeds of 1000Mbit/s, otherwise the switch will connect to the router at the slower 100Mbit/s.

You should plug all of your Gigabit devices into the new switch in order to make use of the fastest data transfer rates.

How can I add an external hard disk drive or network storage device to my wireless network in order to record television programmes to it from my laptop?

Questions

I access a broadband connection wirelessly using a Dell Inspiron 6400 laptop PC and a Netgear DG834PN wireless ADSL modem router. I want to add a large external hard disk drive or network storage device in order to be able to record television programmes using a USB TV tuner from the laptop. I would prefer the whole system to be wireless, but I wouldn't mind too much having a cable connection between the laptop and the television. The Western Digital 500GB My Book looks good, but it isn't wireless, so would it be possible to attach a network adapter to it or connect it directly to the Netgear router? I know that I could also use a network storage device, but I don't really need all of the features that they provide. I also need a USB TV tuner for the laptop. Can a TV tuner be configured to make the computer wake up from hibernation to record a TV programme and then go back into hibernation after the recording?

Answers

Some routers can be connected directly to an external hard disk drive via a USB cable, but this is not the case with the Netgear DG834PN. Therefore, you have two choices to add storage to your network - use a network storage device, or use a standard external hard disk drive with a network storage adapter.

The Western Digital My Book external hard drive can be connected to your network using a network storage adapter, which connects to the drive via a USB cable and to the network either wirelessly or by using a standard Ethernet connection. There are suitable network storage adapters made by both D-Link and SMC, but not currently for sale in the UK for a reasonable price. If you can find a suitably-priced network storage adapter, buy one, otherwise use a network storage device, which is primarily designed for sharing files on a network.

The Maxtor Shared Storage II 1TB provides a terabyte (1000GB) of storage, it works with any computer running Windows XP/Vista without special drivers, and it has a UPnP media server, which would allow you to have a network video player under your television, which would allow you to play back programmes without the laptop being involved.

Click here! to read the information on this site on TV tuners.

The most popular version of Vista, Windows Vista Premium comes with the Media Center, and it and Windows XP Media Center Edition can wake a PC from hibernation, record a programme, and then go back into hibernation, but both Windows XP Home or Professional Editions, require the use of TV tuner that has a scheduler application that supports that feature. There are TV tuners that claim to be able to do that, but none of them are unproblematic in implementing their solutions, so the best option, if you haven't taken it already, is to upgrade to Windows Vista Premium or Ultimate Editions, which both have the Media Center built into them.

When I add extra laptop and desktop computers wirelessly to a mixed wired Ethernet and wireless network, all of the computers lose their Internet connections

Problem

I use a Netgear wireless G router to share an ADSL broadband Internet connection between five desktop computers. Four of the computers are wired to the router's Ethernet ports, and one is connected to the network wirelessly. However, whenever I try to add additional computers to the network wirelessly, some of which are desktop machines and some of which are laptops, all of the Internet connections are lost and I have to reboot the router and use fewer computers. Do I need to get a better router, or could the one I have somehow be made to connect all of my computers? Or would it be a good idea to buy another switch and then wire the other desktop computers to it?

Answer

You could have a faulty wireless router, because it should be able to connect far more computers than you have tried to connect to it.

Your router has a built-in Ethernet switch that connects the desktop PCs together. The problem is unlikely to be caused by the switch. It is more likely to be caused by the router's DHCP server that allocates IP addresses to the networked computers automatically, or by the SPI (Stateful Packet Inspection) firewall.

If the router itself isn't faulty, the problem could be caused from your ISP's end by an overall problematically large amount of traffic that it is experiencing, but the router is more likely to have a bug in its firmware.

Firmware is embedded software that is permanently installed in flash memory inside the router in much the same way as the BIOS file is embedded in a motherboard's BIOS CMOS chip. It handles some of the network protocols that the router uses, and some of its security features and administrative functions. The router's firmware can be updated if an upgrade has been made available from its manufacturer's site. Such a firmware upgrade updates both the router itself and its ADSL modem.

The version of the model of the Netgear model you have should be provided on a label on the underside of the router.

The Netgear site is at http://www.netgear.com/. To find the page for your router enter its model number in the Search box at the top of the page.

Here is the Support page for the Netgear DG834GT router - http://kbserver.netgear.com/products/DG834GT.asp. At the time of writing this, it provided firmware upgrades for three versions of the router, a Recovery Utility should the firmware upgrade abort, and an installation guide.

If installing a firmware upgrade doesn't work, here are some other remedies you can try:

Using mixed wireless protocols may be the cause of the problem, so disable support for every other wireless protocol except 802.11g.

You could also open the router's configuration web-based page (the user manual tells you how to bring it up), and reduce the DCHP lease time to an hour if it is set higher than that.

Enable the router's WPA encryption security feature, which prevents outsiders from using the connection to run peer-to-peer file sharing services, which could be overloading it. WEP encryption shouldn't be used because it has a flaw that makes it easy to crack. In any case, to use it involves entering a long hex key made up of many letters and numbers. WPA encryption just allows you use a simple password. Note that Windows XP, Windows Vista, and recent network cards support WPA, but older versions of Windows may not be able to use it.

You can also find out which channels other wireless equipment in the vicinity is using. If the channel you are using is being heavily used, you can change to a different channel. Your router's user manual will tell you how to change channels. NetStumbler can be used to tell you which channels in your vicinity are being used.

The router's firewall could be responsible, so try disabling its SPI (Stateful Packet Inspection) firewall.

Also try disabling the router's event-logging feature, because the extra work that logging requires might be causing it to crash when you add more client PCs.

Overheating can also cause a router to crash, so make sure that none of its ventilation slots is blocked. You could also try mounting it in different positions. It doesn't matter if the router is lying horizontally or is standing vertically.

Why does only one of my two laptops connecting to the web via a wireless G+ router have a very weak signal strength?

Problem

I have two laptops running Windows XP Home Edition that I connect to the web via a wireless G+ router. Each laptop has an internal mini-PCI wireless network card installed. The signal strength for Laptop 1 is very weak. It will only connect properly when about 10 or fewer feet from the router. If it is only 15 feet away from the router the signal strength is very poor. However, the signal strength of Laptop 2 is very strong, even when it is positioned more than 50 feet away on the other side of the house with several walls between it and the router. For some reason, Laptop 1 also disrupts with MW radio broadcasts, but Laptop 2 doesn't.

Answer

The quality of different brands of mini-PCI wireless network cards can vary significantly. If you have a card of poor quality installed in Laptop 1, then that could be the cause of the problem. For example, cards made by Broadcom tend to be of poorer quailty than the cards used in laptops that carry Intel's Centrino brand name. Moreover, Intel's wireless mini-PCI cards are very good at locking on to weak signals compared to brands, such as Broadcom. You should also make sure that the latest drivers are installed for the card being used by Laptop 1. You can obtain them from its manufacturer's site.

Of course, it is also possible that the card in Laptop 1 is faulty, in which case replacing it with a good card would fix the problem. You should also download and install the latest drivers for any new card you install, because the drivers that come with adapter cards are usually out of date, and, as such, won't implement the latest bug fixes and improvements, etc.

Intel 2200BG mini-PCI network cards are currently going for around £20 on ebay.co.uk. You could identify the network card installed in Laptop 2 and buy one for Laptop 1. To remove the old card, you usually have to open a panel on the computer's bottom side that is held in place by a single screw. The card is installed in a mini-PCI slot in much the same way as a SODIMM RAM memory module is installed in a memory slot.

The antenna might not have been connected properly. In most laptops, the antenna goes round the edges of an internal space around the screen. If you can't do so yourself, you could get a technician that specialises in laptop repair to check to make sure that both of the antenna wires (one is usually black and the other white) are connected. If only one wire is connected the signal strength will be reduced, but if both wires are not connected it can still be possible to connect to an access point or router if the laptop is a few feet away from it. In either case, you could find that turning the laptop through 90° should weaken the signal strength dramatically. Moreover, note that the antenna might be of poor quality or poorly designed, in which case, you could try using an external network card that fits into PC Card slot. Just make sure that Laptop 1 has a slot that supports the card you buy. Most current laptops have a slot that supports CardBus or ExpressCard cards.

PC Card (CardBus) FAQ - http://www.pcmcia.org/faq.htm

ExpressCard Frequently Asked Questions - http://www.expresscard.org/web/site/qa.jsp

Medium-wave radio stations broadcast on the AM radio frequencies. A laptop with a wireless network card is more likely to disrupt them than FM broadcasts, because Wireless G itself uses the FM frequencies.

In order to reduce radio interference, the relevant components in a laptop are covered with sheets of aluminium. If they weren't installed properly, or a grounding wire wasn't connected, the effectiveness of the shielding would be reduced significantly. However, note that computer's power supply unit is more likely to be the cause of radio interference. You could find out if that is the case by running the computer on battery power.

Both of my networked PCs can connect to the web, but one PC can't access the other's hard disk drive

Problem

My two networked PCs have Window XP Professional Edition running on them. I used to be able to access each PC's hard drive from the other PC and copy files between them. Unfortunately, for some unknown reason, computer A can't access the files on computer B, but computer B can access the files on computer A. I know that the network is working because both PCs can access the web via my Linksys ADSL router.

I discovered that computer B's hard drive is no longer shared. When I tried to set sharing, the following error message appeared:

An error occurred when trying to share C. The Server service is not started.

When I tried to open Computer Management (Start => All Programs => Administrative Tools) to have a look at the Server Service under Services, I right-clicked on it with the mouse, selected Properties and found that it was set to Automatic but was stopped. Clicking Start brought up this message:

Could not start the server service on local computer. Error 2: the system cannot find the file specified.

The Properties window for the Server Service has C:\WINDOWS\system32\svchost.exe -k netsvcs as the Path to the executable, which all of the other services I looked at also have, and the svchost.exe file is present in the Windows\System32 folder.

Scanning the system with fully updated Spybot S&D, Ad-Aware, Windows Defender, and Norton AntiVirus found nothing.

Answer

Svchost runs a service or group of services that are specified in a .DLL file. Opening the Task Manager with the Ctrl+Alt+Del key combination should show several instances of svchost running under the Processes tab. Therefore, if svchost was corrupt or missing many other services would also not be running, so some other file is missing or a path to a file is set incorrectly in the Registry.

Try entering services.msc in the Start => Run box to bring up the Services window and then try starting the Server Service again.

Next, enter eventvwr.msc in the same way to bring up the Event Viewer, and have a look in the System log for error messages that might shed some light on the problem.

You might obtain a clearer message by opening a command prompt (enter cmd in the Start => Run box) and then entering this command:

net start server

There could be some other corrupt settings or files missing. The Services panel says incorrectly that the Server Service has no dependencies, because it relies on several other files and settings.

The svchost groupings are listed under this Registry key:

HKey_Local_Machine/Software/Microsoft/WindowsNT/CurrentVersion/Svchost

Enter regedit in the Start => Run box to open the Registry Editor and navigate to the svchost key.

In the right-hand window click on the value called netsvcs to see a list of the services that it loads.

The most relevant service is called LanmanServer.

Each of these services is defined by keys under this Registry key:

HKey_Local_Machine/System/CurrentControlSet/Services

Find lanmanserver => parameters. There should be an entry called ServiceDll in the right-hand window. Click on it to reveal its value, which should be %SystemRoot%\System32\srvsvc.dll. Correct the value if it is incorrect.

There are CurrentControlSet001 and CurrentControlSet002 in my Registry. If that is the case, check both of them.

If you have access to another computer running Windows XP that is working properly on a network, you can try using the File => Export option in the Registry to export lanmanserver settings from it to the faulty computer. Exporting Registry settings creates a .reg file that you copy and save to the computer that you want the settings installed in. You just have to click on the file to have the keys entered into that computer's Registry.

Remember that it is always advisable to create a restore point in System Restore before you make changes to a computer's Registry.

If the problem still exists, the cause could be almost anything in Windows networking.

Next, you can try using System Restore to restore a restore point that predates the problem. If doing that doesn't work, you can try performing a repair installation of Windows XP. How to perform a repair installation/install of Windows XP on this site provides information on how to do that. It won't affect the programs or data, but it is always worth making restorable backups in case anything goes wrong. For example, there may be a power cut while you are in the act.

How to remove and rebuild the networking components in Windows XP

If, for some reason, a repair installation doesn't work, or you can't do it, you'll have to try removing all of the network components so that Windows XP can rebuilt all of them.

Fortunately, although there are no networking components show under Add or Remove Programs (because Microsoft doesn't want users to remove them), by editing a file called sysoc.inf it is possible to force Add or Remove Programs (in the Control Panel) to display certain networking components, which can then be removed.

Right-click Start => Explore to run Windows Explorer and find the C:\Windows\Inf folder. It is normally a hidden folder. To unhide it, open Tools => Folder Options... in Windows Explorer. Click on the View tab and enable the setting called Show hidden files and folders.

Find the sysoc.inf file and save a copy of it to another folder just in case you screw things up. Double-clicking on the file in the C:\Windows\Inf folder opens it in Notepad. You should see many lines that contain the parameter hide or HIDE. Use Notepad's Edit => Replace feature to replace each instance of hide with just a comma. Take care not to delete the comma before or after it. Save the file and exit Notepad.

Now open Add or Remove Programs and select Windows Components. Make sure that Internet Information Services, Networking Services, Other Network File and Print Services, and Terminal Server are unticked. Next, enter cmd in the Start => Run box to open a command prompt and enter the command: netsh int ip reset resetlog.txt.

That command should reset the TCP/IP protocol, which can't be removed. Now go back to the Control Panel and open Network Connections and remove all of the connections that appear there by right-clicking on each of them and then clicking Delete.

Now enter devmgmt.msc in the Start => Run box to open the Device Manager. Click View => Show hidden devices and then open Network adapters. Remove any Ethernet network cards or other physical network devices (not the virtual networking devices, or an ADSL modem). Doing that will force Windows XP to locate new hardware and reinstall all of the required components.

Now open Network Connections in the Control Panel. Click on each connection, and click on the Properties button in the window that comes up. Under the Networking tab, make sure that Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, and Internet Protocol (TCP/IP) are ticked. If there are any other options already ticked, you can leave them enabled.

Now when you enter services.msc in the Start => Run box you should find that the Server Service is running.

When I enter search words in Google, my Google search history is displayed. How can I delete it?

Problem

I have noticed that when I enter the words for a search in Google, a list of my previous searches is displayed, including the search I am conducting if I entered the same words on a previous occasion. For example, if I enter just lotto for the entry lotto + uk, the search box becomes a drop-down menu and the full entry appears as the top entry with all of the other entries I've made under it, allowing me to make a choice of all of my previous entries. I tried using every cleaning program I could find but none of them removed my Google search history. Does that mean that Google keeps lists of searches on its servers that have been made by users that it can identify somehow? If so, surely that is against data-protection law? And is there a way to delete a Google search history and make sure that it never returns?

Answer

Good news! Google doesn't keep search histories of the people who use its search engine. The search history is kept on the user's own computer.

The reason that you haven't been able to remove your Google search history is because a setting has been enabled by default in Internet Options that makes Internet Explorer keep it.

To remove the search history, open Internet Options in the Control Panel (for versions of Windows from Windows 98 up to Windows XP that can use Internet Explorer 6.0, which has the AutoComplete feature), and click on its Content tab. You should see this heading: Use AutoComplete for. Under it there are these three options with check boxes beside them - 1. Web addresses - 2. Forms - 3. User names and passwords on forms.

The Web addresses option completes entries that you make in Internet Explorer's Address box. You just enter a portion of a web address and if there is a record of it in web address search history, the rest of the entry appears so that you don't have to type all of it in yourself. If you don't want that to happen, remove the check mark in the box beside that option. The Forms option is the one that keeps you Google search history, so disable it to prevent Internet Explorer from keeping a history of your searches. If you enter user names and passwords in order gain access to sites such as forums and you don't want them remembered, disable User names and passwords on forms by removing the mark in its check box.

In the same window there is another heading called Clear [Delete in IE9] AutoComplete history. Under it there are two buttons - Clear Forms and Clear Passwords. To clear the existing Google search history click on the Clear Forms button.

Mixed media networks: Why can't I get my mixed wired and wireless network to share files?

Problem

I have three Dell Dimension computers that are networked. The main computer has both wireless and Ethernet (wired) PCI network cards and is connected to an ADSL Internet connection. One of the secondary computers uses a wireless PCI network card, and the other secondary computer uses a standard wired Ethernet network card. I can get them to share the ADSL connection, but no matter what I try, I can't get file sharing to work.

Answer

You have what is known as a mixed media network, which can be problematic to setup. The easiest way to get file and printer sharing to work would be to make the network wired or wireless, but not both, and to use networking products made by the same manufacturer. This is especially a problem for wireless products, which still don't usually allow a mixture of products from different manufacturers.

But if you want to get your mixed media network to share files, you can use a mixed media router (MMR) to manage the data flow among the three networks (wireless, Ethernet, Internet) that use different connection media so that a single Internet connection can be shared among the computers in the subnetworks - and file and printer sharing works.

The following steps are needed to get a mixed media router to work: 1. - Install the network adapters and TCP/IP. 2. - Test the network. 3. - Install and configure the special routing software that you may have to buy. 4. - Check Internet sharing. 5. - Configure and check file and printer sharing.

Read a comprehensive and illustrated article on this subject here: http://www.practicallynetworked.com/networking/mmr_intro.htm

The article can also be used by anyone who wants to learn how to install a network and install TCP/IP on the networked computers.

Why can't I find a router for my USB ADSL modem

Problem

All of the cable and DSL modems I know of have an Ethernet connector that fits into the WAN port of a router such as the Linksys BEFSR41 EtherFast 4-Port Cable/DSL Router. Netgear and Belkin also make such routers. But my Internet Service Provider provides its users with a USB DSL modem. You plug an RJ11 cable they provide into the telephone socket and then into the modem, and then use a USB cable from the modem to the computer. This makes it impossible to use a router such as the one I just named. Can you tell me if there is a router that performs the functions of that Linksys router but which also allows me to plug a USB DSL modem into its WAN port?

Answer

[Since this Q&A was written in 2005, most UK users have moved on from separate routers and ADSL modems to wireless ADSL routers that have an inbuilt ADSL modem. The one that I use - a Siemens Gigaset SE587 wireless ADSL router provides four Ethernet ports which can connect four client computers to the network by cable and can also connect client computers to the network wirelessly. I have left the Q&A here just in case there are users in this and other countries who are still using separate routers and ADSL modems.]

If you currently (June, 2005) connect to the Internet via a Universal Serial Bus (USB) ADSL or cable modem, I only know of one router currently available in the UK that has a connection for a USB ADSL modem - the Vigor2200USB Router (no longer available in 2010). There may be others that you can locate by making use of a search engine. Not so long ago there was no such device. It only supports a limited list of ADSL USB modems. I don't know of any routers that support USB cable modems.

By far the greatest number of routers currently available either have an RJ45 Ethernet connection or have an inbuilt ADSL modem.

Visit this page the latest products from the manufacturer of Vigor routers: http://www.draytek.co.uk/products/

USB broadband cable or ADSL modems are a fairly recent type of Internet gateway. A gateway that is usually designed to bypass the network hub/switch component between the router and the computer connected to the telephone line or cable service in order to keep the cost of hardware itself low and to restrict the connection to a single computer. Those are the main reasons why some ISPs provide them.

If you can't find an ADSL USB router that supports your broadband USB modem, there are two available options:

1. - Use the Windows computer that the USB modem is plugged into as the Internet gateway for all other computers on a wired/wireless network by networking all of them with Ethernet network interface cards (NICs) and cables or wireless 802.11b/802.11g alternatives. Have either a wired or a wireless setup, not a mixture of the two types because it is very difficult to get a mixed media network to function. For more information on that topic, read the Q&A above this one called Mixed media networks: Why can't I get my mixed wired and wireless network to share files?

The gateway computer requires an NIC or wireless network adapter to connect it to the your wired/wireless network, and an interface to connect it to the Internet. If you have a standard Internet ADSL or cable modem the Internet connection can be provided by connecting it to a second NIC fitted in the gateway computer, or via a wired/wirelessrouter.

If you have a USB ADSL or cable modem, just connect it to the computer via a spare USB port. The gateway computer will be networked to your other computers via NICs/wireless adapters installed in each of them. If it's a wireless setup you can use a wireless Access Point (AP) or an Ad Hock network in which the wireless adapters communicate with one another without a wireless AP.

This setup allows an Internet connection to be shared by making use of the Internet Connection Sharing (ICS) software that is part of Windows 98/Me/XP, Windows Vista and Windows 7, which is easy to set up, and which is documented in the Windows Help files. Third-party Internet sharing software is also available, but it won't be free. If you use a router, you don't use ICS, because it shares the connection automatically with the other computers that are connected to it. A wireless router and wireless adapters (PCI or PCI Express network cards or USB dongle) installed in each of the client computers can be used instead of NICs to provide a wireless solution.

2. - Ask your ISP if it can provide you with a standard ADSL modem, or purchase one of your own that can be plugged directly into a router of the kind you named. You can then connect the other computers to the router with suitable network cables.

Internet Explorer running on Windows XP Pro SP3 brings up a privacy screen asking accept a cookie from 127.0.0.1 then locks up completely

Problem

I’ve got a notebook computer running Windows XP Professional SP3. When Internet Explorer starts it brings up a privacy window asking if I want to accept a cookie from 127.0.0.1. When I grant permission the window that comes up locks up and I can’t do anything with Internet Explorer 8 . I went into the Control Panel => Internet Options => Security => Trusted sites and added 127.0.0.1 to the allowed list, but that just made Internet Explorer close without doing anything at all. Note that if I run the Firefox browser instead of Internet Explorer, web access works just fine. I’ve run the Ad-aware and Spybot S&D spyware removal utilities several times. They did find some non-critical spyware, which was removed, but the problem still exists. I’ve run the AVG virus scanner and the TrendMicro online virus scanner, which both found nothing. I reinstalled Internet Explorer from the Windows XP Pro SP2 disk without success. I am now at a loss as to what to do to fix the problem.

Answer

Whenever you have a problem such as this one, the first thing you should do is think of what change(s) you've made to the computer that might have caused it. If you've made a reversible change that proceeded the problem immediately, try reversing it. For example, if you installed a Windows update, it can be reversed if it's listed under Add/Remove Programs in the Control Panel. And if you installed software, you can try uninstalling it. New device drivers can sometimes cause problems. If you want to go back to using a previous device driver, such as a graphics card driver, you can use the Roll Back Driver feature.

Even though you ran two of the best spyware-removal tools, it still looks like a spyware issue, because 127.0.0.1 is the localhost IP address of the local computer or server. Therefore, it looks as if some badly written spyware, or spyware that wasn't removed properly is screwing things up by using the localhost address instead of its home IP address. So, if you haven't already got a good firewall running on the system download and install one (Sygate, ZoneAlarm). Note that the free version of ZoneAlarm is still available, but Zonelabs is doing its best to hide it on its site so that visitors purchase the Pro version. Such a firewall will allow you to prevent whatever it is from phoning home when you're online. Note that the Windows Firewall (accessed from the Control Panel) in Windows XP cannot prevent outward-bound traffic, only inward-bound traffic. (The improved Windows Firewall in Windows Vista and Windows 7 has been improved so that it can prevent outward-bound traffic.) Also make sure that you don't have two firewalls providing real-time protection at the same time. If you use a third-party firewall, disable the Windows Firewall.

You haven't used Microsoft's yet, which can be download from http://www.microsoft.com/security_essentials/. Install it and then install the latest update before running a scan, which is best done in Safe Mode because in this mode Windows is running in its most basic setup. To get into that mode, when you start up from a cold boot, keep pressing the F8 key just after the first boot screen to bring up the boot menu that includes Safe Mode.

Assuming that Security Essentials was able to resolve the problem, if you haven't already done so, make sure that you install all of the latest updates from Microsoft Update, because Internet Explore is the main target of hackers and the spyware/virus programmers.

Internet access works properly when you use the Firefox browser, so that rules out a corrupt firewall, etc., being the cause. That information isolates the problem to Internet Explorer and to entries in the Windows Registry. Therefore, if Security Essentials didn't fix the problem, perhaps installing a System Restore restore point that predates the problem will do the trick. A restore point with a particular date of creation returns Windows to the state it was in on that date.

Problems such as this that can strike computers that go online at any time is good reason to use a drive-image program to create a master image of the whole system that can be easily restored. You create the image when the system is working properly and then burn it to one or more recordable CD/DVD disks (discs). If such a problem strikes, all you have to do is restore the image. All you need is a CD/DVD writer, some recordable disks, of which there are several types, and the right software.

Click here! to go to CD/DVD drive information on this site.

The following imaging program is cheaper and, in my opinion, is better than Norton Ghost.

Acronis True Image Home 2010 - http://www.acronis.com/homecomputing/products/trueimage/

Troubleshooting a wireless network consisting of a notebook and a desktop computer

Problem

I have a notebook and a desktop personal computer. I wanted them to share a DSL broadband Internet connection, so I bought a Linksys router that has an ADSL modem, a wireless PCI network card for the desktop, and a wireless notebook adapter. I installed all of the hardware according to the instructions. The Device Manager in both computers says that the devices are working properly, but I can't make the notebook computer recognise the desktop computer as the host computer. I have tried asking the Linksys helpline, but the operators are in the Philippines, and I had a very hard time trying to make out what they were saying.

Answer

Given the poor training the operators usually receive, you might not have fared much better had the operators been in the US or the UK.

If there is a problem with the wireless settings, you should always connect at least one of the computers to the wireless router with an Ethernet network cable connected to one of its LAN ports, which most routers have at least four of. Doing that should make it possible to access the router's setup screen. But if both computers can access the Internet via the wireless connection but can't connect with each other, that is not the problem.

If you don't know what an IP address is, read the two Networking pages on this site.

If you're using Windows 95, 98, or Me, enter winipcfg in the Start => Run box to bring up the IP Configuration window. If you're using Windows XP or Windows 2000, you have to enter cmd in the Start => Run box to bring up a command prompt, and then enter the command ipconfig. If you want the Windows XP/2000 equivalent of the Winipcfg program, download Wntipcfg from http://www.microsoft.com/downloads.

If there is no address shown under the IP address heading, or it starts with 169, you have to find out why.

A wireless connection can take a while to establish itself. Consequently, the DHCP client can time out. If this is the case, to fix the problem just click the Renew All option in Winipcfg or Wntipcfg, or enter the command ipconfig /renew at the Windows XP/2000 command prompt, which you bring up by entering cmd in the Start => Run box.

Different routers make use of different IP address ranges. If there is an IP address shown by the computer you're testing, it belongs to the Linksys router. Make a note of it. It should be in the form 192.168.1.1 (four blocks of single digits, separated by periods/full stops, containing up to three digits each).

Now you need to test if the desktop computer can ping the other IP addresses of the computers on the network and sites on the Internet. In your case, there is only one other computer in the network - the notebook. It will make a single ping sound if you're getting through to it with the ping command. You obviously have to be online to use the ping command to test an Internet connection. The computer will provide the technical details of the connection, such as if it was successful and how long it took to establish, etc.

To use the ping command, open a DOS window in Windows 95 / 98 / Me (by entering the command command in the Start => Run box), and a command prompt in Windows XP/2000 by entering the cmd command in the Start => Run box.

I am assuming the router is using the IP address 192.168.1.1, but it could be a different one, depending on the range it is set to use.

Enter the following command at the command prompt: ping 192.168.1.1

The computer will tell you if a connection was established with the router.

Find out what the notebook computer's IP address is, and try using it in a ping command.

To test an Internet connection (while online), try using the IP address of a website, such as 195.101.94.150, which is the IP address of http://www.wanadoo.com.

The command is: ping 195.101.94.150

To test the Domain Name System (DNS) settings, and to check that the desktop computer is translating server names to their IP addresses, enter: ping www.wanadoo.com

You don't use the http:// part of the IP address in the ping command.

Spyware can be the cause of network connectivity problems

The problem may be caused by spyware that has corrupted the Windows Layered Service Protocol (LSP) stack. The spyware programmers have found out how to use it for installing spyware, but, if this is the case, and a spyware removal tool such as Spybot S&D or Ad-Aware removes it, Windows networking can be broken until the LSP stack is repaired.

In other words, a very common problem is the loss of Internet connectivity after being infected with or removing spyware. Free utilities exist that completely rebuild the WinSock software and restore Internet connectivity.

For Windows XP it is the Winsock XP Fix from http://www.spychecker.com/program/winsockxpfix.html. For Windows 95/98/Me, it is Winsock2 Fix from http://www.bu.edu/pcsc/internetaccess/winsock2fix.html.

By running either of these utilities, the network will be completely reset. If you use static IP addresses, make a note of them so that you can reapply them if necessary. If you use DHCP for IP and DNS settings, there are no precautions you need to take prior to using the above-named WinSock repair software.

If you want more control over extracting specific items from WinSock, try LSPFix from http://www.cexx.org/lspfix.htm or http://www.bleepingcomputer.com/files/lspfix.php. Note that using this utility requires technical knowledge.

If the problem still exists, the next step involves checking the network file sharing. For Windows 95 / 98 / Me, right-click with the mouse on the Desktop icon called Network Neighborhood and then click Properties on the menu that is presented. Check that the components listed under Configuration include a Client, which can be either Client for Microsoft Networks or MS Home, and File and Printer Sharing Services. The Primary Network Logon can be set to Client for Microsoft Networks or Windows Logon. Both of the computers should have the same Workgroup name under the Identification tab, but they must have a different Computer name.

The above components are installed by default in Windows XP and Windows 2000. In Windows XP, the built-in firewall has to be disabled, or it must be set to permit access so that other computers can view the files on that computer, because networking involves file-sharing, and if file-sharing is blocked, network access is blocked.

Firewalls can be the cause of network connectivity problems

The name for the firewall in Windows XP used to be called the Internet Connection Firewall, but the new version that comes with the SP2 update is called Windows Firewall. To disable it or check its status, open the Control Panel => Network Connections and then right-click on your LAN connection. On the menu that is presented click Properties, followed by the Advanced tab. To check the network names (Workgroup and Computer name), right-click on My Computer on the Desktop and then click Computer Name.

If you have a third-party firewall installed, you should not have the Windows Firewall enabled, because you should only have one firewall and one virus scanner monitoring the system at the same time. If you only have a third-party firewall installed, disable it, or, if necessary, uninstall it completely, because corrupt installations of the Norton and McAfee firewalls continue to be the cause of several recent network connectivity issues.

Using command prompt network tools

If the problem still exists, you have to try using the network tools that are run from the command prompt, access to which has already been detailed in this Q&A. You have to make sure that at least one folder on each of the computers is shared or the computer won't appear in the other computer's Network Neighborhood. You can make a folder a shared folder by right-clicking on it in Windows Explorer. Enable the Share option.

The NET VIEW command works from the command prompt in Windows 95 / 98 / Me and in Windows XP. For information about the command enter NET VIEW /? fter you have entered this command, you should see a list of the computers in the Workgroup. The command NET VIEW \\COMPUTERNAME (where COMPUTERNAME is one of the names shown by the NET VIEW command) should provide a list of shared resources on that computer. If there is an Access Denied message against any of them, it indicates that there is a problem in that area, such as a problem with any user accounts used on the computer.

The sudden and inexplicable loss of their wireless 802.11b (Wi-Fi) Internet connections using Windows XP

The following is an informative news story from http://www.lockergnome.com/, which I have provided here in full instead of just providing a quote and a link, because the story might be dropped altogether or, if archived, probably won't stay in the same place, and I haven't got the time to keep track of it:

Kevin Gilmore is a network administrator at MicroDisplay, a small company in San Pablo, California, that uses several Wi-Fi access points to give employees the freedom to roam around the office with their laptops while remaining connected to the Internet.

But these days, Gilmore keeps encountering a problem that many Windows XP users know all too well: the sudden and inexplicable loss of their wireless Internet connections. As Gilmore knows from the flow of support calls, there's little point in trying to find a permanent solution to the problem.

"It will and does lose connection for absolutely no reason whatsoever, and then picks it up again, seemingly randomly," Gilmore said. "At first, it was so aggravating. And now, it's considered a normal factor of working with Windows."

Here are the symptoms of the problem: A Wi-Fi-enabled computer running Windows XP is working fine one minute, pulling up Web pages and processing e-mail. Then, for no reason, the connection drops, websites fail to come up and the e-mail flow stops. The small wireless connection icon in the taskbar says the signal from the access point is strong, so the problem isn't that the user wandered out of radio range. The icon even shows that the computer's Wi-Fi hardware is sending information to the access point -- it's just not getting anything back. And manual attempts to re-establish the connection through XP's built-in wireless configuration tool won't do the trick. Even more bizarre, the connection sometimes comes back on its own.

From anecdotal evidence, most users assume the problem is with the Wi-Fi hardware. But the trouble seems to arise from a tool in Windows XP called Wireless Zero Configuration, a feature that was meant to do away with the mishmash of software drivers and configuration utilities.

Microsoft disputes the notion that there's a problem with the way Windows XP works with Wi-Fi.

"We don't have data that suggests Windows XP drops wireless connections more than any other system," said Greg Sullivan, the lead product manager in Microsoft's Windows division. "Wi-Fi configuration in Windows XP is much different and easier than in previous versions."

Indeed, in earlier versions of Windows, users had to configure their equipment through software written by the Wi-Fi hardware manufacturers -- which aren't known as user-friendly program writers. The configuration utilities varied from maker to maker, with various manufacturers sometimes using different words and definitions to describe the same concept. Microsoft stepped in with Wireless Zero Configuration to unify the utilities and ease the pain.

Unfortunately, the feature is hardly infallible, said Glenn Fleishman, editor of WI-FI Networking News.

"The flaw is, if Wireless Zero Configuration gets funky in any way, then to the user ... wireless connectivity is unavailable," he said. "It's a tricky interaction of many different elements of this system. It's frustrating."

To some, the most infuriating part is that the wireless network connection icon in the XP taskbar doesn't display any indication at all that something's wrong. When there is a genuine hardware failure, the icon displays a small red X to indicate that the connection was lost. But with these mysterious disconnections, the icon continues to show a connection.

Microsoft said users shouldn't be misled by the icon.

"It indicates that you've associated with an access point. It is possible for you to be associated without having [Internet] connectivity," said Shai Guday, a Microsoft wireless group program manager.

But most users don't have the background to parse the distinction between connection and "association" with an access point. All they know is that the icon says there's an access point with a strong signal nearby and they can't get on the Internet.

There are several theories about what goes wrong. Sometimes it's because of interference from microwave ovens, cordless phones and other electronic devices that generate radio noise, said Christian Gunning, director of product management for Boingo Wireless, a Wi-Fi connection provider.

Others say it could be because of a Microsoft software update that tries to enhance wireless security, but causes other problems with certain, usually older, equipment.

And others blame the same problem Microsoft was trying to fix in the first place: an infinite combination of drivers, utilities, hardware and software configurations.

For its part, Microsoft insists the problem is not with XP. Guday said he knows of no problems with "Zero Config" and would be "happy to look into any reports with that." And Sullivan said users can always deactivate XP's configuration utility and use the Wi-Fi manufacturers' software.

"Windows XP reduces wireless deployment costs via automatic configuration," said Sullivan. "It reduces help desks' call times for wireless networking questions due to simplified configuration."

But Fleishman said Microsoft's belief in this might be because most XP users assume the fault lies with their Wi-Fi card, not with Microsoft's operating system.

"Microsoft probably isn't getting tech support calls on this," he said. "It's almost certain the hardware makers are getting the tech support calls."

There is a way of getting lost Wi-Fi connections going again, but it involves going deep into XP's settings every time the problem arises, Fleishman said. And the fix could be a nightmare for people like Gilmore, who don't want less-advanced users mucking around with the guts of the operating system.

With advance apologies to Gilmore and other network administrators, here's Fleishman's workaround:

1. - Go to Control Panel.

2. - Choose Administrative Tools.

3. - Select Services. A two-pane window comes up.

4. - In the right-hand pane, scroll down and click Wireless Zero Configuration.

5. - Click Stop the Service. A progress bar may come up briefly.

6. - Click Start the Service. Again, a progress bar may come up.

7. - Close the Services window. At this point, Fleishman said, the connection should come back.