Windows XP Super Poop Too

I came across an interesting bug with the windows xp sp2 “wireless zero configuration” (WZC) client interface while working on a clients network earlier this evening. This client was experiencing a rather odd problem (my favorite kind): she had two computers connected to the same wireless network, both were able to surf just fine, but they were completely unable to see each other locally. Initially my associate and I suspected a firewall, that lead didn’t pan out. So i decided to load up netstumbler and er…stumbled accross something quite peculiar. Keep reading, I’ve recreated the situation for your education.

Fig. 1-1

[missing in archive]

Fig. 1-2

Figure 1-2, shows the ACTUAL wireless access points in range as discovered by netstumbler. You’ll notice 5 APs here, exonet and ivans we saw above. A third labeled “gf” windows decided not to list (upon further observation this signal was not very strong, which may explain the discrepancy). Fine and good, but what’s this, TWO “linksys” SSIDs?! That’s right.

What we have here folks is a classic example of a Microsoft “feature.” The WZC client is either unable to differentiate between the two signals – even though they are on completely different channels and frequencies – or Microsoft has decided to group them as one listing for your convenience or something. At this point I’m cannot determine how WZC decides which router to use. I attempted to connect numerous time, on every attempt I was connected to my own router.

Now, if you haven’t already connected the dots, I’ll break it down for you. The problem with our client’s network was occuring because WZC saw two APs as one and decided to have each of their computer connect at random. We gave the AP a unique SSID, VOILA problem solved, like magic (internet magic).

A concession. After writting this I realized that the bug may not be a problem specific to Windows, it may actually be an inherent flaw in the way 802.11 connects to access points. I was not able to find anything at all about this sort issue after doing some quick googling and a search of the ms support kb. Although, I did stumble across an interesting article entitled Your computer connects to an access point that broadcasts its SSID instead of an access point that does not broadcast its SSID. Apparently this is also a feature, as “Disabling SSID broadcasts on an access point is not considered a valid method for securing a wireless network. Microsoft does not reccomend this practice for any wireless network.” Right… It is a valid state for an access point to be in, isn’t it?