Netgear USB (WG111v2) -- WEP key registry value

I'm doing something a bit out of the ordinary -- programmatically setting
up wireless adapters on Win98 machines. The technique works fine for
Belkins, but Netgear has a dramatically more complex registry environment
for their adapter.

It looks as if my principal problem is that the key is not stored in
plaintext. Normally that's a plus, obviously. Not in this case. I have no
idea how to store a value that will make the adapter work.

I've regmoned the heck out of this thing while making he changes using the
systray widget. I've compared before/after exports. And still, no settings
I make to the registry -- no matter how much they appear to mimic what the
widget does -- enable device operation.

I believe if I could generate the string that's stored here:

HKLM\System\CurrentControlSet\Services\Class\Net\0 002\DefaultKey0

.. . . i'd be a happy camper.

Has anyone else done the kind of bit-level tinkering I'm trying to do,
here, and met with success? This really kind of sucks. The presumption by
manufacturers that everyone on the planet will want to click on a systray
widget to configure their devices, is a frustrating thing for a sysadmin to
observe on the part of OEMs.

--

Scott

> here, and met with success? This really kind of sucks. The presumption by
> manufacturers that everyone on the planet will want to click on a systray
> widget to configure their devices, is a frustrating thing for a sysadmin to
> observe on the part of OEMs.

Sorry but no. If you're a sysadmin you should stop using a protocol
that was broken ages ago and move to something that doesn't require
deploying a symmetric key!

Take a look at any RADIUS based solution using dynamic keying, it's not
new stuff.

David.

David Taylor opined thusly on Aug 11:
>> here, and met with success? This really kind of sucks. The presumption by
>> manufacturers that everyone on the planet will want to click on a systray
>> widget to configure their devices, is a frustrating thing for a sysadmin to
>> observe on the part of OEMs.
>
> Sorry but no. If you're a sysadmin you should stop using a protocol
> that was broken ages ago and move to something that doesn't require
> deploying a symmetric key!
>
> Take a look at any RADIUS based solution using dynamic keying, it's not
> new stuff.

We're using that for our domain machines, and it's darned nice (pushing out
certs with policy). The legacy usage is for homebrewed winterms using a
custom shell atop Win98SE. I'd welcome tips for implementing Radius on
Win98 where we don't want to authenticate users. :-/

--

Scott

> custom shell atop Win98SE. I'd welcome tips for implementing Radius on
> Win98 where we don't want to authenticate users. :-/

How much money have you got cos I can give you AES256, FIPS140-2
certified (end to end), non spoofable device authentication with no user
auth from anything from DOS all the way up. :)

If you don't want to do RADIUS then why not just go for WPA? WEP is
long dead for the purposes of encryption.

David.

David Taylor opined thusly on Aug 11:
>> custom shell atop Win98SE. I'd welcome tips for implementing Radius on
>> Win98 where we don't want to authenticate users. :-/
>
> How much money have you got cos I can give you AES256, FIPS140-2
> certified (end to end), non spoofable device authentication with no user
> auth from anything from DOS all the way up. :)
>
> If you don't want to do RADIUS then why not just go for WPA? WEP is
> long dead for the purposes of encryption.

Understood. Again, if I can code for that without a lot of pain for an
alternative shell running on Win98, with drivers for an adapter that's
cheap, I'd be happy. Programmatic config of the machine has to be pushed.

--

Scott