WPA2 security ?

Hi,

I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
uses the 802.11n draft technology. Almost all my computers are wired,
but I need that wireless link for a couple of them. I fitted those
machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
will be used.

Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
forcing me to use WPA too. The router negotiates WPA2 with machines that
can, and falls back to WPA for the machine that cannot do WPA2.

MAC address filtering is enabled, SSID hidden and changed on an
irregular basis. Call me paranoid, but what is the possibility that
someone intercepts packets in the air and cracks my key ? Finds a MAC
address for one connected machine and uses it on his laptop to associate
with the router ?

Not that I have something to hide, or that any of my computers contains
anything precious, but I know too much about WLAN insecurity to feel safe.

Thanks

Lorenzo

a "dictionary" attack is the onlly real method for breaking WPA. Use
an extremely long random key (you probably have support for Windows
Connect Now so you can use the Network Wizard to generate one for
you).

I've got the same setup here with the same hardware (more or less).



On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
<(E-Mail Removed)> wrote:

>Hi,
>
>I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>uses the 802.11n draft technology. Almost all my computers are wired,
>but I need that wireless link for a couple of them. I fitted those
>machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>will be used.
>
>Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>forcing me to use WPA too. The router negotiates WPA2 with machines that
>can, and falls back to WPA for the machine that cannot do WPA2.
>
>MAC address filtering is enabled, SSID hidden and changed on an
>irregular basis. Call me paranoid, but what is the possibility that
>someone intercepts packets in the air and cracks my key ? Finds a MAC
>address for one connected machine and uses it on his laptop to associate
>with the router ?
>
>Not that I have something to hide, or that any of my computers contains
>anything precious, but I know too much about WLAN insecurity to feel safe.
>
>Thanks
>
>Lorenzo
--

Barb Bowman
MS Windows-MVP
Expert Zone & Vista Community Columnist
http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

"Lorenzo Sandini" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
> uses the 802.11n draft technology. Almost all my computers are wired, but
> I need that wireless link for a couple of them. I fitted those machines
> with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2 will be used.
>
> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine, forcing
> me to use WPA too. The router negotiates WPA2 with machines that can, and
> falls back to WPA for the machine that cannot do WPA2.
>
> MAC address filtering is enabled, SSID hidden and changed on an irregular
> basis. Call me paranoid, but what is the possibility that someone
> intercepts packets in the air and cracks my key ? Finds a MAC address for
> one connected machine and uses it on his laptop to associate with the
> router ?
>
> Not that I have something to hide, or that any of my computers contains
> anything precious, but I know too much about WLAN insecurity to feel safe.
>
> Thanks
>
> Lorenzo

To add to Barb's comments both MAC Address authentication and cloaking your
SSID broadcast are not considered viable security measures. Cloaking the
SSID broadcast can also lead to connectivity issues for some clients. Both
are easily discovered. You may be interested in this article...

http://blogs.zdnet.com/Ou/?p=454

The key to real security is using strong encryption and a long random key.
Personally I use a 63-character random ASCII key. Here are two key
generators that you might be interested in.

http://www.kurtm.net/wpa-pskgen/
https://www.grc.com/passwords.htm

My WiFi security recommendations...

http://theillustratednetwork.mvps.or...sSecurity.html
--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

Hi
Whenever one uses his car no matter how carefull he is there is always the
probability to be involved in a car accident, however, it is Not a reason to
always stay home.
Jack (MVP-Networking).

"Lorenzo Sandini" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
> uses the 802.11n draft technology. Almost all my computers are wired, but
> I need that wireless link for a couple of them. I fitted those machines
> with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2 will be used.
>
> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine, forcing
> me to use WPA too. The router negotiates WPA2 with machines that can, and
> falls back to WPA for the machine that cannot do WPA2.
>
> MAC address filtering is enabled, SSID hidden and changed on an irregular
> basis. Call me paranoid, but what is the possibility that someone
> intercepts packets in the air and cracks my key ? Finds a MAC address for
> one connected machine and uses it on his laptop to associate with the
> router ?
>
> Not that I have something to hide, or that any of my computers contains
> anything precious, but I know too much about WLAN insecurity to feel safe.
>
> Thanks
>
> Lorenzo

I noticed that WPA2 must be enabled in order to get the maximum
throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
WPA2-AES I get 300Mbps. Is it by design ?

Lorenzo


Barb Bowman wrote:
> a "dictionary" attack is the onlly real method for breaking WPA. Use
> an extremely long random key (you probably have support for Windows
> Connect Now so you can use the Network Wizard to generate one for
> you).
>
> I've got the same setup here with the same hardware (more or less).
>
>
>
> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
> <(E-Mail Removed)> wrote:
>
>> Hi,
>>
>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>> uses the 802.11n draft technology. Almost all my computers are wired,
>> but I need that wireless link for a couple of them. I fitted those
>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>> will be used.
>>
>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>> can, and falls back to WPA for the machine that cannot do WPA2.
>>
>> MAC address filtering is enabled, SSID hidden and changed on an
>> irregular basis. Call me paranoid, but what is the possibility that
>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>> address for one connected machine and uses it on his laptop to associate
>> with the router ?
>>
>> Not that I have something to hide, or that any of my computers contains
>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>
>> Thanks
>>
>> Lorenzo
> --
>
> Barb Bowman
> MS Windows-MVP
> Expert Zone & Vista Community Columnist
> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
> http://blogs.digitalmediaphile.com/barb/

must be something in the driver and/or router firmware. I don't
think that the draft N spec mandates WPA2 to trigger anything. I've
been running with WPA2 since I received the DIR655 so I haven't
experienced this. What firmware is in the router?

On Sat, 28 Apr 2007 20:28:49 +0300, Lorenzo Sandini
<(E-Mail Removed)> wrote:

>I noticed that WPA2 must be enabled in order to get the maximum
>throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
>WPA2-AES I get 300Mbps. Is it by design ?
>
>Lorenzo
>
>
>Barb Bowman wrote:
>> a "dictionary" attack is the onlly real method for breaking WPA. Use
>> an extremely long random key (you probably have support for Windows
>> Connect Now so you can use the Network Wizard to generate one for
>> you).
>>
>> I've got the same setup here with the same hardware (more or less).
>>
>>
>>
>> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
>> <(E-Mail Removed)> wrote:
>>
>>> Hi,
>>>
>>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>>> uses the 802.11n draft technology. Almost all my computers are wired,
>>> but I need that wireless link for a couple of them. I fitted those
>>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>>> will be used.
>>>
>>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>>> can, and falls back to WPA for the machine that cannot do WPA2.
>>>
>>> MAC address filtering is enabled, SSID hidden and changed on an
>>> irregular basis. Call me paranoid, but what is the possibility that
>>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>>> address for one connected machine and uses it on his laptop to associate
>>> with the router ?
>>>
>>> Not that I have something to hide, or that any of my computers contains
>>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>>
>>> Thanks
>>>
>>> Lorenzo
>> --
>>
>> Barb Bowman
>> MS Windows-MVP
>> Expert Zone & Vista Community Columnist
>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>> http://blogs.digitalmediaphile.com/barb/
--

Barb Bowman
MS Windows-MVP
Expert Zone & Vista Community Columnist
http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

1.02, and connection "speed" is set to "Automatic best".

Could you check with yours please, if it's not too much asking?

Thanks

Lorenzo


Barb Bowman wrote:
> must be something in the driver and/or router firmware. I don't
> think that the draft N spec mandates WPA2 to trigger anything. I've
> been running with WPA2 since I received the DIR655 so I haven't
> experienced this. What firmware is in the router?
>
> On Sat, 28 Apr 2007 20:28:49 +0300, Lorenzo Sandini
> <(E-Mail Removed)> wrote:
>
>> I noticed that WPA2 must be enabled in order to get the maximum
>> throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
>> WPA2-AES I get 300Mbps. Is it by design ?
>>
>> Lorenzo
>>
>>
>> Barb Bowman wrote:
>>> a "dictionary" attack is the onlly real method for breaking WPA. Use
>>> an extremely long random key (you probably have support for Windows
>>> Connect Now so you can use the Network Wizard to generate one for
>>> you).
>>>
>>> I've got the same setup here with the same hardware (more or less).
>>>
>>>
>>>
>>> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
>>> <(E-Mail Removed)> wrote:
>>>
>>>> Hi,
>>>>
>>>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>>>> uses the 802.11n draft technology. Almost all my computers are wired,
>>>> but I need that wireless link for a couple of them. I fitted those
>>>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>>>> will be used.
>>>>
>>>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>>>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>>>> can, and falls back to WPA for the machine that cannot do WPA2.
>>>>
>>>> MAC address filtering is enabled, SSID hidden and changed on an
>>>> irregular basis. Call me paranoid, but what is the possibility that
>>>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>>>> address for one connected machine and uses it on his laptop to associate
>>>> with the router ?
>>>>
>>>> Not that I have something to hide, or that any of my computers contains
>>>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>>>
>>>> Thanks
>>>>
>>>> Lorenzo
>>> --
>>>
>>> Barb Bowman
>>> MS Windows-MVP
>>> Expert Zone & Vista Community Columnist
>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>> http://blogs.digitalmediaphile.com/barb/
> --
>
> Barb Bowman
> MS Windows-MVP
> Expert Zone & Vista Community Columnist
> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
> http://blogs.digitalmediaphile.com/barb/

which NIC do you see this on? I use only N clients on the 655 and
have an AP for G only clients.

On Sat, 28 Apr 2007 22:23:08 +0300, Lorenzo Sandini
<(E-Mail Removed)> wrote:

>1.02, and connection "speed" is set to "Automatic best".
>
>Could you check with yours please, if it's not too much asking?
>
>Thanks
>
>Lorenzo
>
>
>Barb Bowman wrote:
>> must be something in the driver and/or router firmware. I don't
>> think that the draft N spec mandates WPA2 to trigger anything. I've
>> been running with WPA2 since I received the DIR655 so I haven't
>> experienced this. What firmware is in the router?
>>
>> On Sat, 28 Apr 2007 20:28:49 +0300, Lorenzo Sandini
>> <(E-Mail Removed)> wrote:
>>
>>> I noticed that WPA2 must be enabled in order to get the maximum
>>> throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
>>> WPA2-AES I get 300Mbps. Is it by design ?
>>>
>>> Lorenzo
>>>
>>>
>>> Barb Bowman wrote:
>>>> a "dictionary" attack is the onlly real method for breaking WPA. Use
>>>> an extremely long random key (you probably have support for Windows
>>>> Connect Now so you can use the Network Wizard to generate one for
>>>> you).
>>>>
>>>> I've got the same setup here with the same hardware (more or less).
>>>>
>>>>
>>>>
>>>> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
>>>> <(E-Mail Removed)> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>>>>> uses the 802.11n draft technology. Almost all my computers are wired,
>>>>> but I need that wireless link for a couple of them. I fitted those
>>>>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>>>>> will be used.
>>>>>
>>>>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>>>>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>>>>> can, and falls back to WPA for the machine that cannot do WPA2.
>>>>>
>>>>> MAC address filtering is enabled, SSID hidden and changed on an
>>>>> irregular basis. Call me paranoid, but what is the possibility that
>>>>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>>>>> address for one connected machine and uses it on his laptop to associate
>>>>> with the router ?
>>>>>
>>>>> Not that I have something to hide, or that any of my computers contains
>>>>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>>>>
>>>>> Thanks
>>>>>
>>>>> Lorenzo
>>>> --
>>>>
>>>> Barb Bowman
>>>> MS Windows-MVP
>>>> Expert Zone & Vista Community Columnist
>>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>>> http://blogs.digitalmediaphile.com/barb/
>> --
>>
>> Barb Bowman
>> MS Windows-MVP
>> Expert Zone & Vista Community Columnist
>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>> http://blogs.digitalmediaphile.com/barb/
--

Barb Bowman
MS Windows-MVP
Expert Zone & Vista Community Columnist
http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

It's the DWA-645, http://www.dlink.com/products/?sec=0&pid=489. Nothing
specific in the user's guide I am afraid.

Apparently in Finland we don't have the DWA-652. I don't know exactly
what is the difference though. A hint maybe ?

Lorenzo



Barb Bowman wrote:
> which NIC do you see this on? I use only N clients on the 655 and
> have an AP for G only clients.
>
> On Sat, 28 Apr 2007 22:23:08 +0300, Lorenzo Sandini
> <(E-Mail Removed)> wrote:
>
>> 1.02, and connection "speed" is set to "Automatic best".
>>
>> Could you check with yours please, if it's not too much asking?
>>
>> Thanks
>>
>> Lorenzo
>>
>>
>> Barb Bowman wrote:
>>> must be something in the driver and/or router firmware. I don't
>>> think that the draft N spec mandates WPA2 to trigger anything. I've
>>> been running with WPA2 since I received the DIR655 so I haven't
>>> experienced this. What firmware is in the router?
>>>
>>> On Sat, 28 Apr 2007 20:28:49 +0300, Lorenzo Sandini
>>> <(E-Mail Removed)> wrote:
>>>
>>>> I noticed that WPA2 must be enabled in order to get the maximum
>>>> throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
>>>> WPA2-AES I get 300Mbps. Is it by design ?
>>>>
>>>> Lorenzo
>>>>
>>>>
>>>> Barb Bowman wrote:
>>>>> a "dictionary" attack is the onlly real method for breaking WPA. Use
>>>>> an extremely long random key (you probably have support for Windows
>>>>> Connect Now so you can use the Network Wizard to generate one for
>>>>> you).
>>>>>
>>>>> I've got the same setup here with the same hardware (more or less).
>>>>>
>>>>>
>>>>>
>>>>> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
>>>>> <(E-Mail Removed)> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>>>>>> uses the 802.11n draft technology. Almost all my computers are wired,
>>>>>> but I need that wireless link for a couple of them. I fitted those
>>>>>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>>>>>> will be used.
>>>>>>
>>>>>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>>>>>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>>>>>> can, and falls back to WPA for the machine that cannot do WPA2.
>>>>>>
>>>>>> MAC address filtering is enabled, SSID hidden and changed on an
>>>>>> irregular basis. Call me paranoid, but what is the possibility that
>>>>>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>>>>>> address for one connected machine and uses it on his laptop to associate
>>>>>> with the router ?
>>>>>>
>>>>>> Not that I have something to hide, or that any of my computers contains
>>>>>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Lorenzo
>>>>> --
>>>>>
>>>>> Barb Bowman
>>>>> MS Windows-MVP
>>>>> Expert Zone & Vista Community Columnist
>>>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>>>> http://blogs.digitalmediaphile.com/barb/
>>> --
>>>
>>> Barb Bowman
>>> MS Windows-MVP
>>> Expert Zone & Vista Community Columnist
>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>> http://blogs.digitalmediaphile.com/barb/
> --
>
> Barb Bowman
> MS Windows-MVP
> Expert Zone & Vista Community Columnist
> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
> http://blogs.digitalmediaphile.com/barb/

the 645 is older. could be a firmware thing. i have a 652 and the
expresscard one. i don't know if the firmware for the router is
different in Europe either.

On Sun, 29 Apr 2007 17:52:33 +0300, Lorenzo Sandini
<(E-Mail Removed)> wrote:

>It's the DWA-645, http://www.dlink.com/products/?sec=0&pid=489. Nothing
>specific in the user's guide I am afraid.
>
>Apparently in Finland we don't have the DWA-652. I don't know exactly
>what is the difference though. A hint maybe ?
>
>Lorenzo
>
>
>
>Barb Bowman wrote:
>> which NIC do you see this on? I use only N clients on the 655 and
>> have an AP for G only clients.
>>
>> On Sat, 28 Apr 2007 22:23:08 +0300, Lorenzo Sandini
>> <(E-Mail Removed)> wrote:
>>
>>> 1.02, and connection "speed" is set to "Automatic best".
>>>
>>> Could you check with yours please, if it's not too much asking?
>>>
>>> Thanks
>>>
>>> Lorenzo
>>>
>>>
>>> Barb Bowman wrote:
>>>> must be something in the driver and/or router firmware. I don't
>>>> think that the draft N spec mandates WPA2 to trigger anything. I've
>>>> been running with WPA2 since I received the DIR655 so I haven't
>>>> experienced this. What firmware is in the router?
>>>>
>>>> On Sat, 28 Apr 2007 20:28:49 +0300, Lorenzo Sandini
>>>> <(E-Mail Removed)> wrote:
>>>>
>>>>> I noticed that WPA2 must be enabled in order to get the maximum
>>>>> throughput. When I chose WPA-TKIP, max speed is 54Mbps, while with
>>>>> WPA2-AES I get 300Mbps. Is it by design ?
>>>>>
>>>>> Lorenzo
>>>>>
>>>>>
>>>>> Barb Bowman wrote:
>>>>>> a "dictionary" attack is the onlly real method for breaking WPA. Use
>>>>>> an extremely long random key (you probably have support for Windows
>>>>>> Connect Now so you can use the Network Wizard to generate one for
>>>>>> you).
>>>>>>
>>>>>> I've got the same setup here with the same hardware (more or less).
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, 27 Apr 2007 11:47:32 +0300, Lorenzo Sandini
>>>>>> <(E-Mail Removed)> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I just changed my old trusty D-Link DGL-4300 router for a DIR-655, that
>>>>>>> uses the 802.11n draft technology. Almost all my computers are wired,
>>>>>>> but I need that wireless link for a couple of them. I fitted those
>>>>>>> machines with D-Link 802.11n NICS (one PCI and one Cardbus), so WPA2
>>>>>>> will be used.
>>>>>>>
>>>>>>> Unfortunately, I have to keep a DWL-650G (108Mbps) in one machine,
>>>>>>> forcing me to use WPA too. The router negotiates WPA2 with machines that
>>>>>>> can, and falls back to WPA for the machine that cannot do WPA2.
>>>>>>>
>>>>>>> MAC address filtering is enabled, SSID hidden and changed on an
>>>>>>> irregular basis. Call me paranoid, but what is the possibility that
>>>>>>> someone intercepts packets in the air and cracks my key ? Finds a MAC
>>>>>>> address for one connected machine and uses it on his laptop to associate
>>>>>>> with the router ?
>>>>>>>
>>>>>>> Not that I have something to hide, or that any of my computers contains
>>>>>>> anything precious, but I know too much about WLAN insecurity to feel safe.
>>>>>>>
>>>>>>> Thanks
>>>>>>>
>>>>>>> Lorenzo
>>>>>> --
>>>>>>
>>>>>> Barb Bowman
>>>>>> MS Windows-MVP
>>>>>> Expert Zone & Vista Community Columnist
>>>>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>>>>> http://blogs.digitalmediaphile.com/barb/
>>>> --
>>>>
>>>> Barb Bowman
>>>> MS Windows-MVP
>>>> Expert Zone & Vista Community Columnist
>>>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>>>> http://blogs.digitalmediaphile.com/barb/
>> --
>>
>> Barb Bowman
>> MS Windows-MVP
>> Expert Zone & Vista Community Columnist
>> http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
>> http://blogs.digitalmediaphile.com/barb/
--

Barb Bowman
MS Windows-MVP
Expert Zone & Vista Community Columnist
http://www.microsoft.com/windowsxp/e...ts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/