For the next meeting of the hcc pc!gg netwerkgroep I wanted wired Internet access. But the location where it will be is so advanced it only has wireless Internet access. Time for a fix.
First option was a Linksys WAP54G (borrowed from work). The page in the setup where it can be configured as a wireless client already mentioned that it doesn't want to connect to other brands of networks. Too big a risk that this will not work on location.
Second option was getting a wireless - wired bridge running in Linux. The server I use for experiments with the netwerkgroep has a pci to pcmcia interface and a prism2 based pcmcia wireless card. After a bit of finding sources and getting the hostap drivers working again I set up the bridge and built a test network. First the normal iwconfig commands failed to produce results until I found that the right order is to first ifconfig wlan0 up and then iwconfig wlan0 essid 2marken.ifconfig wlan0 up iwconfig wlan0 essid 2markenAs a simple wireless client it works. Now to make it a bridge:ifconfig wlan0 0 up ifconfig eth1 0 up brctl addbr br0 brctl addif br0 eth1 brctl addif br0 wlan0Disabling ip on wlan0 and eth1 to take them out of normal ip routing and traffic. The bridge was working, the bridging machine was able to see the wireless network and get an IP via DHCP on the bridge interface using dhclient br0. A client machine connected to the wired connection of the bridge did not get an IP. With lots of tcpdumps running it showed that the bridge did forward the DHCP request out of the wireless interface but it never showed up on the server. Later running of another tcpdump on the same wireless network also showed no packets passing.
The one reason I can think of this happening is spanning tree doing something weird. The main ethernet switch in our house does spanning tree. Configuring that switch to force itself to be the spanning tree root also did not fix things. Or maybe the prism card does not like transmitting ethernet frames with a different source address. The Linux bridging documentation suggests this can be a problem.
Eventually I gave up and just went the standard way of masquerading from eth1 to wlan0 and setting up the standard stuff (dhcp server, nameserver). That does mean double NAT (yuck) but at least it gives connectivity.
Yesterday I upgraded the firmware of the Asus WL-300g accesspoint at home. The first effect was that the settings were completely hosed: I could not log in to the web interface and the wireless network had turned into an open network with SSID 'Broadcom' on a very busy channel. But after finding the manual on the asus web site and resetting the config I had access again to the web interface and I was able to enter my own configuration. So now I use WPA2. The interference problems are still there: putting the laptop on the (metal) garden table makes the wireless signal drop out.
I moved the wireless access point one floor down last evening in hopes of fixing the interference problems at home. So far it seems somewhat more stable. Not perfect.
Wireless at home is giving problems again, even with Mirjams laptop. Probably interference in the completely stuffed 2.4 GHz band. Looking at 802.11a shows not much on offer. Maybe 802.11n with 5 GHz channels can be an option but the affordable 802.11n (draft 2.0) accesspoints for sale all have lots of extra options, like playing 'router' (IPv4 nat) I don't need / want. Netgear seems to have some options but reviews tell me the devices fail easily. Linksys has no real access points other than the wap54g. Cisco has options but only in the expensive range...
It's becoming almost regular.. Group wants Wi-Fi banned from public buildings (KOB.com)A group in Santa Fe says the city is discriminating against them because they say that they're allergic to the wireless Internet signal. And now they want Wi-Fi banned from public buildings.Found via Group Wants Wi-Fi Banned, Citing Allergy (slashdot.org)
Looking at the wigle maps for what I think is Santa Fe, NM those 'allergic to wi-fi' probably have to live way out of town to have a normal life during the day. And get rid of that microwave.
Weird wi-fi news: A new regulatory agency in Russia has decided every device with Wi-Fi needs registration.registering a PDA or telephone would take 10 days. Then, only the owner of the device would be licensed to use it. Registering a Wi-Fi hotspot, on the other hand, would be more difficult. Anyone wishing to set up as much as a personal home-network would need to file a complete set of documents, as well as technological certifications.Sources: The Other Russia: Russian Agency Demands Registration for all Wi-Fi Devices, Wifi net news: Russia Requires Wi-Fi Registration Glenn Fleishman is as always following the wi-fi news, Slashdot: Russia to Require Registration for Wi-Fi Use with the obligatory joke written as wifi-register.su.
To me it sounds like that new regulatory agency claiming its turf. In a way that will annoy a lot of users.
Wardriving results 28 March - 16 April: 2853 new networks with GPS locations noted at WiGLE. Most amazing was finding 505 new networks without moving the wardriving box one centimeter: the AMD_IBSS networks were showing up again when I had the wardriving box running overnight in the top window.
Wardriving results 24 Februari - 3 March: 4377 new networks with GPS locations. The wardriving box is helping, together with having nice weather and time for long bicycle rides around Utrecht. I passed the 90000 new networks mark at WiGLE and I'm back at position 22 in the WiGLE stats.
The wardriving box is finished and I have done the first test today. And scored new networks! Between 13 Februari and 23 Februari I found 184 new networks with GPS locations. Of those 108 using the laptop on bicycle, 63 in the first testrun using the wardrivebox on bicycle and 13 from testing the wardrive box at home. Yes, I can still find new networks at home without moving.
I left the wardriving box running overnight to test the stability and heat generation. No problems in those areas. It was on the top floor of the house in the window facing northwest (in the direction of the student flats). A total of 43(!) access-points were seen. Yes, wireless networks are still rising in numbers.
I had some time for work on the wardriving box. I fixed the powerbutton problem by switching to Linux kernel 188.8.131.52. Linux 2.6 has specific support for the geode processor which include acpi support. With 2.6 I get a good power-button event when I press it and on a shutdown with powerdown the alix system is powered down completely (power led goes out). I also worked on the case, making holes for the antenna connectors. I managed to make the right holes and modify the I/O shield without making the wrong holes or get damaged myself. My teacher in metalwork years ago would probably think I'm still bad at it but with a drill and a metal file the modifications got done, including filing the flange of the N-connector to make it fit in the case. Pictures of the results,
Wardriving results between 12 January and 12 February 2008: 1321 new networks with GPS location. Since the work on the wardriving box software and hardware the GPS and the antenna have been at home for testing it all.. and I did not feel like bringing the stuff along and getting another run with problems. I ordered the battery and a charger yesterday and did some more test runs, some with the external antenna connected. The big external antenna gives me 23 visible networks at home. Work that is left on the wardriving box: cabling, making holes in the case for antenna and power connections and building it all together.
Tijd voor wat bewerkingen aan het Draadloos netwerk uitleg en installatie document: ad-hoc netwerken hebben een maximum snelheid van 11 Megabit/seconde wat ik opzocht naar aanleiding van een vraag in nl.comp.netwerken.draadloos.
It seems Eircom broadband missed the news about WEP being dead (pdf) and WEP being really dead. From The Register: Eircom wireless security flaw revealedEircom's director of communications Paul Bradley defended the protocol, however, saying "WEP is an industry standard protocol used by telecoms providers around the world."Well Paul, just because all the stubborn kids do it, does not mean it is the right choice.
Gezien in de kismet logs: Found new network "martin en margo" gevolgd door Found new network "naast martin en margo".
At home, in the garden, with barbecue weather I notice an ad-hoc network in the wireless networks lists with ssid AMD_IBSS and regularly changing channel and mac address. Anybody got any idea what this is? In other wireless at home news: the neighbourhood has no unsecured wireless networks left, and WEP is a minority.
In wireless security, WEP is now 'broken harder'. Cryptography researchers at the Technische Universität Darmstadt have researched new attacks and written a tool that has a probability of 50% of finding a 104-bit WEP key within 1 minute.
A great sample of the 'movie plot' way in which 'terrorism' is seen and handled: a Vancouver police computer crime investigator has warned about how the wifi network in the city can be abused by terrorists at the 2010 winter olympics. Yes, three years from now. Reading the original article in the Vancouver Sun makes it an almost funny story (from this distance) but the saddening part is that this detective is serious and the newspaper seems to take his story serious. Bruce Schneier has written a good response about it Movie Plot Threat in Vancouver. One good comment:I think the Vancouver Police crime investigator watches too much "24".
Vandaag hadden we een bijeenkomst van de HCC PCgg netwerkgroep. Ik heb daar een presentatie gegeven met als titel Wireless security anno 2006: WEP is dood. Presentatie Wireless security anno 2006 HCC PCgg (pdf) en aantekeningen Wireless security anno 2006 zijn beschikbaar.
Mijn document over draadloos netwerk uitleg en installatie bijgewerkt. WEP moet nu sterk afgeraden worden en naar aanleiding van een vraag van iemand een kort stukje over 'ad-hoc' draadloze netwerken.