From hunter@owlriver.com Mon Oct 28 23:25:14 2002
Date: Wed, 23 Oct 2002 02:11:04 -0400 (EDT)
From: hunter <hunter@owlriver.com>
Reply-To: colug@colug.net
To: COLUG list <colug@colug.net>
Subject: [COLUG] October Meeting presentation

I was over at Stauf's on Grandview Avenue Tuesday evening, for
half an hour, snarfling cleartext 802.11b traffic to a record
file -- saw a cleartext OSU mail system password, and lots of
Instant Messenger traffic.

I used a D-Link DWL-520 and also an SMC wireless card, running
the orinoco kernel module; a few weeks ago another member and I
used an older Lucent card, house branded by Dell, with the airo
driver module.

DHCP rules the day -- the subnet is 192.168.10.0/24; no WEP; 
traffic abounds.

To join in, please either match one of those, or grab a card to
test and debug; alternatively, bring a long cat-5 straight
cable, a laptop with a PC-Card NIC set up for a DHCP client, to
jack into the hub I'll bring, and a pre-load of the vncviewer
software -- the more the merrier.  With this, we can slave a
bunch of laptops to a central vnc server, or permit jacking into
a central server and popping up an account on that box (which
will be wiped after the meeting)

We'll discuss the OSI stack (layers 1, 2, 3, and 7, and if 
time permits, 8 and 9 <smile>), point-to-point links, wired 
broadcast links, and wireless transport broadcast links. 

Someone asked about preparation; I put up a test page, designed 
to provide 'good sniffing' and some things to discuss at:
   http://www.colug.net/stauf/index.php
with the source visible at:
   http://www.colug.net/stauf/index.phps
And a dissection at:
   http://www.colug.net/stauf/trace.html
Lots of tools (and full sources) at:
   ftp://ftp.owlriver.com/pub/local/ORC/
especially:
   dsniff, ettercap, exdump, htdump, libnet, libnids, nmap, 
splitvt, tcp{dump|flow|replay}

Not here, but generally available are:
   bridge-utils, ethereal, hogwash, iproute, lsof, netstat, 
snort, wireless-tools

There is not yet a clean packaging solution for layer 1 802.11b 
extensions acquisition, owing to the relative immaturity of the 
hardware and Linux 2.4 kernel 'hooks'

------------------------------

If you're inclined, stop in before the meeting and do a 
shakedown.  Snapshots off a Red Hat Linux 8.0 box, configured 
for the residence wireless lan segment:

bash-2.05b$ cat /etc/sysconfig/network-scripts/ifcfg-eth1 ; \ 
     echo "--------------" ; cat /etc/modules.conf
#
#	/etc/sysconfig/network-scripts/ifcfg-eth1
#
# Please read /usr/share/doc/initscripts-*/sysconfig.txt
# for the documentation of these parameters.
USERCTL=no
PEERDNS=yes
GATEWAY=
TYPE=Wireless
DEVICE=eth1
# HWADDR=00:40:96:31:6c:69
BOOTPROTO=none
NETMASK=255.255.255.0
ONBOOT=yes
# Configure wireless network device options.  See iwconfig(8) for more info.
# Valid variables:
#    MODE: Ad-Hoc, Managed, etc.
#    ESSID: Name of the wireless network
#    NWID: Name of this machine on the network.  Hostname is default
#    FREQ: Frequency to operate on.  See CHANNEL
#    CHANNEL: Numbered frequency to operate on.  See FREQ
#    SENS: Sensitivity threshold for packet rejection.
#    RATE: Transfer rate.  Usually one of Auto, 11, 5, 2, or 1.
#    KEY: Encryption key for WEP.
#    RTS: Explicit RTS handshake.  Usually not specified (auto)
#    FRAG: Fragmentation threshold to split packets.  Usually not specified.
#    SPYIPS: List of IP addresses to "spy" on for link performance stats.
#    IWCONFIG: Extra parameters to pass directly to IWCONFIG
#    IWPRIV: Extra parameters to pass directly to IWPRIV
DHCP_HOSTNAME=
IPADDR=10.0.100.101
NAME=
DOMAIN=
ESSID=OwlTools
CHANNEL=2
MODE=Ad-Hoc
KEY=1234-5678-aa
RATE=Auto
NETWORK=10.0.100.0
BROADCAST=10.0.100.255
--------------
#
#	/etc/modules.conf
#
alias parport_lowlevel parport_pc
alias eth0 ne2k-pci
alias usb-controller usb-uhci
alias sound-slot-0 ymfpci
post-install sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -L \
	>/dev/null 2>&1 || :
pre-remove sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -S \
	>/dev/null 2>&1 || :
options sb support=1
alias eth1 orinoco_pci

bash-2.05b$

_______________________________________________
colug mailing list
colug@colug.net
http://www.colug.net/mailman/listinfo/colug