reveals the following list of commands: www.syngress.com Wireless Access Points • Chapter 4 89 Figure 4.27 An Example of a Soekris Box with 802.11a and 802.11b Radios... Wireless Client
Trang 1Note that the 8571 uses an Atheros-based radio.To configure your Soekris/Pebble device, form the following steps:
per-1 Enter the following:
auto ath0 iface ath0 inet static
address #insert IP address for your 802.11 card, i.e 10.0.0.2 netmask 255.255.255.0
broadcast 10.0.0.255 gateway 10.0.0.1
up iwconfig ath0 ap #enter the MAC Address of the 802.11a AP on the other side of the link, i.e 00:20:A6:47:f7:30
www.syngress.com
Wireless Access Points • Chapter 4 87
Figure 4.26 Close-up Shot of a PCMCIA Card after Removal from an 8571
Trang 2# alternatively use the following line (uncomment) if you want the client to look
# for a particular SSID instead of a specific AP MAC Address
# up iwconfig ath0 mode managed essid socalfreenet.org
auto eth0 iface eth0 inet static
address #insert IP address for your wired Ethernet port, i.e 192.168.1.1 netmask 255.255.255.0
broadcast 192.168.1.255
4 To save your changes in the editor, press Shift and type ZZ.
5 Next, you will need to modify /etc/modules (Again, type vi /etc/modules.) Add the line:
ath_pci
NOTE
If you have a Soekris device that supports a second Wi-Fi radio, you can use an 802.11b cardand have one device operate as both an 802.11a backhaul and 802.11b client access radio If
you are using an 802.11b Mini-PCI card, you should add the line hostap_pci to the
/etc/modules file If you are using an 802.11b PCMCIA card, you can omit that step
6 Next, don’t forget to define the 802.11b radio (wlan0) in the /etc/network/interfaces file.For example:
auto wlan0 iface wlan0 inet static address 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
up iwconfig wlan0 essid socalfreenet.org channel 1
7 Finally, to save your changes and reboot, enter the command:
/usr/local/sbin/fastreboot
Figure 4.27 shows an example of a Soekris box with a “harvested” 802.11a PCMCIA card, next
to an 802.11b PCMCIA card When selecting antennas, keep in mind that the 8571 AP operates in
www.syngress.com
88 Chapter 4 • Wireless Access Points
Trang 3the U-NII 2 middle band (5.25-5.35 GHz) Again, always be sure to select antennas that are in pliance with FCC rules (or whichever rules apply in your country).
com-Under the Hood: How the Hack Works
You can learn more about the Proxim 8571 at the www.proxim.com Web site Of particular interest
is the April 2002 press release announcing the 8571 at lease/pr2002-04-01.html, which reads “The Harmony 802.11a Access Point—connectorized version(Model Number 8571) is available immediately for $695.”You can also read the User Manual atwww.proxim.com/support/all/harmony/manuals/pdf/857xman01.pdf In addition, be sure toupgrade the firmware to the most recent version here: http://support.proxim.com/cgi-bin/
www.proxim.com/about/pressroom/pressre-proxim.cfg/php/enduser/std_adp.php?p_faqid=1227 Use the option For stand-alone APs (no AP
Controller)
If you are curious, the antenna connectors on the PCMCIA card are Radiall UMP series.You canfind more information here: www.firstsourceinc.com/PDFs/ump.pdf Furthermore, the Proxim 8571does support PoE, but since it predates any IEEE PoE standards, the 8571 is not 802.3af compliant
For PoE operation, you should use a Proxim Harmony Power System, Model 7562.These can also befound at aftermarket resellers and auction sites For more information, see the User’s Guide at
www.proxim.com/support/all/harmony/manuals/pdf/7562newmanb.pdf
A quick port scan of the 8571 reveals two open TCP ports (80/HTTP and 23/Telnet) as well asone open UDP port (161/SNMP) Ahah! A Telnet port.Thanks to an anonymous poster on our Web
site, you can now Telnet to the 8571 using the password notbrando and gain access to a special
DebugTerm mode Pressing the question mark (?) reveals the following list of commands:
www.syngress.com
Wireless Access Points • Chapter 4 89
Figure 4.27 An Example of a Soekris Box with 802.11a and 802.11b Radios
Trang 4L = lock guided mode
l = enable debug log
z = write new bootrom
Z = write new image
0 = reset debug stats
Trang 5Pressing the letter “r” (lower case) reveals interesting radio statistics.
Main->r
Radio State Down 100 resetOn = 0
Radio Misc Statistics curTxQ = 0 maxTxQ = 1 curRxQ = 400 minRxQ = 0 txDescC= 0 TxPend = 0 rxDescC = 400 sibAge = 0 StaInPS= 0 StaDim = 0 psChange= 0 txUrn = 0 curtxPS= 0 maxtxPS= 0 PSQueue = 0 PSDeque= 0 curAltQ= 0 maxAltQ= 0 AltQueue= 0 AltDequ= 0
Rx = 0 Tx = 472 RxBad = 0 TxBad = 0 RxGood = 0 TxGood = 472 RxUni = 0 TxUni = 0 RxMulti= 0 TxMulti= 472 RxMgt = 0 TxMgt = 0 RxCtrl = 0 TxCtrl = 0 RxDscrd = 0 TxDscrd= 29 RuBrdg = 0 TuBrdg = 0 RmBrdg = 0 TmBrdg = 472 RepUnPk= 0 RepMuPk= 0 nullPtr = 0 hwReset= 0 802.11a settings
SSID- socalfreenet.org Channel- 56
Main->
Pressing the letter “V” (upper case) displays some interesting Configuration data:
Main->V MAC Address = 00:20:a6:47:f7:30
IP Address = 0.0.0.0 SSID = socalfreenet.org Channel = 56
SNMP Enabled = 0
AP or STN = 0
Security Mode = 0 Default Key = 1 WEP Key Size = 13 Old wepState = 0 Auth Address = 0.0.0.0 Auth Address2 = 0.0.0.0
www.syngress.com
Wireless Access Points • Chapter 4 91
Trang 60 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 keyBuf152: 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0 authSecret: 0 0 0 0 0 0 0 0
Trang 7Finally, another screen can be found by pressing lowercase a and then the question mark (?) to
reveal the Atheros Radio menu:
Main->a Radio->?
? = show help
a = display All error stats
A = set AP Mode
b = display station info
B = get MAC Reg
Trang 8h = set turbo ch list
i = set hw tx retry count
I = set Beacon Interval
j = set RD display code
J = set DTIM Period
p = print radio stats
q = quit to main menu
v = set anntenna type
V = set Turbo Allowed
Trang 9From this menu, you can modify all manner of wireless configuration options, including WEPkeys, data rates, channels, regulatory domain (FCC, ETSI, Spain, France, and so on), and more.You canalso display statistics and view a list of association stations.
it to create 802.11a links
Choosing to use a Linksys or SBC device is a very deployment-specific issue In general, we like
to shy away from consumer-grade gear, but in some environments (such as small coffee shops or retaillocations) it could be entirely appropriate
Because upgrading Linksys firmware is so simple ( just use the browser-based management face), we recommend playing with multiple distributions before making your selection For SBCs,always be sure to check the hardware requirements of your distribution before selecting a particularSBC product Soekris engineering makes an excellent line of SBCs that work great in communitywireless networks
inter-Another option to consider for backhauls is to use 5 GHz, where there is less interference andcongestion than 2.4 GHz A very low-cost method for building 802.11a backhaul links is to use aProxim 8571 One device can operate as an AP while the other device can be “harvested” for itsPCMCIA card and used as a client in a Soekris running pebble Chapter 8 outlines other solutionsthat are commercial but low cost, such as the excellent Sputnik management platform
www.syngress.com
Wireless Access Points • Chapter 4 95
Trang 11Wireless Client Access Devices
Topics in this Chapter:
Trang 12Let’s say that you have just finished setting up your wireless network, or perhaps you want to connect
to that free hotspot at your favorite coffee shop.To facilitate communication, a properly functioningwireless network requires an Access Point (AP) on one side and a wireless client access device on theother side
So, what happens after you set up the APs? Well, you will need to be able to access that networksomehow In this chapter, we discuss the various types of client access to the wireless network First,
we show you how to connect using a notebook computer.Then, we show you how to hook up yourdesktop computer and Personal Digital Assistant (PDA)
By the time you’re finished with this chapter, you will understand everything you need to know
to get your client device up and running on a wireless network
Notebook Computers
Notebook computers or laptops are by far the most widely used computing platform for accessing awireless network In fact, before the widespread use of wireless technologies became commonplace,most people had to either use a dial-up modem, or stretch a long, winding Ethernet cable around theroom to connect to the Internet However, you are now able to connect anytime and anywhere,regardless if it is from home, the coffee shop down the street, or sitting at the airport
There are two main connectivity options for notebook computers; however, some of the desktopmethods discussed later may work as well.The first connection device is a PCMCIA card in one ofthe laptop’s card slots.The second is for some newer notebooks that have a mini-PCI slot
PCMCIA Cards
PCMCIA cards (or “PC cards” as they are sometimes called) require a notebook with an availableType II card slot on the computer.The card contains both the 802.11 radio and antenna in a compactdesign.These cards used to be more expensive than their USB and PCI counterparts were, but due tothe proliferation and critical mass of Wi-Fi, they can often be picked up for as low as $5 to $20 if youshop around
There is not a great deal of variation between these cards, as they are fairly standard in designamong the various vendors.The only real difference may be the chipset used for the 802.11 radio.The major manufacturers of wireless chipsets are Atheros, Broadcom, and TI (Texas Instruments).Most Original Equipment Manufacturers (OEMs) only provide software and drivers for Windowsand Mac operating systems in the packaging However, if you search the Web, you can often findadditional drivers for Linux, BSD, and UNIX
www.syngress.com
98 Chapter 5 • Wireless Client Access Devices
Trang 13Wireless Client Access Devices • Chapter 5 99
As you can see in Figure 5.1, the antenna (the black part at the top of the card) extends out abouthalf an inch or more from the card.This design is required to get better reception than if the antennawere buried inside the card slot
The problem with this design is that the antenna is now vertically polarized and only receives thebest signal both above and below the card.To compensate for this design flaw, some card manufacturersallow for the connection of an external antenna to increase performance as shown in Figure 5.2
Mini-PCI Cards
Mini-PCI cards are very similar to PCMCIA cards in design except that they lack the integratedantenna and preotective outer shell.These cards are designed for newer laptops that often have the
www.syngress.comFigure 5.1 A typical PCMCIA card (pictured Proxim Harmony 802.11a card)
Figure 5.2 Another PCMCIA card (pictured EnGenius NL-2511CD PLUS EXT2)
Trang 14antenna wiring built into the notebook behind the LCD screen Because the antenna is behind theLCD screen, your cards will have a better horizontal orientation and often have better reception thantheir PCMCIA counterparts have.
Most mini-PCI slots are located on the bottom of the laptop under an accessible door similar tohow one would access the memory or the hard disk However, sometimes due to design constraints,
we have seen manufacturers place mini-PCI slots under the keyboard, which requires a little moreskill and finesse to access
The antenna connectors of the card in Figure 5.3 are located in the upper left; they are the twolittle dots next to the large silver heat sink Mini-PCI cards are more fragile than PCMCIA cards andare not designed to be removed and installed often However, they are also very versatile, as you canupgrade your notebook’s wireless card down the road and not have to worry about taking up aPCMCIA slot or accidentally damaging the built-in antennas of those protruding cards
Desktop Computers
Desktop computers are an interesting challenge when it comes to accessing wireless networks Mostpeople tend to have their computers under a desk or behind a cabinet door—not a good place tolocate the PC (or more specifically, the wireless antenna) when trying to connect to a wireless net-work Basically, in this situation you’re placing a big piece of metal (the computer case) or largeamounts of wood (the desk) between the radio and the AP.The signal will eventually penetrate, butwith a loss of signal strength In this section, we discuss your options when it comes to hooking upyour desktop to an 802.11 network
www.syngress.com
100 Chapter 5 • Wireless Client Access Devices
Figure 5.3 Mini-PCI (pictured EnGenius EL-2511MP)
Trang 15Wireless Client Access Devices • Chapter 5 101
PCI Cards
PCI cards for desktop computers have come a long way in the past couple of years Originally, theywere implemented as a PCI-to-PCMCIA bridge that allowed you to insert a PCMCIA card into theback of your computer.The problem this created was that the antenna was again forced into a loca-tion that suffered from poor reception Manufacturers then started to make PCMCIA cards withremovable antennas to help alleviate some of this problem.Today, most PCI cards actually have the802.11 radio built into the card instead of using a PCMCIA slot with the radio in a separatePCMCIA package
As you can see in Figure 5.4, modern cards tend to have more powerful detachable antennas thatcan increase your reception Some companies such as D-Link and SMC sell slightly more powerfulomnidirectional and unidirectional antennas to increase performance and allow more flexibility inantenna placement
USB Devices
USB radios offer some of the best flexibility for desktop computers USB offers more deploymentoptions than PCI because you can move the USB device around the room until you find its optimalorientation Usually, they come with a six-foot USB cable, but if you are using a powered USB hub,you can go up to a distance of 15 feet from the PC Shown in Figure 5.5 is an example of anORiNOCO USB client adapter.These were very common just a few years ago In fact the inside ofthe adapter is nothing more than a USB to PCMCIA bridge with a standard card sitting inside
www.syngress.comFigure 5.4 PCI Card (pictured Linksys WMP11)
Courtesy of Lynksys
Trang 16Figure 5.6 is a great example of some of the newer style of USB wireless adapters Most turers have gone to a smaller form factor to reduce cost.
manufac-www.syngress.com
102 Chapter 5 • Wireless Client Access Devices
Figure 5.5 A typical USB adapter (pictured Lucent ORiNOCO USB Client)
Figure 5.6 Another USB Adapter (pictured Linksys WUSB54G)
Courtesy of Lynksys
Trang 17The only real downside to USB radios is the limited availability of drivers for the USB bus.
Because of this problem, most USB devices only operate with Windows 2000 or XP A few, however,are shipping with drivers for Mac OS
Ethernet Bridges
Ethernet Bridges are wireless radios that can be used to extend a wireless network to an Ethernet switch
or hub (which can be used to extend connectivity to multiple wired devices) Ethernet bridges can also
be used to connect any device with an Ethernet port such as a Tivo, Xbox, or even a computer to thewireless network without having to install drivers or client software.This is a great solution for use withMac OS and Linux computers, where drivers may be limited and more difficult to find
Another benefit of using a wireless bridge is that since it uses wired Ethernet to deliver width to the client, you can extend the cat5 cable to its maximum segment length of 100 meters andstill get connectivity In theory, by using a Power over Ethernet (PoE) injector, you can send powerover the Ethernet data cable as well and place the bridge as far away as 328 feet
band-Most Ethernet bridges support external antennas Figure 5.7 shows a Linksys WET11 with aremovable RP-TNC antenna
PDAs
Personal Digital Assistants (PDAs) are growing in popularity Just about anywhere you turn, someonehas a Palm OS or Microsoft Pocket PC device Wireless networking allows the ultimate in portableconnectivity for handheld devices
www.syngress.com
Wireless Client Access Devices • Chapter 5 103
Figure 5.7 Ethernet Bridges (pictured Linksys WET11)
Courtesy of Lynksys
Trang 18Compact Flash
Compact Flash (or CF) cards are the most common interface used by PDA devices While originallyused to extend the amount of memory in a device, the compact flash interface can now be used fornetwork devices, such as the Linksys Compact Flash device shown in Figure 5.8
You can even use most CF Wireless cards in a notebook computer through the use of aPCMCIA – CF adapter like the one shown in Figure 5.9, the only downside would if the card man-ufacturer never published any drivers for the device
www.syngress.com
104 Chapter 5 • Wireless Client Access Devices
Figure 5.8 Linksys Compact Flash 802.11b Network Interface
Figure 5.9 Another Compact Flash adapter w/ PCMCIA sled (pictured AmbiCom
WL1100C-CF)
Courtesy of Lynksys