Saturday, March 31, 2007

GPRS billing hack

GPRS billing hack
> Presumably one would have to hack into the internal network to get > access to the (private?) i.p addresses that are being assigned to > customers. (Or are they not private - can I ping them from the net?)
It depends. Some operators (including mine) use Network Address Translation (NAT) to provide ip addresses from private network to the clients. This would also efectively stop the "gprs billing hack".
Some operators provide the ip addressses from public ip space which is is efectively the same as connecting any normal computer to the internet. In this case (if there is not any firewall between) you can send packets to the handset. Still, this does not mean that you could somehow steal money from the packet charges.
The overbilling scam they described is basically just pinging a host (handset) in Internet. In the old days when ISP:s charged by the traffic you could do the same "attack" to some poor company by floodpinging their webserver. Was that called "hacking into ISP billing system"? I dont think so :)
There were some valid point brought forward in the article. First, don't think this about wholesale theft form wireless carriers; rather,this is about the erosion of consumer confidence in per-packet billing.
DoCoMo already has a monthly 500yen kickback to consumers that acknowledges the fact that they don't own and can't control the Internet. The reality is that there is enough strange and wonderful stuff going on in the Internet that per-packet billing is tenuous at best.
...and for all those telcos and governments out there who's revenue models depending on per-(whatever besides monthly) billing, that hashuge implications. These folks consider a departure from per-packetbilling to be theft outright.

Friday, March 16, 2007

Get more out of your home Wi-Fi network with video and audio streaming, webcam monitoring, VoIP phone service, and networked storage.

Wi-Fi is not just about getting connected at hotspots any more. Virtually everything you can hook to a network can also be hooked up wirelessly, such as hard disks and printers. Even high-bandwidth devices like Webcams, TVs and stereos are fair game. Finally, you can save big bucks by sending your phone calls over Wi-Fi, rather than your landline. Here are our top five ways to get more out of your home Wi-Fi net.

1. Add Wireless Network Storage

Question: I'd like to add a wireless hard drive to my network for backup and storage of my audio and video libraries. What's the best way to do this?

Answer: With the growing popularity of network hard drives for multimedia streaming, we get asked this question at least a couple times a week. But being able to ACCESS a hard drive wirelessly, is completely different from the drive itself being wireless. As long as the drive is connected to your network, any wireless computer can access it through your router. Since there is usually no reason a network drive needs to be physically located away from your router, the preferred solution is to simply connect it directly via wired Ethernet. You'll get the best performance that way, and won't clog up your Wi-Fi network unnecessarily.

While you can easily exchange files between machines with Windows Networking or Mac File Sharing, storage devices that connect directly to your network eliminate the need to dedicate an expensive, always-on computer to this mundane task. Three excellent choices are Buffalo's LinkStation and TeraStation lines (depending on how much space you need), and Maxtor's Shared Storage Plus drive. The Maxtor has both PC and Mac support.

A

no

ther great choice is Linksys' inexpensive Network Storage Link, a device that connects standard USB 2.0 hard drives, such as Maxtor's popular OneTouch drives, to any wireless rout

er. If you have a spare drive sitting around, this is a great way to put it to use. The Network Storage Link can even make files accessible from the Internet via any Web browser, a boon for business travelers who don't want to leave their desktops on 24/7 and possibly open to hacking.

Don't expect desktop drive performance from networked devices accessed over Wi-Fi, since file transfer rates will be limited by 802.11g network speeds. But for sharing files and even streaming media playback, they work just fine. Another big feature of network storage is for backup of your PC drives. Both the Buffalo and Maxtor units come with convenient automatic backup software that you can schedule in off hours.

2. Set Up a Wireless Home Media Network

Question: What is a home media network, and why would I want it? Can it be wireless?

Answer: Home media networking products that let you stream audio, photos and video from your PC to your stereo and TV are multiplying fast. The first such products streamed music only, but now complete media systems that handle virtually everything your PC can produce are hitting the mainstream.

If you have a Windows Media Center PC, the thing to get is a Media Center PC Extender, such as the Linksys Dual-Band Wireless A/G Extender. These are basically intelligent Wi-Fi receivers for data stored on your Media Center PC. You can access all the content on your remote PC with a wireless keyboard or remote, and your TV monitor.

If you don't have a Media Center PC, don't worry. You can still access all the media files on your networked PC via products like D-Link's MediaLounge DSM-320RD. The MediaLounge has a built-in DVD player as well as a card reader, so that you can stream discs and memory cards directly to your home entertainment system, as well as audio, video and photo content stored on your computer. You just connect the box to your stereo and TV, as well as to your wireless network, then run the guided setup on your Windows PC to find all your media. From then on, you can access it from your TV via remote control. The MediaLounge supports virtually every major photo, audio and video media type, including the Rhapsody, Napster and AOLRadio services.

If all you really want is to stream your digital audio collection, a lot of even simpler (and cheaper) choices are available. The two stars in this area are the Roku SoundBridge and Slim Devices Squeezebox V3. Both work with PCs and Macs, and multiple units can be placed around the house. For more wireless entertainment choices, see our Wi-Fi Entertainment Guide and 2006 Wireless Gift Guide.

3. Monitor Your Home with a Wi-Fi Webcam

Ask JiWire: I've seen ads for some wireless Web cams. How hard is it to set one up to monitor my home when I'm traveling?

Answer: The latest Wi-Fi video cameras have come a long way. Most vendors now have 54Mbps 802.11g models that can deliver much higher-quality video (and audio) streams with good detail and smooth motion than the original 11Mbps 802.11b models. With a Wi-Fi Webcam, you can place the camera anywhere within range of your wireless router, and then view the video from any Web browser, at home or on the road, thanks to built-in Web servers in the cameras themselves. You don't need a separate Web server, nor any Web video knowledge, although you will need a nearby power outlet and either a fixed IP address from your ISP, or a Dynamic DNS service like DynDNS in order to connect to the camera from outside the local network.

At the high end of the spectrum, the D-Link DCS-5300g Securicam has remote-controlled pan, tilt and 10X zoom features, so you can point the camera at anything in the room. It also has a motion detector with a feature that emails you a

video clip whenever motion is sensed. This camera will run you about $400.

For half that amount, you can dispense with the pan/zoom/tilt features, and get the Linksys WVC54G Internet Camera. The Linksys also has the motion sensor and email feature, and both cameras come with PC software that lets you set recording schedules for saving video to your hard disk. Naturally they also support Wi-Fi encryption

standards and password access so outsiders can't snoop on your video. Neither is rated for outdoor use, although you can probably use them in a sheltered porch area. To watch sample video from the D-Link camera, click here.

4. Slash Your Phone Bill with VoIP

Question: I read a lot about VoIP,

but it's still confusing. Just what do I need to sign up for VoIP, and can I then get rid of my regular phone line?

Answer: You are not alone in your confusion. While this has been a breakout year for VoIP, most users are still unsure about how best to implement it. VoIP lets you place phone calls over your broadband Internet connection, rather than over traditional landlines. Since Internet calls are essentially free, assuming you already have b

roadband, you can save big bucks on long-distance service -- locally, nationally and globally. And in contrast to cell phones, typical VoIP plans require no contract and cost just $19.95 to $29.95 per month for unlimited calling in the U.S. and Canada. Those prices also include a raft of features like Caller ID and voicema

il that you would pay extra for with your landline.

So just how do you do it? First, let's dispose of a couple of misconceptions. Namely, that you can immediately dispose of your landline. That's only true if you DON'T also need your landline for DSL, al

arm system monitoring, or TiVo service. Emergency calling is another problem area; 911 service from VoIP providers may be limited or nonexistent, and you'll need to have electricity on in order to use VoIP equipment, unlike traditional phones. Another common misconception is that you need computer software to use VoIP. While there are plenty of computer-based VoIP services (notably Skype), companies like Vonage offer a separate box that simply sits between your Internet rout

er and your regular phone handset, making installation a snap.

Assuming you want to go with a VoIP system, one handy tip for spreading it throughout the house is to use a cordless phone system with a single base station attached to your VoIP adapter, and then place the extra handsets in whatever rooms you like. The Vonage Help area has lots more great tips for VoIP usage.

For more on VoIP and how you can use it at home and on the road, see our Complete Guide to VoIP.

5. Email Photos Right from Your Camera with Wi-Fi

Question: What exactly is a Wi-Fi digicam, and why should I buy one?

Answer: Three companies have so far released consumer-oriented digital cameras with Wi-Fi: Kodak, Canon and Nikon. All let y

ou transfer pictures via Wi-Fi to a computer or printer, eliminating the needs for USB cables. Some do considerably more. Nikon's CoolPix S6 is a pocketable, slim 6-megapixel camera with a 3X optical zoom. It joins the earlier Wi-Fi-equipped 8MP CoolPix P1 and 5MP CoolPix P2, which are standard-size models. You can print to either a printer connected to your Wi-Fi network, or to a Wi-Fi-enabled printer directly. Nikon sells a $50 USB Wi-Fi adapter for PictBridge printers that will work with the camera. Another interesting feature in the three Nikon Wi-Fi cams is the ability to send pictures to your computer as you take them, bypassing your memory card altogether.

Canon's PowerShot SD430 Digital Elph Wireless is a compact 5MP, 3X optical zoom camera. In addition to transferring pictures wirelessly to computers and printers, the PowerShot is getting a firmware upgrade that will allow it to share pictures between cameras via Wi-Fi, and the SD4

30 allows direct saving of images to a connected computer while shooting, similarly to the CoolPixes. But its real claim to wireless fame is the ability to control the camera remotely over a Wi-Fi network with the Canon software, a feature we've not seen on any other consumer wireless digicam. You can preview your shots on your computer screen, and even zoom in and out. A USB Wi-Fi adapter for PictBridge printers is included free with the camera.

Kodak's second-generation 6MP EasyShare-one Wi-Fi camera is a horse of another color. Unlike the Canon and Nikon models, which only allow connections to home and office networks without login requirements, the EasyShare-one can connect at T-Mobile hotspots and send pictures via email, or upload them to the Web, no computer needed. This makes it a great travel companion.

Learn how to set up a VPN, how to cure dropouts, and where to find wireless print servers and storage solutions.

Setting up a home or small business Wi-Fi net has become a relative piece of cake compared to the early years, thanks to self-installing software and better operating system support. But there are still some nagging questions that keep getting asked. Notably about dropouts, range and performance. And businesses have special needs in terms of secure remote access and public hotspot maintenance. We've got the solutions for these situations and more.

1. Troubleshooting Dropouts

Question: I frequently lose my Wi-Fi signal, usually right when I REALLY need to get online. Then it comes back a few seconds, a minute or even an hour later. What gives?

Answer: If you have a home Wi-Fi router, chances are you experience periodic signal dropouts with more or less regularity. There are several reasons for this annoying problem, some of which you can control, and some of which you can't, but here are some tips for dealing with the problem.

First, be sure you (and your close neighbors!) don't have 2.4GHz cordless phones or baby monitors in the house. This is the same frequency that Wi-Fi uses, and if someone is talking on the cordless phone, it will likely cause severe interference with your network. Cordless phones are available in several other frequencies, so just switch, or better yet, get rid of your landline altogether and switch your home number to your cell phone.

Second, check if the dropouts seem to coincide with the use of your microwave oven, or any Bluetooth devices, such as wireless mice, keyboards, and printers. These devices also use the same frequency as Wi-Fi, and can cause interference. Place your Wi-Fi router as far from them as possible.

FInally, check to be sure that your neighbors don't have competing Wi-Fi networks on the same or a nearby channel. In the U.S., Wi-Fi channels range from 1 to 11, each focusing on slightly different frequencies in the 2.4GHz radio band. But you can't simply set your router to channel 4 if your neighbor uses 3 and expect that to fix things. Wi-Fi channels overlap, just like those on your FM dial. That's why you see spacing between radio stations, and the bigger the station, the more space it takes up due to a stronger signal that spills over into neighboring airwaves.

With most Wi-Fi routers, you need a spacing of 5 channels or so to get rid of interference. So channels 1, 6, and 11 could be used by three different access points in the same area without much trouble. Super-G, MIMO and draft-802.11n routers, however, bond two channels together to achieve their faster throughput, and their signals spill over into virtually the entire 1-to-11 channel band. There's really only room for one regular Wi-Fi channel in the same area as a channel-bonding router, so you'll need to space them as far apart as possible.

To see what channels are being used, look at the list of available access points given by your Wi-Fi card software. You can also use a Wi-Fi sniffer program to detect closed networks that don't broadcast their SSID, such as Kismet for Linux, and KisMac for Mac OS X. Once you have a list of surrounding access points and channels used, coordinate with your neighbors to select non-interfering channels for your routers.

If some neighbors won't budge, you can probably blast them out with the stronger signals from a MIMO or draft-802.11n router with intelligent antenna technology, such as the 240Mbps Linksys SRX400 or the 270Mbps Netgear RangeMax Next. They have much greater range and performance than standard routers. It's an expensive solution, but a pretty sure one.

2. Extending Your Home Wi-Fi Net

Ask JiWire: My house has a detached garage with an in-law apartment over it. My Wi-Fi network doesn't reach the apartment. Is there any solution other than getting a second DSL line? I can't exactly string Ethernet cable over the driveway.

Answer: Well, we actually know some people who HAVE strung Ethernet cable between the second floors of their houses to share a network, but we won't name names. There are better options. Assuming even a long-range draft-n router like those mentioned above won't bridge the gap, the next best alternative is to use your existing electrical system. With HomePlug networking, you simply plug adapters into the wall, and your computing devices into the adapters, and you're done. Combination Wi-Fi access points and routers with HomePlug let you plug in Wi-Fi access points in remote locations to extend the range of your network.

HomePlug 1.0 products provide 14Mbps performance over the powerline portion of the network (similar to 802.11b), and are available from numerous vendors. Two examples are TrendNet's 125Mbps Wireless PowerLine Router, and Netgear's Wall-Plugged Range Extender Kit. The Range Extender is the perfect solution to your problem.

HomePlug AV products with better than 100Mbps performance (similar to wired Ethernet and enhanced 802.11g) are just coming out. As its name implies, HomePlug AV is designed to be used to distribute HDTV and other digital media signals around a house as well.

3. Setting Up a Secure VPN Router

Ask JiWire: I have a small business and want to be able to connect securely to the local network server when I'm on the road. I use GoToMyPC, but that's pretty slow and cumbersome. Is there a simple way to connect to the server directly, and still be safe at a Wi-Fi hotspot?

Answer: There a lot of options, but all center around one word: VPN. Most network servers (and individual PCs) can be set up to for Web access, so that you can connect directly through a remote browser to upload and download files. Assuming you have Web access configured, the other part of the equation is security. That's where VPN comes in. Virtual Private Networks are secure encrypted "tunnels" between two endpoints: your computer on the road, and your home or business network. Most major Wi-Fi router vendors offer VPN models with built-in support for one or more simultaneous remote VPN connections. And prices are not much more than regular routers, starting around $150.

Netgear's ProSafe 802.11g Wireless VPN Firewall 8 (FVG318) supports up to eight remote users at a time, who can be working at home, or at a hotspot. You can also connect multiple offices with a single tunnel between each location. Another example is Linksys' Wireless-G VPN Broadband Router (WRV54G), which supports up to 50 remote users.

But you don't need to set up your own VPN for just one or two users. Individual VPNs like those in JiWire Hotspot Helper will keep you secure at any hotspot, and require little or no configuration.

4. Sharing Printers via Wi-Fi

Question: I have a home Wi-Fi net and broadband connection, but I would also like to be able to use my printer wirelessly. Should I get a Bluetooth printer or a Wi-Fi adapter?

Answer: While Bluetooth can be found in some new printers allowing direct printing from your Bluetooth laptop, using a Wi-Fi print server makes much better sense. With Bluetooth, you'll need to be within a few feet of your printer, and you won't be able to network the printer for use with other computers in your home. With Wi-Fi, you can print from anywhere within range of your router, and from any computer.

You can either buy a Wi-Fi router with a built-in USB or parallel print server (depending on your printer's interface), or a separate print server that communicates wirelessly with your router. We prefer the separate approach, since it doesn't restrict your router choices, and you can replace or upgrade components as new technology emerges.

Two good Wi-Fi print server options for Windows users are the Belkin 802.11g Wireless Print Server, which has dual USB 1.1 ports for connecting two printers to your network, and the Linksys Wireless-G PrintServer, which has one USB 2.0 port and one parallel port.

Mac users should consider Apple's AirPort Extreme and AirPort Express routers, which have built-in USB print servers that support both Mac and PC clients, as well as AppleTalk printers. The new AirPort Extreme, due in February, is a draft-802.11n model.

One catch with print servers is that they generally don't support the fax/copy/scan functions of all-in-one printers. They only support printing. So you won't be able to send or receive faxes or scans between your computer and the printer. You can still use the standalone fax and copy features of the printer, of course. If you really need a wireless multifunction solution, consider HP's OfficeJet 7140 All-in-One, which has 802.11b/g support and color print, flatbed fax, scan, and copy functions, and works with both Macs and PCs.

5. How to Set Up a Free Hotspot

Question: I would like offer free Wi-Fi Internet access in my cafe, but am worried about liability and management issues. What are my options?

Answer: Free Wi-Fi can be a great way to bring in new customers, especially at off-peak times, and in high-traffic areas where people with laptops or Wi-Fi PDAs are likely to congregate. While you can go the bare-bones do-it-yourself route, plugging in an off-the-shelf router and hanging out a shingle, it's best to install some type of management software that at the very least puts up a splash screen with a liability disclaimer, protecting you against possible misuse of your hotspot.

One easy solution that fits this bill is SputnikNet Express. The completely free Sputnik Agent software can be uploaded to inexpensive Linksys routers, and includes the ability to display a 640x480 splash screen of your design. No computer is needed to manage the system.

If Wi-Fi users quickly overwhelm your free hotspot you can convert to a paid Sputnik system, or choose one of the many other "hotspot-in-a-box"-type solutions that come from major wireless ISPs who'd love to add your site to their nationwide networks. Boingo, Cafe.com and Surf-and-Sip all sell kits for the individual hotspot owner; Boingo even allows you to list free hotspots in its network. You can find information on all these hotspot solutions, and more, in our complete guide to Creating Your Own Hotspot. And, of course, be sure to register your location with JiWire for a free listing in the world's largest hotspot directory -- accessible on JiWire.com, Google, Yahoo!, CNET, USA Today, and many other JiWire partner Web sites.

Top 25 Wireless Tips & Tricks

1. Setting Up an Ad-Hoc Wi-Fi Net

Question: How do I set up a wireless network between two computers without a router? Can they share an Internet connection this way?

Answer: The ability to create a quick and dirty network between two (or more) computers or PDAs is an underutilized Wi-Fi capability that is really quite simple to set up. You can even connect Macs and PCs this way. First, be sure both computers are disconnected from any router. Then set manual IP addresses so that the two computers will be able to see each other on the network (normally a router performs this task). They should each be something like 192.168.2.x, where x is a number from 1 to 255 and different for each computer (more than two computers can be in the ad-hoc group). The subnet mask for each should be 255.255.255.0.

Then open your Wi-Fi adapter setup utility (unless your card has a proprietary setup program, this means opening the Windows Wireless Connection Manager in the Windows XP System Tray or choosing "Create Network" from the AirPort menu in Mac OS X). Then make sure the adapters in each computer are set to "Ad-Hoc" mode (as opposed to "Infrastructure," which is for connecting to routers), with the same SSID (case-sensitive) and channel number. They should also be in the same Wi-Fi mode, such as b, g or enhanced-g, as applicable. A MIMO card in MIMO-only mode won't be able to talk to a plain-g card, for example. Don't bother with encryption if it's just a one-time connection in a non-public place. If you do need encryption for a regular connection, get things working without encryption first, then add the same type of encryption on each end, with the same password.

You can also share an Internet connection with computers on your Ad-Hoc network. In Windows XP, go to the Network Connections control panel, click on the connection you want to share, then choose "Change settings of the connection." Click on the Advanced tab, and then turn on Internet Connection Sharing. In Mac OS X, open the Sharing control panel in OS X and click the Internet tab, then turn on sharing. Note that you do this ONLY on the computer that is physically connected to the Internet, not on the computers that will share the connection. This is also a great way to share a hotel room Ethernet connection.

2. Sharing Files Over Wi-Fi

Question: How can I share files between two computers over Wi-Fi?

Answer: One of the great things about home Wi-Fi networks, is that not only can you share a fast Internet connection, you can also use the network to share files among all the computers in your house. But at the same time, you probably don't want to open up your entire directory to your kids (and their friends). Here's how to share files safely with Windows XP Simple File Sharing.

First, organize files you expect to share, such as photos, music, and the family calendar, into their own folder or folders on your hard drive. Then decide who else should have access to these folders, and if you want to require a password for access. Finally, configure Simple File Sharing access permissions using the steps detailed here.

On a Mac, sharing files is even easier. Just put any files or folders you'd like to share in your Public folder, then open the Sharing panel under System Preferences and turn on Personal File Sharing.

You can also share files over an ad-hoc network by following the ad-hoc connection tips above first.

3. How and When to Turn Wi-Fi OFF

Question: For my job, I have my laptop mounted in my vehicle. As I drive around various cities, I'm always getting an annoying popup asking if I want to connect to a Wi-Fi net. Seems as if everybody and their uncle has a Wi-Fi network in their home. How can I avoid this annoying popup everytime I go by a hotspot?

Answer: First of all, the popup is not just annoying, it's a sign that you are leaving your computer unprotected. For every time you get the popup, there are probably several other times where your computer is automatically attaching itself to a network with a familiar SSID like "linksys" or "tmobile." Since these networks would be unencrypted, you could be vulnerable to hacking.

We always recommend that users turn Wi-Fi OFF when on the road between hotspots. Turning it off not only makes sure you can't accidentally associate with a hotspot, it saves precious battery life. To turn Wi-Fi off in Windows XP, simply left-click on the wireless network icon in the system tray and choose "Disable."

This also removes the icon from the tray, so to turn Wi-Fi on again, you'll need to open the Network Connections Control Panel (from the Start Menu), then just double-click on your wireless connection to enable it again. (Note that you can also disable the Wi-Fi adapter from this Control Panel.) That's all there is to it. If you expect to turn Wi-Fi on and off a lot, you might want to create a shortcut to this control panel.

On the Mac, turning Wi-Fi on and off is even easier. It's the first option under the AirPort menu in the Finder. You should also turn off Bluetooth between uses. Bluetooth is not as critical security-wise, but also uses a lot of power on your laptop.

4. By the Numbers: Real-World Throughput Rates for DSL & Wi-Fi

Ask JiWire: Why is the upload speed for Internet connections always so much slower than that for downloads? I have to send a lot of large pictures to clients and it is faster to do this at Starbucks than at home with my DSL line! And why does my Wi-Fi router say 300Mbps when I'm lucky to get a fraction of that?

Answer: What you are experiencing with your DSL line is the difference between asymmetric connections with differing up/down speeds, and symmetric ones, where bandwidth is the same in both directions. Most home DSL lines are asymmetric, with uploads much slower than downloads, since ASDL allows for voice connections on the same line. Symmetric DSL is also available, but is more expensive and requires a dedicated line. Similarly, dedicated T1/T3/T+ lines are symmetric. T-series lines are even more expensive than SDSL, and offer speeds starting at 1.5Mbps. Businesses are the primary users of both SDSL and T lines, since they may be hosting a Web site, or have a large number of users sharing a line.

ADSL typically supports data transfer rates from 1.5- to 9Mbps downstream, but only 16- to 640Kbps upstream. Upload rates vary by provider, but are usually 15 to 50 percent of download speeds. That superfast-sounding 1.5Mbps DSL line you're paying extra for may be only giving you 125Kbps for uploads -- about three times as fast as dialup! The kicker is that all T-Mobile Hotspots (such as Starbucks) use at least T1 lines, so assuming you're not sharing the line with a lot of other users, your upload speeds will indeed be much faster at a hotspot than at home.

A side note is that cable and cellular modem data rates are also asymmetric. Cable modem standards provide for a maximum of 30Mbps downstream and 10Mbps up, but this is divided between all users in your area, and individual rated speeds are typically 500Kbps-6Mbps down and 256-750Kbps up. For cellular carriers, there is only so much space in the wireless frequency bands they own, so they purposely divide the limited number of "slots" unevenly between up and down data. Most people do a lot more downloading than uploading, so more slots get allocated to downloads. EV-DO Rev. A has vastly improved upload speeds over the Rev. 0 version, however.

To measure the real-world upload and download speeds you are getting from any of these connection types, use CNET's Bandwidth Meter or SpeedTest.net

And what about those Wi-Fi speeds? Sometimes we can get blinded by the numbers on the router box: 108Mbps, 125Mbps, or even 300Mbps with the latest generation of draft-802.11n routers. Actual data rates are always going to be much less, but just how much throughput should you expect to get under real-world conditions?

The rule of thumb is that you'll start with about half the stated throughput. So for a plain vanilla 54Mbps 802.11g, we'd be happy to get 27Mbps out of it, and double that for an enhanced-g 108Mbps router. Then you need to cut that number even further depending on the distance from your router, the number of simultaneous users, and whether you're using encryption. Throughput drops dramatically with distance, as signal strength decreases. So even with a 300Mbps router, in our house we would get barely 80Mbps in the upstairs rooms, even less with encryption.

Similarly, simultaneous users will cut available throughput. Home routers have only ONE Wi-Fi radio, which must maintain communication with ALL the Wi-Fi clients attached to it. So even if all equipment were in the same room at maximum signal strength, two clients downloading large files at the same time would cut throughput for each by more than 50 percent, since there is also overhead involved. And throughput will be shaved even more when you are running mixed networks of different types of clients, such as 802.11b, g, and n, or if you are in range of neighboring Wi-Fi nets or 2.4GHz cordless phones, which can cause interference. <

What all this means is that to get the maximum throughput under any given load, the best strategy is to start out with as fast a router as you can buy. Starting out with a draft-n router like the Netgear RangeMax Next won't actually give you 300Mbps throughput, but it WILL give you nearly five times the performance of a typical g router.

5. When Bluetooth Doesn't Bite

Ask JiWire: I bought a Bluetooth headset so I can use VoIP services with my laptop when I'm at Wi-Fi hotspots. The headset seemingly "pairs" with the laptop, but I don't get any sound. What gives?

Answer: Unlike Wi-Fi equipment, which can interoperate at least at a basic 802.11b or g level, different Bluetooth devices support only specific capabilities, called "profiles," appropriate to their function. For example, a headset has no need to be able to receive an image from a Bluetooth camera, nor sync data from a computer. Likewise, a camera has no need to connect to a headset or a mouse. While these examples are obvious, there are so many different Bluetooth profiles, with new ones cropping up all the time, that there are many instances of seemingly logical connections that can't be made. Not all laptops support the headset profile, although they may support the Serial Port, Fax, Dial-up Networking, and Synchronization profiles, among others.

Adding to the confusion is the emergence of new stereo audio Bluetooth profiles designed for listening to music from portable players, which may also be phones or laptops. As a rule, you should check that any device you buy supports the specific profile(s) you need, including any copy-protection schemes. But all is not lost in your case. Since laptops have USB ports, you can usually add Bluetooth "dongles" that support whatever profile is missing from the internal Bluetooth stacks. Just be sure to turn off the built-in radio so as not to confuse things.

In the future, Bluetooth will get both simpler and more complex. Pairing will become much easier, but encryption will be improved, and bandwidth will get much higher, enabling cordless VoIP handsets, fast audio and video data transfer between home entertainment system components, and more. For a roundup of current Bluetooth devices, including the best headsets and hands-free car kits,

Download wireless tools

kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. As a potential wireless security expert, you should realize that Access Points are routinely broadcasting this info; it just isn’t being read/deciphered. Kismet will detect and display SSIDs that are not being broadcast which is very critical in finding wireless networks.


(Kismet Screenshot)

Attaching to the Found Wireless Network

Once you’ve found a wireless network, the next step is to try to connect to it. If the network isn’t using any type of authentication or encryption security, you can simply connect to the SSID. If the SSID isn’t being broadcast, you can create a profile with the name of the SSID that is not being broadcast. Of course you found the non-broadcast SSID with Kismet, right? If the wireless network is using authentication and/or encryption, you may need one of the following tools.

Airsnort – This is a v ery easy to use tool that can be used to sniff and cra ck WEP keys. W

hile many people bash the use of WEP, it is cert ainly better than using nothing at all. Something you’ll find in using this tool is that it takes a lot of sniffed packets to crack the WEP key. There are additional tools and strategies that can be used to force the generation of traffic on the wireless network to shorten t he amount of time needed to crack the key, but this feature is not included in Airsnort.


(Screenshot of Airsnort in Action)

CowPatty – This tool is used as a brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key.


(Cowpatty Options Screenshot)

ASLeap – If a network is using LEAP, this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked. LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken.


(Asleap Options Screenshot)

Sniffing Wireless Data

Whether you are directly connected to a wireless network or not, if there is wireless network in range, there is data flying through the air at any given moment. You will need a tool to be able to see this data.

Wireshark (formerly Ethereal) – While there has been much debate on the proper way to pronounce this utility, there is no question that it is an extremely valuable tool. Ethereal can scan wireless and Ethernet data and comes with some robust filtering capabilities. It can also be used to sniff-out 802.11 management beacons and probes and subsequently could be used as a tool to sniff-out non-broadcast SSIDs.


(Screenshot of Ethereal in Action)


(Yahoo IM Session being sniffed in Ethereal)

The aforementioned utilities, or similar ones, will be necessities in your own wireless security toolkit. The easiest way to become familiar with these tools is to simply use them in a controlled lab environment. And cost is no excuse as all of these tools are available freely on the Internet.

Protecting Against These Tools

Just as it’s important to know how to utilize the aforementioned tools, it is important to know best practices on how to secure your Wireless Network Against these tools.

NetStumbler – Do not broadcast your SSID. Ensure your WLAN is protected by using advanced Authentication and Encryption.

Kismet – There’s really nothing you can do to stop Kismet from finding your WLAN, so ensure your WLAN is protected by using advanced Authentication and Encryption

Airsnort – Use a 128-bit, not a 40-bit WEP encryption key. This would take longer to crack. If your equipment supports it, use WPA or WPA2 instead of WEP (may require firmware or software update).

Cowpatty – Use a long and complex WPA Pre-Shared Key. This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer. If in a corporate scenario, don’t use WPA with Pre-Shared Key, use a good EAP type to protect the authentication and limit the amount of incorrect guesses that would take place before the account is locked-out. If using certificate-like functionality, it could also validate the remote system trying to gain access to the WLAN and not allow a rogue system access.

ASLeap – Use long and complex credentials, or better yet, switch to EAP-FAST or a different EAP type.

Ethereal – Use encryption, so that anyt

hing sniffed woul d b e diff icu lt or nearly impossible to break. WPA2, which uses AES, is essentially unrealistic to break by a n ormal hacker. Even WEP will encr ypt the data. When in a Public Wireless Hotspot (which generally do not offer encryption), use application layer encryption, like Simplite to encrypt your IM sessions, or use SSL. For corporate users, use IPSec VPN with split-tunneling disabled. This will force all traffic leaving the machine through an encrypted tunnel that would be encrypted with DES, 3DES or AES.

Finding Wireless Networks with tools


Finding Wireless Networks

Locating a wireless network is the first step in trying to exploit it. There are two tools that are commonly used in this regard:

Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys.

Hacking tools at your disposal

Recon and Attack tools
DISCLAIMER

Here is the list of tools we commonly use in pentesting wireless networks or just wardriving for fun and no profit. All these tools are covered in the book in sufficient details. Some of them may become obsolete at the time the book hits the shelf and so are not possible to find anywhere anymore, so they are located on our site. The reason for it is the dialectic approach we endorse: to understand things as they are now, you are ought to know where did they come from and how did they develop. Besides, you may find the snippets of code from these tools to be useful for your own projects.

As to the code, everything on our list is Open Source and is distributed under GPL, BSD or similar licenses. Close Source tools are not included on purpose, even though they may be mentioned in the book where appropriate. This work is not commercial, does not favour particular vendors, and has only became possible due to the work and collaboration within the Open Source community. We are profoundly grateful to the authors of the listed tools for the feats of wonder they performed to make "theoretical" wireless security practical.

If you think we have missed on something that should be included in that list please e-mail authors at wifoo@arhont.com

Wireless Network Discovery, Mapping and Traffic Analysis - the "classical" wardriving tools for discovering wireless LANs, positioning them on the map, sniffing, logging and analyzing packets in the air.

AirFart Local mirror v 0.2.1
AirTraf Local mirror v 1.1
Aphunter Local mirror v
APradar Local mirror v 0.52
BSD-airtools (dstumbler) Local mirror v 0.2
Classic Stumbler (mac) Local mirror v 1.7
Gtkskan Local mirror v 0.2
HermesAP monitor patch Local mirror v
iStumbler (mac) Local mirror v 96
KisMAC (mac) Local mirror v R65
Kismet Local mirror v 2005-08-R1
Kismet Log Viewer Local mirror v 0.9.7
Kismet parse Local mirror v 0.2
MacStumbler (mac) Local mirror v 075b
Mognet Local mirror v 1.16
Perlskan Local mirror v 0.1
Prismdump Local mirror v 20001122
Prismstumbler Local mirror v 0.7.3
Prismsnort Local mirror v 2.0
SSIDsniff Local mirror v 0.42
THC-Wardrive Local mirror v 2.3
WaveStumbler Local mirror v 1.2.0
Wellenreiter Local mirror v 1.9
Wellenreiter for OPIE not mirrored v 1.0RC2
Wi-Find
Local mirror v 0.2.1
WifiScanner Local mirror v1.0.2
Wispy-Tools Local mirror v 2006-01-R1
Wistumbler Local mirror v
Wlan-scan Local mirror v 0.0.1
Client evaluation tools - utilities to check security state of wireless clients.
Airsnarf Rogue Squadron
Local mirror
v 0.1
Hotspotter Local mirror v 0.4
Probemapper Local mirror v 0.5
Karma Tools Local mirror v 0.4
Wlan-webauth Not mirrored
RF signal strength monitoring - utilities for monitoring the signal strengh of the WLAN you are associated to.
Wavemon Local mirror v 0.4.0b
Wireless Power Meter Local mirror v 0.00
Wscan Local mirror v 1.00
Wscan (familiar/linux/ipaq)
Local mirror
v 1.00
Wscan (BSD) Local mirror v 2.00experimental
XnetworkStrength Local mirror v 0.4.2
Wireless-specific encryption cracking - tools for gaining access to protected wireless networks. At the moment include WEP crackers, WEP-encrypted traffic injectors and practical implementations of attacks against certain 802.1x types.
Airsnort Local mirror v 0.2.7e
Aircrack Local mirror v 2.41
Asleap Local mirror v 1.4
BSD-airtools (dwepcrack) Local mirror v 0.2
coWPArty Local mirror v 2.0
Leap Local mirror v
anwrap (Leapcrack) Local mirror v 0.1
LucentRegCrypto Local mirror v 0.3
THC-LEAPcracker Local mirror v 0.1
weplab Local mirror v 0.1.5
WEP_Tools Local mirror v
WepAttack Local mirror v 0.1.3
WepDecrypt Local mirror v 0.7
WEPcrack Local mirror v 0.1.0
WEPWedgie Local mirror v 0.1.0
Wnet (reinj) Local mirror v
WPA Cracker Local mirror v 0.1
Wireless custom frame generation - these allow layer two attacks on wireless LANs including a variety of man-in-the-middle attacks and unstoppable denial of service.
AirJack26 Local mirror v 0.1a
AirJack Local mirror v 0.6.6b
chopchop Local mirror v 0.1
Dissassociate Local mirror v
FakeAP Local mirror v 0.3.2
FakeAP BSD Local mirror v 0.3.1
FataJack Local mirror v
File2Air Local mirror v 0.1
Libradiate Local mirror v 0.02
Libwlan Local mirror v 0.1
Omerta Local mirror v
Wifitap Local mirror v 0.2.0
Void11 Local mirror v 0.2.0
Wnet (dinject) Local mirror v
Miscellaneous - difficult-to-categorise software that comes handy in wireless penetration testing.
Applewepkey Local mirror v
Airpwn Local mirror v 0.50c
Airsnarf Local mirror v 0.2
Auditor Security Collection not mirrored v 200605-02
AP-utils Local mirror v 1.5
ApHopper Local mirror v 0.3
APTools Local mirror v 0.1.0
DMZS-carte Local mirror v 0.9rc1
Ethereal/Tetheral not mirrored v 0.10.14
Ettercap Local mirror v NG-0.7.3
Gpsd Local mirror v 2.31
Gpsdrive Local mirror v 2.10pre2
Orinoco MM Patch not mirrored v
Macfld.pl Local mirror v
Morinoco Patch Local mirror v 14.2
Packetyzer not mirrored v 4.03
Wifi2eth Local mirror v 0.10

MAKE FREE MONEY

WELCOME

Welcome to my world where everybody is somebody and none is nobody. Together we shall hack all hackables