| Thoughts on wireless networking |
[Sep. 25th, 2001|12:30 am]
Brad Fitzpatrick
|
Back from Starbucks. They closed an hour early tonight (pre-school hours?) so I didn't get to play with my wireless card long, but long enough to have some fun....
It turns out Starbucks net access isn't free (duh) ... it's provided by MobileStar, the same people I believe that provided the net access in the hotel room when I was down in San Diego for O'Reilly's Open Source Convention.
I popped in the card and it tried to ifup eth1 ... wasn't configured. Configured it, pop card out and in... ifconfig -a. .. looks ready!
ping bradfitz.com .... I get an IP address, but no echo replies.
Did I forget something? I sniff the network traffic (to see if there is any when I get ping something) and I see a whole bunch of traffic from some dude with remote X connections and telnet sessions. I see his telnet session traffic ... he's using cvs and checking stuff into some repository on his unix machine at home on @home's network. Okay, he's smart enough to use X and cvs but doesn't use ssh? What a fucking dumbass.
But that makes me think ... wireless networking is such a great tool for malicious people. Just go buy a wireless network card away from your house (another state?) with cash so the MAC address can't be traced back to your credit card, then deploy your virus or whatever from almost anywhere.
Moving on... network works. Why can't I use it? Chuck points me to a wireless net access computer & info kiosk thing that has fliers about how to get setup... you have to go to mobilestar.com and register for a half hour of free use, then they charge you either by month or by minute, your choice.
So then I get curious --- was my DNS configured through DHCP, or was I still using my own DNS server?
$ dig @bradfitz.com livejournal.com
Whaddya know? DNS works. So their router lets all UDP/TCP on port 53 through, but blocks eveything else except port 80/443 to their own website where you register.
So, now I'm back to my thought I had when I was in San Diego ... I just have to write a proxy (for TCP connections, at least... screw UDP) that will run on port 53 outside their network, then write a user-space network driver that connects to that ip/port, sends an IP/port to connect to, then just copies all traffic back and forth. Seems easy. Now I just have to go find the userspace network tool that the RFC 1149 people used... plenty of userspace filesystem stuff out there.
End result: free Starbucks net access! (if I'm motivated to actually do it... :-P)
Update: Here's the RFC 1149 implementation. Just need the "Universal TUN/TAP Interface as a module".... CONFIG_TUN=y ... "alias char-maj-10-200 tun"... (notes to myself, more than anything)
Update 2: I think I can just use vtun! |
|
