September 25th, 2001


Thoughts on wireless networking

Back from Starbucks. They closed an hour early tonight (pre-school hours?) so I didn't get to play with my wireless card long, but long enough to have some fun....

It turns out Starbucks net access isn't free (duh) ... it's provided by MobileStar, the same people I believe that provided the net access in the hotel room when I was down in San Diego for O'Reilly's Open Source Convention.

I popped in the card and it tried to ifup eth1 ... wasn't configured. Configured it, pop card out and in... ifconfig -a. .. looks ready!

ping .... I get an IP address, but no echo replies.

Did I forget something? I sniff the network traffic (to see if there is any when I get ping something) and I see a whole bunch of traffic from some dude with remote X connections and telnet sessions. I see his telnet session traffic ... he's using cvs and checking stuff into some repository on his unix machine at home on @home's network. Okay, he's smart enough to use X and cvs but doesn't use ssh? What a fucking dumbass.

But that makes me think ... wireless networking is such a great tool for malicious people. Just go buy a wireless network card away from your house (another state?) with cash so the MAC address can't be traced back to your credit card, then deploy your virus or whatever from almost anywhere.

Moving on... network works. Why can't I use it? Chuck points me to a wireless net access computer & info kiosk thing that has fliers about how to get setup... you have to go to and register for a half hour of free use, then they charge you either by month or by minute, your choice.

So then I get curious --- was my DNS configured through DHCP, or was I still using my own DNS server?

$ dig

Whaddya know? DNS works. So their router lets all UDP/TCP on port 53 through, but blocks eveything else except port 80/443 to their own website where you register.

So, now I'm back to my thought I had when I was in San Diego ... I just have to write a proxy (for TCP connections, at least... screw UDP) that will run on port 53 outside their network, then write a user-space network driver that connects to that ip/port, sends an IP/port to connect to, then just copies all traffic back and forth. Seems easy. Now I just have to go find the userspace network tool that the RFC 1149 people used... plenty of userspace filesystem stuff out there.

End result: free Starbucks net access! (if I'm motivated to actually do it... :-P)

Update: Here's the RFC 1149 implementation. Just need the "Universal TUN/TAP Interface as a module".... CONFIG_TUN=y ... "alias char-maj-10-200 tun"... (notes to myself, more than anything)

Update 2: I think I can just use vtun!
Trippy, tired, Tired


Screw this. I'm going to bed. I know I'm just going to get woken up at 10:30 am by people eating breakfast or Silas talking or something. Something always wakes me up.

I should do the morning thing instead. Bed at 10:00 pm ... wake up at 5:00 am. Shit, I'm going to have to soon ... 8:30 class this quarter. I'm going to be done with classes everyday before I've been waking up during the summer.

Zzzz. So tired.

vtun, tomorrow you are my bitch. Oh yes.


revjim rules. i now have vpnd running on my desktop and laptop and my desktop's forwarding IP packets. then i have our router reverse-NATing dns from its public port to my desktop.

i setup my laptop in a configuration like starbucks and everything works now.... so now off to starbucks to test?

i should write a Mini-HOWTO now that it's all done. :-)

Update: Bleh, they're transparently proxying all DNS requests to their own DNS servers, that's why my dig command worked the other day. I should have noticed that then and saved myself 12 hours or so of work. Oh well... learned a lot in the process.
Trippy, tired, Tired


Took an accidental nap from about 4:00 pm until a bit ago. Thinking about taking another one. Nothing to keep me entertained and awake.