[SCFN] VoIP eavesdropping (fwd)
Any comments? (Originally sent to socalfreenet.org) -- Forwarded message -- Date: Tue, 29 Nov 2005 09:20:11 -0800 (PST) From: Lee Barken <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [SCFN] VoIP eavesdropping This is somewhat offtopic for a wireless list-- but kinda relevent considering our plans to implement VoIP in our wireless clouds VoIP, in essence, uses CLEARTEXT protocols... making passive capture trivial in a wireless environment. (?) What is the risk that somebody will capture unauthorized recordings of voice communication? Is there a legal precendent for prohibiting wiretapping in a digital environment? http://oreka.sourceforge.net/ "The open source, cross-platform audio stream recording and retrieval system Oreka is a modular and cross-platform system for recording and retrieval of audio streams. The project currently supports VoIP and sound device based capture. Recordings metadata can be stored in any mainstream database. Retrieval of captured sessions is web based." "Record VoIP RTP sessions by passively listening to network packets. Both sides of a conversation are mixed together and each call is logged as a separate audio file. When SIP or Cisco Skinny (SCCP) signalling is detected, the associated metadata is also extracted." Take it easy, -Lee ___ SoCalFreeNet.org General Discussion List To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Book Review- Wireless Hacking: Projects for Wi-Fi Enthusiasts
Source:
http://www.raremeat.com/modules.php?op=modload&name=News&file=article&sid=200&mode=thread&order=0&thold=0
POSTED ON Mar 16, 2005 - 10:40 AM by Nyx
By Thomas J. Hardman
Wireless Hacking: Projects for Wi-Fi Enthusiasts
by the SoCalFreeNet Wireless Users Group
Lee Barken, et al. Syngress, 2004, distributed by O'Reilly Media Inc.
"Wireless Hacking" covers a lot of ground. It's intended for someone who
has some computer and networking experience. It does give fairly in-depth
coverage of networking fundamentals, but it's primarily concerned with
wireless networking.
It gives fairly deep, if not overly technical, background on all of the
wireless networking standards and protocols, such as 802.11a/b/g, as well
as covering general Radio Frequency concepts such as antenna radiation
patterns, antenna types, and methods to calculate the power required to
cover a given area or distance.
The chapter on "securing your wireless network" is comprehensive in
detail, including tutorials on captive portals, encryption and
authentication systems, NAT, DHCP, and PPTP VPN.
Several chapters give deep detail on making your own access points out of
off-the-shelf systems, including modification of the popular Linksys
WRT54G to run a variety of aftermarket access-point operating systems,
including coverage of techniques to "re-flash" the EPROM with firmware
versions of Linux. A variety of aftermarket OS are contrasted and
compared, and the basics of installing each of this is covered, some with
more detail than others. M0n0wall and Pebble are together given an entire
chapter, covering conversion of PCs of any intel-architecture type to
dedicated access-popint controllers.
Particular detail is given to the Soekris Single Board Computers ("SBC")
as access-point controllers for higher-power higher-usage WiFi access
points. This section of the book is profusely illustrated, with
step-by-step "how to", accompanied by "how it works" sections. In
particular, the "how-to" section is exceptional in discussing adapting a
Soekris SBC to use with two wireless cards to create an 802.11b
access-point connected to the rest of the network with an 802.11a wireless
backhaul.
Client devices are well-covered, from PCI adapters to PCMCIA laptop
cards, Secure Digital and Compact Flash format adapters and client
devices. There is also a chapter covering low-cost commercial options for
those who would prefer to deploy "off the shelf" rather than customizing
their own systems.
The monitoring tools chapter touches "just enough" on everything from SNMP
to installing Apache, PHP, RRDTool, and SNMP to build the MRTG
multi-router traffic grapher for both Microsoft and other operating
systems. The "Cacti" network monitoring system is also covered.
A rather brief entry covers WiMax and Mesh Networks, which at the time of
publication weren't yet subject to final IEEE or industry standards. This
is given mostly as background to cover the basic concepts and to point the
readers to online documentation of various competing standards and
experimental deployments.
Considerable detail is given, again with profuse illustration and
per-procedure "how-to" and "how it works" sidebars, to the construction
and placement of outdoor enclosures and antenna masts. This chapter gives
more detailed coverage of RF concepts and calculations of radiated power
and radiation patterns, detailed discussions of antenna types, cabling,
and connectors. Construction of "cantennas" is covered in detail.
The capstone of the book covers the construction and placement of
solar-powered access points and repeaters, giving in-depth overviews of
solar power generation and storage, collector panel mounting and
orientation, etc.
There's a rather brief chapter on organizing neighborhood wireless
networks in the FreeNet WiFi model. The book is a little bit "preachy"
when espousing FreeNet WiFi, and it's more than a bit politicized
throughout the work.
This is an excellent little resource book for anyone interested in
deploying a neighborhood wireless network, and for anyone who wants to
take things apart and put them back together to get new functions and
increased value, this book is invaluable. The breadth of coverage of many
diverse topics in depth, with a focus on hands-on and practical toolkits,
the profuse illustration and the tightly-focussed on-task sidebars makes
this book a "must-have". I personally look forward to any updated
reprinting which gives more detailed coverage to the topic of
mesh-networks and WiMax, once the standards are published and adopted by
industry.
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
Article: SoCalFreeNet.org believes free Wi-Fi means greater access for everyone
hi, Just wanted to share an article from the North Park Times about community wireless activities over in San Diego... we don't have an online link to the article, but the author provided this copy and permission to share. It's a good read about SoCalFreeNet and our activities. BTW- We're doing a deployment in National City this Saturday (local rec center, details here: www.socalfreenet.org/eltoyon)... if you happen to be around and you'd like to lend a hand, drop us a note... :-) Thanks, -Lee President, SoCalFreeNet.org Nonprofit introducing neighborhoods to easy wireless Internet service SoCalFreeNet believes free Wi-Fi means greater access for everyone By Jennifer McEntee North Park News, April 2005 Jay Porter, a North Park businessman and Golden Hill resident, gets free wireless Internet service. And because he allowed special Wi-Fi equipment to be installed at his home, so do his neighbors. Porter is among residents taking advantage of a new grassroots program intended to provide free wireless networks to the greater public. Implemented by the nonprofit SoCalFreeNet.org, the idea is to make the Internet a resource for everyone, regardless of income. "What they do is so good for the community," says Porter, who had a wireless network node implemented at his house. "It's so neat that the whole neighborhood can be a part of this." Participating neighborhoods so far include Golden Hill, Sherman Heights, Normal Heights, Little Italy and most recently, Barrio Logan. Porter and SoCalFreeNet volunteers hope to drum up interest in other surrounding neighborhoods, including North Park. The genesis The program was started by volunteers from the San Diego Wireless Users Group, who wanted to put their skills to practical use. Wi-Fi, short for wireless fidelity, is a wireless networking technology that allows multiple computers to share a single Internet connection over short distances. The reach of an antenna depends on signal impediments, from trees and buildings to weather. The first SoCalFreeNet wireless network node was set up in Little Italy. It gained enough attention to attract the interest of Bart Ziegler, landlord of the pink apartment complex at 21st and Broadway in Golden Hill. He asked the users group if his building would be a suitable site for the next node. Drew MacCullough, a resident of the Pink Palace, heard that the SoCalFreeNet volunteers would be in the building setting up the Wi-Fi network. MacCullough, who had a computer but no Internet connection, was intrigued. He got to know the volunteers as they set up his computer and those of his neighbors. Before he knew it, he was acting as a liaison between the free net group and his neighbors, both in his building and in the surrounding community. "For me personally, it was a really great balance between a technical challenge, the real sort of geek part of it, which is a lot of fun, and it's a really great chance to help people," says MacCullough. "It does sound kind of corny, but it is about bridging the digital divide." MacCullough says the idea is to make the Internet universally ubiquitous. "This particular area is a pretty mixed socioeconomic area at this point. It used to be predominantly affordable housing, low-income, but it's come up quite a bit," he says. "If you look at an area like Normal Heights, or North Park, or City Heights. Any one of those areas may have well-off tenants, but down the street, not everyone in the area is. "We don't know who we're helping out a lot of times. We're happy to put out the possibility." SoCalFreeNet works with organizations including the San Diego Futures Foundation to obtain refurbished computers for those in need. The set-up Each Wi-Fi network requires one major outlay of equipment that serves as the hub for smaller setups throughout the building or neighborhood. For Porter, though his Internet service is free, his role as a hub was not. The necessary equipment to set up the wireless node cost him about $600. "I figure I probably broke even by now," he says. Property owners with a node pay the recurring costs for the Internet access, which must be a sharable network such as those offered by DSLExtreme, Speakeasy or Cox Business Services. Neighbors within the available Wi-Fi area get the benefit of the network for free. They only need to have a computer that is already Internet-enabled, as most new laptops are, or buy the necessary equipment at any electronics retailer. SoCalFreeNet makes an easy-setup kit available for $90, at cost, at Influx coffee shop on Broadway in Golden Hill. Users aren't left to go it alone. Volunteers for SoCalFreeNet answer questions by e-mail, and hold educational sessions on the second Saturday of each month at Influx. The sessions typically run from 9 a.m. to 11 a.m. The volunteers often make house calls to help users set up their service or troubleshoot problems. In use David Moore is among the neighbors taking advantage of t
Re: [WIRELESS-LAN] Hidden SSID?
hi Ryon, With a hidden SSID, your APs won't get picked up by Netstumbler, but may get picked up by Kismet (if the attacker happens to be listening during an association). Seems like security be obscurity to me... in the long run you'll probably cause more help desk issues then you gain by turning off SSID broadcasts (in an academic environment). In a corporate LAN, the information assets may suggest a different approach. FWIW- I've had problems getting some Ethernet Bridges (802.11 to Wired Ethernet) to work when the SSID isn't being broadcast... HTH, -Lee President, SoCalFreeNet.org On Mon, 10 Jan 2005, Ryon Price wrote: > Just wondering what everyone thinks of using a hidden SSID. In our case > we use Proxim AP-2000& 4000 and they call it a "closed network". We > chose to use hidden SSIDs originally to deter people from seeing the > network and trying to get around our MAC address authentication. We > also like to use it because we require users to have the Helpdesk set up > the wireless connection on the user's laptops, as well as make sure they > have current Windows updates and a virus scanner and scan the machine > for viruses. Since we allow the user to register online this keeps users > from getting on the network by putting the SSID in by themselves and > putting a possibly infected machine on the network. Most cards don't > even see the network and some pick it up as a blank SSID. Recently we > have ran across many client cards that have a hard time connecting to > the AP with it hidden, as soon as it is set it to broadcast they are > able to connect. Microsoft cards flat out don't support it, they say > it isn't a security measure at all. Lately we have been having trouble > with the Centrino/Intel 2200bg cards connecting.. Any thoughts or > comments? > > Thanks in advance > > Ryon Price > LAN Manager > Utah Valley State College > [EMAIL PROTECTED] > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] locating 'hidden' SSIDs etc.
hi Jamie, You can also use dStumbler (a part of the bsd-airtools kit) to identify AP that do not broadcast their SSID in the management beacon... http://www.dachb0den.com/projects/dstumbler.html If you don't have a BSD laptop laying around, you can always try using a CD based distro like WarBSD (think Knoppix, but for BSD): http://www.warbsd.com/ Hope this helps, -Lee On Fri, 12 Mar 2004, James Savage wrote: > Hi, > Has anyone found a method of identifying the presence of hidden (non > broadcast) SSIDs? NetStumbler locates all broadcast SSIDs but not hidden ones. > The alternative, I guess, is to go the spectrum analyzer route and look for > sources in the 2.4g range. There was a discussion quite some time ago (end > of '01) about these devices. Does anyone have some recent advice/suggestions. > > thanks in advanceJamie > > James Savage York University > Senior Com. Tech. 108 Steacie Bldg. > [EMAIL PROTECTED] 4700 Keele Street > phone: 416-736-2100 ext.22605 Toronto, Ontario > fax: 416-736-5701 M3J 1P3, CANADA > /\ /\ /\ /\ >/ \/ \/ \/ \ >\ /\ /\ / > \/ \/ \/ > > ** > Participation and subscription information for this EDUCAUSE Constituent Group > discussion list can be found at http://www.educause.edu/cg/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
Re: [WIRELESS-LAN] Battery packs for proxim APs
hi Sean, I have been happily using a "statpower portawattz" device for years... 18 amp hour battery, coupled with a 300 watt ac/dc invertor. nice package.. i bought mine for around $100... http://www.xantrex.com/products/product.asp?did=131 Good Luck! -Lee On Tue, 10 Feb 2004, Sean Che wrote: > Does anyone know where to find the battery packs for wireless APs (more > specificially, Proxim) ? It would be really convenient to have them for > site survey... > > Thanks a lot ! > > -- > > - > Sean Che > Network Engineer > Network Services > Wayne State University > Voice: (313)577-1922 > Pager: (313)990-5403 > Email: [EMAIL PROTECTED] > - > > ** > Participation and subscription information for this EDUCAUSE Constituent Group > discussion list can be found at http://www.educause.edu/cg/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
Educause 2003
Dear List-- It was a pleasure getting to meet so many of you in person last week at the Educause conference in Anaheim. I particularly enjoyed the "Constituent Group" with Dewitt Latimer and the "Curent Issues Roundtable" with Emilio DiLorenzo. Here are a few URLs which some people were asking for: http://www.sdwug.org (San Diego Wireless Users Group) http://www.soekris.com (Embedded Device-- great for Linux APs) Thanks again to everybody for a very enjoyable experience, -Lee ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
[SDWUG] Article: College WLANs put to the test (fwd)
-- Forwarded message -- Date: Mon, 3 Nov 2003 16:26:48 -0800 (PST) From: Lee Barken <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [SDWUG] Article: College WLANs put to the test College WLANs put to the test Source: http://www.nwfusion.com/news/2003/1103campuswlan.html Each freshman class at Dartmouth College is unique, but this year's crop has at least one thing in common with other classes across the country: a passion for wireless networks. "No one wants to plug in anymore," says Brad Noblet, the school's director of technical services. About 90% of Dartmouth's freshmen arrived with wireless-enabled laptops. ___ SDWUG - San Diego Wireless Users Group http://www.sdwug.org To unsubscribe: http://sdwug.org/mailman/listinfo/wireless_sdwug.org ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
Re: [WIRELESS-LAN] 802.1x in WLAN design
hi, I thought you might find this article interesting... Take it easy, -Lee Baylor University signs up for difficult course on WLAN security Baylor University learns about wireless LAN security in the school of hard knocks. http://www.nwfusion.com/news/2003/0825baylor.html On Mon, 25 Aug 2003, Dewitt Latimer wrote: > 'Morning Group: > > hope the back to school festivities haven't "slammed" you too much. > > Question -- how many schools are using 802.1x as a mainstay in their WLAN > deployment? I know Utah has done a good bit. Others? > > Are you using PEAP or EAP-TLS? Self sign certs if TLS? > > What about OS-X and other non XP clients? Site license from Meetinghouse? > > hope we can have a lively thread on this topic. > > thanks. > > -d > > > ** > Participation and subscription information for this EDUCAUSE Constituent Group > discussion list can be found at http://www.educause.edu/cg/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
