I've used the net stumbler program for my notebook and was wondering if there is something similiar for the Palm environment.

Starbucks uses the HP connection manager which seems simply enough to use, is there anything remotely like it for our Sony?

Would be nice to have the Sony auto search around for APs when the card is activated...

I know of nothing like what you are looking for, but I second the motion for an app that would let the card autosearch for AP's! If you find anything please let me know!

Cheers,

Bob

Originally posted by Tolwyn
I've used the net stumbler program for my notebook and was wondering if there is something similiar for the Palm environment.

Starbucks uses the HP connection manager which seems simply enough to use, is there anything remotely like it for our Sony?

Would be nice to have the Sony auto search around for APs when the card is activated...

Check this thread out, the very first post, it at least does something :)

http://www.cliesource.com/forums/showthread.php?s=&threadid=1671

OK, I am the one in the thread above that found I could use my NX and WiFi card in the doctor's office. After reading this post, I decided to experiment some more. I work directly across from a Starbucks that has WiFi access. I was able to connect with no problems and this confirmed my thought that no external sniffer/netstumbler program is needed. (BTW I used to use netstumbler with my Jornada and Orinoco PC WiFi card.)

Here is what you need to do:

(1) Go to Prefs and select your Wireless LAN service, then tap the Details button

(2) Create a new Profile so you don't mess up your home/work WiFi settings. I called mine Sniffer.

(3) Name the Network ID (SSID): Any
(I believe someone reported that this is case sensitive and think when I first set it up I left it blank and the CLIE filled it out when I went back to edit it.)

(4) Leave WEP on "none", select ConnectMode as Infrastructure

(5) Tap the "Advanced Setup" button, and in here leave the IP and DNS on auto. I also left PowerSaveMode checked for enable, but haven't tested unchecking this box.

(6) That's it, now OK everything and go back to the main Network Preferences display and tap the "Connect" button. You should see you WiFi lights flash steadily after connection and then go to Netfront (or other browser)

(7) A data encrypted/continue popup shows up and then you are taken to the T-Mobile Hotspots page where you can log in or purchase time for access.

I am going to keep trying out this "sniffer" method here in Seattle since they have quite an extensive WiFi network. So far I have it working for the T-Mobile HotSpots and our doctor's office. Anyone else test out places?

Palmsolo,

I posted a similar thread, but asking for an option you describe. Double posting, blame on me :)

I am located in Germany, I tried it as described, but it doesn´t work?! I don´t know why it should be a differnce between your location and mine ...

Later this week I will try it again in Hamburg. There is the largest WLAN network for the public in Germany. Plan is to cover most of Hamburg (>1,000,000 people) with free wlan access. Perhaps I have more luck there ...

One limitation you should all be aware of, the WiFi card from Sony only works on channels 1 - 11, if your AP is set to a higher channel number the WiFi card will never see it.

This normally only affects Adhoc mode not infrastucture mode, but some AP's allow you to "hide" from the lower channels to avoid exactly what we are all trying to do!

Cheers,

Bobster

Being a network engineer, it's fun to see which networks I can sneak on. I downloaded an NTP app. For the uninitiated, its an application that syncs your clock to a server's clock that's been designated as "true" time. I use mine to sync to the US Naval Observatory... arguably the most accurate time source. Anyway, I digress...

I use this app as a simple means of forcing a search for open AP's. More and more, I'm amazed at how many there are. Yesterday while having coffee with a friend, for sh*ts and giggles I thought I'd test for connectivity and there it was. This morning at the trainstop (which is right in middle of a residential) I noticed two cars with license plates carrying clever variations of the word bluetooth. I figured there HAS to be someone that lived closeby that's a wireless geek so I fired up my clie and BAMM... instant luck again.

I just wish that there were some VPN software for the clie, that way I wouldn't have to worry about someone using a sniffer on the networks I sneak on. ;-)

BTW, I have two profiles that I use for wireless: one for my locked down network at home, and one for open APs. Leave the "roaming" profile with all of the defaults and infrastructure mode. If you live in a town with a lot of open APs like I do, you'll never use a cell to browse again.

Um... I'm not a hundred percent... but I don't know that you *can* pick any channel other than 1 through 11

Originally posted by reggae
I use mine to sync to the US Naval Observatory

I use this app as a simple means of forcing a search for open AP's. More and more, I'm amazed at how many there are. [/B]

reggae,

1. do you have the url of US Naval? Would be nice to have it :)

2. How do you search with this app for open apps?

Thx
knoppi

Originally posted by knoppi


1. do you have the url of US Naval? Would be nice to have it :)



http://tycho.usno.navy.mil/frontpage.html

Originally posted by reggae
Um... I'm not a hundred percent... but I don't know that you *can* pick any channel other than 1 through 11

My Linksys G has 24 channels, the WAP11 has 20 and the DLink AP's at work have 22 Channels.

We can and do use channel exclusion to minimize collisions and restrict network access in certain areas, along with MAC address restrictions, as opposed to WEP since WEP is so easy to break.

Cheers,

Bob

Bobster,

I'm surprised that you're using MAC restrictions because you can easily change the MAC address on some cards. I believe you can see the MAC addresses going over the air if it's unencrypted. I'm not saying that WEP is much better. Is there some way that you are securing the MAC addresses over the air?

Thanks,
Terence.

knoppi, what jwrogers gave you was a website. the actual time servers are tick.usno.navy.mil and tock.usno.navy.mil

the application i use is called net clock which can be found on palmgear. i just click query and my default configuration will search for any APs that are unlocked.

thack, how can you change the MAC on some cards? which cards would those be? usually a card's mac is hardcoded. otherwise you're talking about some form of spoofing done at that software level which would then mean that ANY card can spoof. please elaborate.

Before the cliesource crash I posed the question of what if you want to pick up the one of two available signals. ie sitting in starbucks and trying to use the comp usa network next store. How can you choose....

I don't know about real network cards, but the virtual network cards such as those used in VMware support configurable MAC address -- simply because they are "virtual". Also, the WAN port on many routers these days has configurable MAC addresses. My Linksys for example...

Thack, even if the packet is encrypted with WEP, the MAC address is still clearly visible. MAC addresses are not encrypted.

your linksys should only allow you to spoof an NIC that's on your lan. i could be wrong, but i don't think you'll be able to just pick any willy nilly address.

going back to the osi model, even a "virtual" nic is still going to happen at a layer higher than the physical layer. virtual or not, whatever hardware card is used to transmit those packets is going to display its own mac address first.

and you are correct with respect to the mac being clearly visible, encryption happens at the presentation layer when the mac address is being stamped on the packet much later in the encapsulation process.

Originally posted by bobster


My Linksys G has 24 channels, the WAP11 has 20 and the DLink AP's at work have 22 Channels.

We can and do use channel exclusion to minimize collisions and restrict network access in certain areas, along with MAC address restrictions, as opposed to WEP since WEP is so easy to break.

Cheers,

Bob

My Linksys WAP11 is 11 channels only. Only three don't overlap and they are channels 1,6, and 11.

The MAC addresses in all my WiFi cards are hardware encoded and not easily changed.

Huh,

today I tried it in with some hotels I know which have WLAN APs.

I am able to connect with the settings from Palmsolo, but when I tried to send an email or to browse with Netfront, nothing but an Network Timeout happens.

Has anybody here a solution?

Do I have to change something else in the browser or email settings?

BTW, I checked the connection LOG, something interesting: I always get an IP starting 10.x.x.x (seems like Apple :)) - thats ok - , Gateway and DNS are different, both 10.x.x.x addresses too. Could this be correct? Do I have to enter a Proxy? But which port in Netfront? The usual 80?

Anybody here with ideas?

Thx a lot for help.
Oliver

those channels above 11 are vendor-specific, and *aren't* part of 802.11b. (Hmm, I wonder what freqs they use - given that some of the 802.11b frequencies are illegal (and locked out) in some countries, I wonder what they have to say about those "extra" ones...

Just remember, many people running open AP's are doing it to be polite; be polite in turn about using them (and consider making coverage available in your area just to be neighborly.) One of these days I'll work out an MIT-style "click here to get access to our net for a few days" that I can just drop in, but in the mean time, just play nice...

What makes you think 10/8 is apple? it used to be the ARPAnet, but now it's one of the three reserved "private address space" nets that will never be reachable on the Internet (so it is a common inside-cable-system or inside-NAT address range.) So, if you're *getting* values, they're probably correct - the question is what you're getting access to, it may be an internal-only net, you may need to point at some proxy to get out (or even hit a magic internal address...)

Try using "ping" from the view log screen to see what hosts you can reach, if any; try actually hitting the gateway address as an http url, it might have an internal server too.

you're assuming these "nice" people aren't running sniffers and scanning for pop3 passwords...

not really that pessimistic, just lookin' at the other possibilities... it'll be cool to get a vpn client for palm

knoppi... hotels use a proxy server that will give you no network access until you agree to their terms of connectivy and pay... so you'll be connected to their network, but can't hit the internet until you pay.

mark is right about hitting the gateway... however it's been my experience that i'd be redirected to their home site before i "click to pay"

perhaps redirection doesn't work with netfront... in which case mark is definitely right.

I've found redirection to work fine with NetFront. The proxy-based browsers (Blazer, WebPro V, etc.) definitely won't work for gaining access to most hotel, Starbucks, and other pay-Wifi systems, so keep NetFront or another standalone browser available for logging in (at which point you should be able to use any browser).

I was curious because I had heard of people using WEP without MAC filtering but never heard of MAC filtering without WEP. I was hoping to learn a new technique to secure wireless LANs.

I dug up the references I had seen before.

From: http://arstechnica.com/paedia/w/wireless/security-3.html
The management nightmare might be considered a worthy price if MAC address filtering were 100% secure. That, however, is not the case. MAC address filtering is easy to defeat for someone who has the right tools. Using a wireless sniffer an attacker can watch the wireless traffic of your network and easily pick MAC addresses of valid users out of the frames floating through the air, even if they are encrypted. Then they can simply modify the MAC address their OS sends out to mimic one of the stolen ones and your security is beaten. Once your MAC address security is compromised you are still forced to deal with the management nightmare while gaining none of the benefits. From: http://arstechnica.com/paedia/w/wireless-security-howto/home-802.11b-2.html
If you have a limited number of clients, you can simply record the MAC address of each, and only allow devices with those MAC address to connect. Unfortunately, if someone sits and records data on your network long enough, they'll crack your WEP keys, and will be able to see your MAC addresses. After doing so, they can simply "spoof" a valid MAC address to gain access. But this is a lot of effort to go through, and deterrence is what we're after here.Hmmm... These statements contradict each with respect to the encryption of the MAC address. Now that I think about it, the MAC address probably isn't encrypted because if I recall correctly it is unencrypted in IPsec.

We use a combination of techniques to secure our wireless network. That being said it is not considered a "trusted" network for some of our mission critical stuff.

We do use MAC filtering and yes you can spoof a MAC address, but we also use VNC clients on on the wireless clients which means there is no clear text transmission. The Access Points are just in front of a VNC equipped router.

The MAC addressing and filtering is just to determine if the client is even valid to the router, if it is not in its table it dumps the request, if it is it passes it on to the VNC server for authentication etc.

So it's a multi layer approach. WEP did not work for us because until we go all 802.11g or perhaps even 802.11a we are stuck with some older devices that could only handle 40 bit WEP.

Our network guru's have an app that can break 40 bit WEP on the fly so that was useless to us.


Hope this clears up some of the confusion. Oh yeah, the higher channels are indeed vendor specific and thats what helps us not even appear to "normal" sniffing clients. A real sniffer would still see the traffic if the user knew where to look.

Cheers,

Bob

Hi palmsolo
I did everything at your thread and - I`m in the hospital now I know there is a wireless network here- My clie first said connecting to network then dropped it and said "retrying" and didnot connect. What am I doing wrong? pls help
nx70-vl110

Hi palmsolo
I did everything at your thread and - I`m in the hospital now I know there is a wireless network here- My clie first said connecting to network then dropped it and said "retrying" and didnot connect. What am I doing wrong? pls help
nx70-vl110

What does this do that simply going to Prefs, Network, and click Connect doesn't do?  Other than doinig the clock sync, that is.  In other words, why does NetClock do a better job of searching for open APs?

Originally posted by reggae
Being a network engineer, it's fun to see which networks I can sneak on. I downloaded an NTP app. For the uninitiated, its an application that syncs your clock to a server's clock that's been designated as "true" time. I use mine to sync to the US Naval Observatory... arguably the most accurate time source. Anyway, I digress...

I use this app as a simple means of forcing a search for open AP's. More and more, I'm amazed at how many there are. Yesterday while having coffee with a friend, for sh*ts and giggles I thought I'd test for connectivity and there it was. This morning at the trainstop (which is right in middle of a residential) I noticed two cars with license plates carrying clever variations of the word bluetooth. I figured there HAS to be someone that lived closeby that's a wireless geek so I fired up my clie and BAMM... instant luck again.

I just wish that there were some VPN software for the clie, that way I wouldn't have to worry about someone using a sniffer on the networks I sneak on. ;-)

BTW, I have two profiles that I use for wireless: one for my locked down network at home, and one for open APs. Leave the "roaming" profile with all of the defaults and infrastructure mode. If you live in a town with a lot of open APs like I do, you'll never use a cell to browse again.

If you're in a hospital they are probably using cysco products for their wireless and wired networks. If your card's mac address isn't on the trusted list you aren't going to get in. I do hope you guys know that it is a crime to get on a network without the owners permission.