Everything In Between

Many Mac OS X users lament the lack of sophisticated network analysis tools, often prevalent and seemingly prolific on Linux systems. What many don’t know is that Mac OS X comes with a built-in command-line tool to do all sorts of nifty things with Wi-Fi networks, from packet capture (traffic sniffing) to scanning nearby networks’ signal to noise ratios.

Mac OS X ships with a command-line tool called airport that can do all sorts of nifty things with Wi-Fi networks. Unfortunately, it’s so squirreled away that most people don’t seem to know about it. The utility is part of the Apple80211 Private Framework used to power your Mac’s Airport menubar icon.

Invoking the utility without arguments prints a useful (if incomplete) usage message. At a Terminal command prompt, type:

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport

The tool let’s you do a number of interesting things, so it’s worth playing around with. While you’re playing, you may as well create a symlink (a shortcut) to the utility so you don’t have to type that long path name all the time:

sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/bin/airport

Among the easiest things you can do is print a list of the Wi-Fi networks within range of your computer, but unlike the Airport menubar item, this report shows you a bunch of extra, precise data, such as which encryption protocol (if any) is being used on the network:

$ airport en1 scan
                            SSID BSSID             RSSI CHANNEL HT CC SECURITY (auth/unicast/group)
                       moscohome 00:22:6b:8b:86:51 -61  10      N  -- WPA2(PSK/AES/AES)
                     PUBLIC-455H 00:15:6d:60:95:d1 -82  1       N  -- NONE
                    Alex Network 00:1e:e5:24:c4:4f -86  1       Y  TW WPA(PSK/TKIP,AES/TKIP) WPA2(PSK/TKIP,AES/TKIP)
                   linksysELNIDO 00:21:29:a3:fd:99 -90  6       N  -- WPA(PSK/AES,TKIP/TKIP) WPA2(PSK/AES,TKIP/TKIP)
                        2WIRE024 00:18:3f:02:2f:49 -88  6       N  US WEP
                        2WIRE940 00:12:88:d9:85:41 -93  6       N  US WEP

If I wanted to see which of my neighbors still haven’t upgraded from WEP, I could just filter using grep:

airport en1 scan | grep WEP

More awesome, perhaps, is the tool’s ability to actually perform traffic sniffing and capture packets. Tell airport to sniff, and optionally provide a channel (which you now know thanks to your ability to scan). You need to be an administrator (i.e., you need sudo privileges) to do this:

sudo airport en1 sniff 6

This creates a file called airportSniffXXXXXX.cap in the /tmp directory, where XXXXXX is a string for uniqueness. You can then feed this file into your favorite network analyzer such as Wireshark to examine the traffic offline.

There’s a new book out today. It’s called Wireless Networking in the Developing World, and it’s available for free downloads online. I’ve already snatched my copy.

Even though it was written with the intention of making wireless telecommunications infrastructure more readily accessible to developing nations by means of educating implementors, I’ve already found it to be a useful reference and excellent learning tool to get a strong grounding on the considerations of setting up any wireless network. It starts you off with a grounding in radio physics, and then quickly goes through the stages of network design: the physical network infrastructure and the logical collision domains. It even has good advice on how to secure the network you create.

This book will be useful for everyone who wants to build their own wireless network that is more complicated than a simple home router. I can also see this guide being extremely handy for those managing and planning community wireless “hotspots” since its focus is on low-cost, yet effective, infrastructure. With the U.S. severely lagging behind the rest of the developed world in terms of broadband internet access, community wireless projects can breathe new life into local economies just as effectively in America as they can overseas.

Books like this that make it easy for individuals and other organizations to inexpensively maintain wireless telecommunications infrastructure is a welcome addition to the fight for better Internet access across the globe.

Yesterday, after playing a game of Squash with my uncle, I hopped into the nearest electronics store in search of three things.

• An external hard drive with FireWire.
• An USB to PS/2 adapter.
• A PCMCIA (aka “CardBus”) wireless card.

I walked to a sales representative and first asked for the hard drive. He walked me over to a shelf and showed me the few remaining items in stock. None had FireWire capability, and they were sold out of enclosures so I couldn’t make my own external drive by purchasing an internal one.

Next, I asked about the USB to PS/2 adapters they had. We walked to another shelf, he showed me the only item of the sort they carry and then apologized for the lack of options when I balked at the ridiculously exorbitant price. ($25.99 for a simple cable adapter is silly.) Thanks, but no thanks, I said, I’ll check online.

Finally, I asked about WiFi cards. This time, we headed over to several shelves packed to the brim with different options. The cards I was interested in were the so-called CardBus cards that fit into a PCMCIA slot on laptops. There were an abundance of different cards, each with similar capabilities. There were NetGear cards, LinkSys cards, D-Link cards and more.

As we approached, the salesman picked up a LinkSys card and handed the box to me. I took it and started reading the feature set.

• Wireless PCMCIA CardBus ethernet adapter.
• Supports 801.11b/g (“up to 54 Mbps!”).
• WEP and WPA-enabled.
• Runs on Windows 2000, XP, ME, and 98SE.
• Price: > $70.00.

Anything cheaper? I asked. The salesman turned to the shelf, picked up a D-Link card and handed it to me. I read the feature set of the D-Link card.

• Wireless PCMCIA CardBus ethernet adapter.
• Supports 801.11b/g (“up to 54 Mbps!”).
• WEP and WPA-enabled.
• Runs on Windows 2000, XP, ME, and 98SE.
• Price: < $60.00.

What’s the difference between this one and that one? I asked him.

The LinkSys is the better brand, the salesperson told me.

Better brand? There I was in the store, holding a box in my left hand and a box in my right. Inside each was a little piece of hardware, each of which claimed to perform the same exact function in the same exact way. Both boxes were the same shape and the same weight. One box was a light blue with a white logo while the other a dark blue with a yellow logo.

What do you mean a ‘better brand’? I asked.

It, um, works better. Sometimes you have connectivity issues with the cheaper one, the salesperson stumbled.

They both do the same thing, though, I insisted, reading off the identical feature sets of both boxes.

But the better brand works better.

Why?

At this point, the salesperson started rephrasing and recycling his previous statements that the better brand meant better reliability. It was a matter of trust; if I had not been tech-savvy, I would probably have paid for the supposed extra reliability of the more expensive card. Since I have no fears on the matter, I did not need to trust the card or the manufacturer—I already trusted myself to get it to work.

So what’s in a brand name? Perceived quality. The keyword here is the former, perceieved. As it turns out I purchased the less expensive card and had no problems whatsoever.

Yesterday I finally got my new apartment hooked up with Time Warner Cable’s Road Runner Internet service. (While I was at it, I totally ditched TV and along with the quieter home, I’m looking forward to the nearly $40 savings on my bill each month!) The cable guy woke me up at noon and I answered the door in a t-shirt and boxers because I couldn’t find my pants. Oh well.

Anyway, he quickly set me up, left me extra cable wires at my request, and I started to set up my computer corner. Got my router hooked up after spoofing its MAC address, and started a cursory test of the Wi-Fi router’s signal around my apartment. Everything looked good for a while, so I moved on to more pressing matters, but later on in the day I began experiencing inexplicable network slow-downs and disconnects. I couldn’t make heads or tails of it until I launched NetStumbler and began exploring a little more in-depth.

(I had to do some quick research to gain any valuable information from NetStumbler’s findings, but luckily Wikipedia is perfect for this sort of thing.)

NetStumbler was able to locate 3 other wireless networks in addition to my own which were broadcasting through my apartment. The interference was remarkable. Each of them were transmitting in the mid-channel range from 3 through 6, and I was caught right in the middle. My network’s SNR decreased considerably the more I travelled away from the AP.

The thing about Wi-Fi is that the signals aren’t typically very strong to begin with becuase the coverage is intended to remain confined. This means that competing signals transmitted in close frequencies (termed channels) cancel each other out, causing the headaches my network was giving me.

Thanks to NetStumbler I knew what channels the other guys were using, so I started broadcasting at the other end of the spectrum and suddenly my reception was loud and clear all over the apartment, and I would guess wherever they are broadcasting from too. The lesson in radio technology and Wi-Fi in general was extremely interesting and informative, but on a more practical note this is about being a good Wi-Fi neighbor and not competing for signal strength on the same channels.

It also brings up some very critical concerns involving security and privacy issues. One of the networks NetStumbler found was an unsecured Linksys-based AP. The owner probably doesn’t realize that his home computer network is wide open to anyone with a wireless networking card and a computer, but it is. Since Wi-Fi works on radio technology, and radio can pass through solid objects like walls, the area covered by his transmitter pokes out of the confines of his apartment.

If I were the bad neighbor, I could use his Internet connection, or even browse his iTunes music collection and he would probably be none the wiser. If he had a wireless web cam hooked up to the network, I could see whatever images it broadcasted too. And I wouldn’t even have to start hacking. That’s why it’s so important that you take the steps to protect your wireless network with something like WPA or WEP.

WEP is not very strong, and the new generation of WEP-cracking tools can break it in a matter of minutes, so it should never be considered a preventative measure to keep crackers out of your network. Rather, it is a detterant that should be used to dissuade crackers from trying. My old router only supports WEP encryption on its WLAN so that’s what I’m stuck with, but the fact that this other guy keeps his network wide open means I feel pretty safe here.

Afterall, which house do you think a burglar would break in to? The one with the big security-company sticker on all the windows and doors and the lights on, or the one in the dark with the open window and unlocked door?