digininja

Read the various internet connection sharing (ICS) posts and any of those by definition put your laptop in the middle where you have all the traffic flowing through your machine.

A few people have posted ways to get ICS working. I'm not a windows user so can't comment on which are correct and/or work. Have a read through them all and see which ones seem to be the best

Wrong. It is possible to retrieve WEP keys from a machine over the wire, see my earlier post about caffe latte. I agree with iyeman, the question was is it possible to retrieve WEP/WPA keys using Jasager and the answer is currently not but it is possible to build a caffe latte attack into it to make it do it.

A couple of points here. Jasager doesn't broadcast any ssid so you won't pick it up if you scan for it but pick a random ssid and try to connect and you should get a connection. For the encrypted APs, it depends on your client. Some clients will specify that if they expect encryption (WEP/WPA) then they will only connect to an AP if it has that encryption. Others will degrade back to no encryption if they find an AP with the same SSID but without encryption. I'm also not sure what you mean about the IP address stuff. If you are trying to setup connection sharing through linux then the way I do it is to have the wifi on one subnet and the wired on another then make sure connection forwarding is enabled and I have routing setup correctly on both the fon and on my default gateway.

It won't brick anything and should work out of the box (package) but there may be the odd thing that needs manually tweaking.

I'm happy to release Jasager v2 rc 1. I'm going to start by saying that this isn't a full release, there is the potential of things being broken and you having to get your hands dirty to fix them. If you don't want to fiddle with things then hang on for the full release, hopefully it will be out very soon. New features: Module system - I'm going to document this fully on my site but basically you create your script which obeys a couple of simple rules and drop it into the scripts directory. It will then appear in the connected clients drop down list. As an example of what can be done I've created two script, echo which just echos out what was passed in and portscan which will do a TCP port scan against the connected clients IP. If they haven't got an IP yet then you will get an error. All output is sent to the log file but there is a slight problems here, as the log file shown on screen is reversed so you always see the latest entry at the top you get the log output in reverse order. I thought about dumping it to the log file backwards so that it came out in the interface the right way round but didn't like that option so it is as it is for now, if anyone can suggest a better way to do it I'm happy to listen to suggestions. Moved log file - I moved the log file from /karma/log to /tmp, this will prevent filling the flash Used the wlan led to indicate whether Karma is enabled or not - This requires a new dependency, kmod-gpio, you can get this from my site, see the links below. Unfortunately this package has a bug in it so the module isn't loaded on boot at it should be. To fix this, after you've installed it you need to run echo proc_gpio > /etc/modules.d/80-gpio MAC address filtering - I've added the standard madwifi MAC address filtering to the interface. It is very similar to the SSID black/white listing but it has 3 states, off, black and white. I can't find a way to request the current state from the drivers so I've had to store the state in a temporary file, it should cause any problems as long as you don't start setting the state by hand, if you do then you know enough to not worry about the interface. I've also tidied up the code a bit. Any comments, bug reports, feedback please let me know. If you want to know the interface for the modules nag me for it otherwise I'll get distracted and not get round to writing it. Enjoy Files: 2.0 rc1 Tarball 2.0 rc1 Package kmod_gpio

I've been thinking about putting one of the open source licenses on Jasager as the current version doesn't have any license attached to it but I know very little about the differences between GPL 2, 3, Creative Commons, apache, BSD etc. Are there any license experts in the house? Important features: I want one that allows me to use other open source code released under different licenses without any problems. I want the app open to the world but I don't want people making money out of selling it without my permission (read giving me/the community my/its cut). The amount of attached files needed has to be minimal, e.g. if using GPL 3 means including a .5M file with the package then that is going to be an issue due to low disk space. Can anyone suggest the best one to use and give a good reason for it. This is going to be important as I've just taken a chunk of code released under GPL 2 to include in the port scanner and I don't want to mess things up by choosing the wrong license and so upsetting the guys who wrote the original code.

As long as it is accurate then I think it will be ok. The only problem with things like this is that people searching find multiple slightly different ways to do things and so don't know which to trust. If you can stick to a particular script and reference that then it will tie things together. If you can wait a few days I'll have v2 out and you can do the video on that.

Don't use ubuntu but I'd guess that one of the configs is wrong or the directory it is expecting isn't there. Go back to step one and check everything.

The flashing process takes ages. I've nearly given up a few times, just start it going, eat pineapple and come back later. If it hasn't finished in an hour then you can start to worry!

That would work if you could get onto the box of the victim.

not 100% sure what you mean but I think you are saying that you think the Fon has 192.168.0.7 but when you try to access it through the web interface you get the Sky router. If so then it sounds like sky is on that ip. The easiest way to find out is to ping .7 and then unplug the device, if you get responses which then die when you unplug it then you are right, if they don't stop then something else is on that ip. If it isn't on that IP then you can use nmap to do a ping and OS scan to work out what ip it is on, if any. Unless you set the Fon up to get its ip from dhcp then it doesn't by default so it will be on a hardcoded address.

Spot on, and WEP is the same, the traffic is encrypted by (after some processing) by the password so Jasager can't pretend to be an encrypted AP. You could look at the caffe latte attack to recover a WEP key from a client. http://www.airtightnetworks.com/home/resou...affe-latte.html If anyone wants to try to implement it let me know, I'd be happy to offer suggestions and I know some of the AirTight team so may be able to get any extra info if needed.

I leave my stuff in where I put it and access the site through port 1471. Means webif stays in place.

Just to let people know I haven't abandoned ship, I'm doing a CCNA course this week and leaving home very early and getting back way to late to do things. Normal service should resume next week. When I've got some free time back I'm going to finish v2, not much for end users to see but if anyone wants to develop modules it will include the module system so you can just drop your own scripts in the right place and have them magically appear in the connected clients drop down list. The demo apps will be a pinger and a port scanner. Its almost finished, just needs some stuff plugging together, quick testing then rolling up and sending out. I've also done a couple of other little bits like turning the wlan led on for karma being on and got MAC white/black listing working as well as kicking.

Thats right. at the moment the log file is put on the jjfs partition in the /karma/logs directory, in the next release I'm moving it to /tmp so it uses memory rather than flash as that will be more efficient.

You should be able to get a set of Fonarea firmware off their website and then used redboot to install it. I know they have instructions for installing their own firmware on the fon+ so they should have it for the fon. After all the effort you went to to get it working you are going back to the original fon, why?

I don't know what the spec is for the second antenna port. I know that my Ubiquity PCMCIA card has two antenna ports but one is classed at the primary one and is higher power than the other. So, adding a better antenna should help but if you are adding it to a lower powered port then it may end up being the same as the installed one.

I feel all left out but I've already done two trips across the atlantic for a weekend con this year so really can't justify another one. I'll definitely be at Shmoocon though.

ssh in and run wlanconfig ath0 destroy

Darren does this. I know he is busy with Phreaknic at the moment but he should be able to tell you how he did it. I would say just create a second interface using wlanconfig and then run hostap on that.

Just installed vista SP1 and there is a line in the install notes saying something like: "Turn off your AV as it will stop the upgrade from happening. We don't advise turning off AV but in this instance it is ok because we say so" If you want to run along those lines, stick a captive portal on the fon with a message telling people how to disable their firewall if they want to use your network. I reckon a lot of people, if given clear instructions, would just follow them and turn it off.

There will be only one wireless circuit, the two antennas just give you more options of what to plug in. I've got a few wireless cards like that.

No, just plugged the two together with an ethernet cable I had lying around.

A few options * just sniff/store traffic - stick some dummy services on the fon and let people connect * connect via a second wifi interface and bridging to a laptop somewhere else to give an internet connection * in an office environment, find a spare wall jack and use their network to route traffic.