Few n00b questions

[Sokar]

I'm very new to all of this, but here are some of my questions with my new TETRA

1: How do I get files off the TETRA? Lets say I have a .cap file I want to process, how do I get it off? SFTP or something like that? if yes, does Kali come with SFTP tool?

2: What is gateway for? I don't understand what is bar-lan? what about the eth0, eth1? My best guess is that bar-lan is the place where clients connect? So they are separated?

3: I'm also seeing a wlan0 wlan0-1 wlan1mon wlan2? ... It looks like wlan2 is my client mode USB dongle, wlan1mon is monitor mode, but how come there are 2 wlan0?

4: lets say client mode wifi is connected to my WiFi, I don't want random client data leaving from my IP, as if they do happen to be bad people, they could get me in trouble... Is there a way to create a VPN tunnel so all outgoing traffic has will use it?

5: What do the lights mean on the front of the TETRA? Sometimes I just have a blue light, sometimes blue and a red one... not I just have a red one?

6: How do I lock channels? If I'm trying to capture something on -c 1, I don't want it jumping all over the place, but I keep seeing it say "fixing from channel X" Is this because I have the PineAP demon on?

7: .bashrc - this might be dumb question but I thought I would add it... There is no .bashrc in /root/ if I create one, will it be used?

8: Under Access Points, There is an "Open Access Point" ... What is this for? It's hidden by default. But no off switch?

That is all I can think of right now, Thanks a lot in advance for any help!

[Xcellerator]

Hi, these are some good questions. I'll do my best to answer clearly! I don't own a Tetra/Nano yet (still on the MKV) but most of these are general questions.

1. SFTP can be used, but there's no need to run an SFTP daemon on the pineapple. You can use SCP which is just a file transfer protocol over SSH. Use it just like you would "mv" or "cp" in Linux.

scp root@172.16.42.1:/sd/dir/dir/file.ext /home/me/directory/to/save/to/

2/3. In networking, the Gateway is the address that outbound traffic is sent to. So for your personal machine, it would be set to whatever router you're using to connect to the internet (either your home router or your pineapple if you're connected to that). If you're using Linux, type 'route' at a terminal to get a print out of your current network routing configuration. It will state your gateway there.

The other things you mention are all different network interfaces. 'br-lan' is a virtual interface. The 'br' stands for 'bridge' and does exactly that - it bridges the connection from wlan0 and wlan0-1 (both are the radio that clients connect TO, there are two because there is an open access point and an encrypted one that you use to manage the pineapple securely) to wlan1 or wlan2 depending on which radio you're using to connect to a source of internet access. wlan2 is indeed your USB dongle by default. wlan1mon is another virtual interface. You are right in that it is just wlan1 but in monitor mode.

eth0/eth1 are ethernet interfaces.

4. This is 100% possible. I believe that there is an openvpn module available but if there isn't then openvpn is available via 'opkg' (sort of like apt-get or yum from Ubuntu/Fedora but for OpenWRT). There is plenty of documentation available online for setting up OpenVPN. In fact Hak5 did a few segments on setting up a few seasons ago. Highly recommended.

5. I'm afraid I'm not sure what the lights mean on the Tetra. On the MKV they're just status lights. I'm sure they'll be explained in the manual.

6. I'm not sure what you mean by this. Most CLI tools allow you to set either '-C' or '-c' to specify a particular channel. I assume that you're using the wlan1 interface in monitor mode (wlan1mon)? Keep in mind, that it jumping all over the place isn't necessarily a problem. It certainly speeds things up by selecting the channel in advance. The only time it would really be important is if you had a weak signal. The channel hopping process could miss the frame from a weak signal so setting the channel guarantees that it'll find it (if you're in range!).

7. Placing a .bashrc file in /root/ won't do anything at all. The Pineapple runs a heavily modified version of OpenWRT which by default uses fork of BusyBox as a shell environment. I guess you could install bash via 'opkg' but bash is more memory intensive that BusyBox so its not recommended. BusyBox is actually a number of common gnu utilities all rolled into one specifically for embedded devices, so your best bet is to stick with that.

8. As I mentioned earlier, wlan0 runs this open access point. It is the access point that all your clients will connect to. This is how the WiFi Pineapple has always worked, even way back in the days of Jasager for the FON. wlan0-1 runs an encrypted (WPA2 iirc) access point for YOU to connect to. This way, your connection to the pineapple doesn't run in the same vein as your clients so they couldn't sniff YOUR traffic and see you connecting to 172.16.42.1 on port 1471 and decide to take over your pineapple. Its hidden by default so it doesn't show up when people scan for nearby WiFi networks. Its best to leave it that way unless your looking to entice people who scan for free WiFi. For example, you could title it "Free WiFi" and set it to un-hidden and wait for unsuspecting WiFi users to connect.

Hope this helps!

[Sokar]

Thank you for the answers.

[Sokar]

Not sure why that posted... I did not click pot yet.

1: I also found out you can run this from kali and it places the file in the current dir.

sftp 173.16.42.1:~/getthisfile

2/3: Thanks

4: Will look into how to setup open VPN

5: I found what the status lights mean in the draft of the manule here: https://docs.google.com/document/d/1KVYSTedUJTjn8VxG2Wk2iXeo3QHnnwM8V1GVFnr8w8c/edit?pref=2&pli=1#

6: this was because I had PineAP demon running... They were fighting over what channel it should be on.

7: The only reason I wanted a bashrc was so I could setup ll = ls -ltrh ... I hate typing that out all the time. lol

8: Not sure I'm 100% on this. There are 2, under wifi management. One is open and hidden and the other is WPA2 but not hidden. I also ways use the WPA2 one, and have a nice long password. So the "open" one is just to get clients to connect? Not a management one? but it is under management section.... Also, if i want to add a free WiFi one, I could just add it to the PineAP SSID pool, and broadcast it.

[jkr504]

I am running Arch Linux in virtual box; and trying to set up my new (new to all of this) tetra, I ran "ifconfig" and the only thing coming up is:

bash: ifconfig: command not found

What do I need to do or better yet what package should I download?