Difference between revisions of "Archive:Create an autonomous wireless network"
(wikified Micah's article a bit)
Revision as of 18:15, 14 July 2007
This document will teach you how to accomplish several different tasks.
We will create an autonomous wireless network. You could think of it as an "internet island" because what we will create is a free internet that may or may not be connected to the entire global internet.
Your internet could be used to share music, movies, books, or thoughts to those in your vicinity. You could create a pirate radio station that streams propaganda films or a bulletin board for community dissent.
Imagine it, your own private television station that can transmit 11 megabytes (two full mp3 songs) every second.
What information will you send into the wild?
This should be possible for almost any computer connected to a wireless (sometimes called wifi or 802.11) modem. However, I have only tested this on one system: a Powerbook G4 running Mac OS X 10.3.3 with a built in Airport Extreme card on the en1 interface.
Aside from that, you will also need to be using a computer capable of running dsniff. Dsniff runs on many platforms including Linux, BSD, and OS X. It may also work with Windows.
Now, I must admit that I'm a recent convert to OS X. I've been using windows since 3.11. But I find OS X to be the most amazing system that I've ever used. Instead of describing its many virtues, I'll merely describe the simple steps needed to create your own network.
Create your own network
- Open System Preferences and choose Network
- Show Network Port Configurations
- Click on Built In Ethernet, click on Duplicate and type Private Network
- Show Private Network
- Configure IPv4: Manually
- IP Address: 10.0.2.1
- Subnet Mask: 255.255.255.0
- Router: 10.0.2.
- Click AppleTalk and deselect Make AppleTalk Active
- (optional) Repeat 4 - 9 for Airport
Ok, you are almost done. Let's take a second to see what we've done so far.
You told your computer to create a network called "Private Network". You gave it an address (10.0.2.1) which is private, so the network flows only through your computer until other people join it. Right now there is no way for anyone to connect to your network - but it does exist within your computer.
Also, something to keep in mind is that to turn on or off your "Private Network" you must show Network Port Configurations and deselect "Private Network". You won't need to do this often (normally you can just stop sharing it), but I've found that if it is on it will mess with some programs you may run (such as ettercap).
Let other people access it
Now that we've created this network we want other people to be able to access it. This takes three simple steps.
11) Open System Preferences and select Sharing
12) Click Internet and Share your connection from: Private Network to computers using: AirPort.
If you were to click Start, your computer would start responding to becons being sent by any nearby computers. Your network will automatically assign computers IP addresses within your network and will route their traffic effortlessly.
Take a pause at this step and consider the implications of what you've just done. To give yourself some ideas click on AirPort Options.
Every wireless network is centered around an "Access Point" or AP. Each AP is allowed to choose its Network Name. This name will be displayed to other users, and they are free to choose any network they'd like or their computer may associate with the strongest signal present.
What happens if you chose the same name as another network? You literally shout over them; users will associate with whichever access point has the most power in their signal. This will depend on distance, the environment, but also the hardware that you are using. Surprisingly, it doesn't take very much to overpower a signal - especially if you place yourself closer to the intended audience. A building, for example, may have three different access points positioned on different floors. All of them use the same network name and are connected with ethernet cable to the building's wired internet connection. You can place your network in an area of the library with a relatively weak signal but nice chairs and lots of laptop users, for example, and easily hijack their connection.
Rerouting web traffic to tell people who you are
Now that you've set up this network you are very close to being able to build anything. There is a slight problem, and that is you must learn something about routing information in a network. You see, there is another problem.
Let's say you named your network something intriguing like "You know" and clicked Start. Another person using a laptop sees your network and joins it. How do you alert them to who you are? What do you do when they try to go to google.com?
You need to create something similar to a Captive Portal. In other words, you want all the traffic to route back to your computer. Now this is a relatively complicated problem that does require actual programming skills. However, we're going to accomplish this task easily because all the requisite programs have been created for Mac and you can download them here.
Go ahead and install the Dsniff package, it will add a bunch of small text based programs to your computer. You can learn about each of them by typing man dsniff in the terminal. You will also need to tell your computer to forward traffic. This can be done be typing:
13) sudo pico /etc/hostconfig
14) Change IPFORWARDING=-NO- to be IPFORWARDING=-YES-
Ok, you've done it. Dsniff includes a very easy program called dnsspoof. The way this program works is by telling your users that the address for any URL is your computer. If a user tries to go to google.com, their computer will ask your computer what the IP address is and your computer will respond 10.0.2.1 (your computer). Make sense?
I'll explain some more. But first open up a terminal and type:
15) man dnsspoof
16) sudo dnsspoof -i en1
Now that this program is running, let's say that someone joins your network, opens their web browser and types in nytimes.com. Dnsspoof will intercept this signal and respond 10.0.2.1 (It also passes more information, I believe). The user will try to access your computer's web server, and this is where you need to be a little creative.
To turn on your web share, you must:
17) Open System Preferences and select Sharing
18) Turn on Personal Web Sharing
Once this is running, dnsspoof will route all web traffic on your network that attempts to use a domain name (.com,org,net,info,etc) to your computer's "Personal Web Share" that is actually a fully featured Apache web server.
The best way to understand what is going on is to get two laptops and work with it. It makes sense if you test your hypotheses. One thing you'll quickly realize is that it is a lot easier to connect with OS X users. All PC users will be able to connect to you, but it is more difficult for them to join you - at least that is my experience.
So what are the kinds of things that you are now free to do?
Well, it is really up to your imagination. You can keep your network an island, or you can plug your ethernet cord into a wall or another laptop. You can present people with a website that only allows them to download your music. Or you could set up a full blown p2p network. You could allow people to send you files or you could let people post messages to each other. Because the user will be presented with a website of your choice whenever they access the world wide web you can give as detailed instructions as you would like.
You can redirect all types of different traffic to your computer. You can run any servers that you want: streaming mp3, ftp, web, ssh, email, WASTE, etc.
Hopefully these instructions have inspired interest in wireless networks. It's the future, and the movement needs people who understand it.
originally by micah for galeropia.org based on version 0.3 - April 15, 2004