Using a GPS to perform a Wi-Fi survey

It is important to perform a wi-fi survey so that you can determine not only the perfect place to locate your access point or bridge but to gain an understanding of the channel co-existence challenge you may face.  With wireless access points in surrounding neighborhoods and businesses, you will need to  perform a survey by walking around and mapping out the BSAs (Basic Service Area) of wireless that surrounds you and your organization.

Below is an example of our school’s perimeter.  Matt, Chris and James, students in the Computer Information Technology, class performed a survey using a Microsoft GPS and Vistumbler.  This survey revealed access points and their channels of current wireless at our institution and  includes APs in surrounding businesses and neighborhoods.  These were mapped using Google Earth after exporting their KML file from Vistumbler.

This type of survey allows IT professionals to analyze data exported to ensure the correct channels can be used at their organization.

Miller Goodroe Felts

After exporting the wireless information, you can analyze each access point or wireless device by clicking on it.  Below is an example of the information exported into Google Earth.   Each device shows SSID, Network Type, Mac Address, Channel, Security, Encryption Type, Data Rates, Latitude, Longitude and Manufacturer information.   Analyst using this information can also determine the best placement of wireless devices along with channel information.

ESSID Expanded

Channel co-existence is when access points share channels that are very close to one another.

802.11 wireless on 2.4 Ghz has three non-overlapping channels.  These channels are 1, 6 and 11.  The closer channels are, the more likely interference will take place.  With the amount of wi-fi in use today, IT professionals have to chose between 2.4 Ghz and 5 Ghz and and try to select channels that are not in use if possible.   Professional access points and bridges can also adjust power as necessary.   A dense population can make this very challenging.

If you look at the students’ survey by zooming out to see how many access points can be seen, this is what you are looking at!  Now you can see why site surveys are important at your organization.

Exploded

In addition to this survey, a secondary survey using a spectrum analyzer is very important to search for interference from other sources.  (See our review of the Airview Spectrum Analyzer)

analyzer-software

Channel information (Chart from Wikipedia)

NonOverlappingChannels2.4GHzWLAN-en.svg

Here’s another look at a wireless survey showing vertical lines and signal strength.  (James M. KML survey)

Another view James Miller KML

Network Switches – Avoid Daisy-Chains

When you are networking computers, wireless access points, printers and other nodes in multiple rooms, try to avoid daisy-chaining switches or using small 4-8 port switches when you are in a hurry.  Replace any hubs on your network as soon as you can.

With a hub, collisions can be >20% and utilization can stand at >50%.   By replacing a hub alone, you can reduce collisions to 5% on switches in rooms and <1% in the server room.  Switches help to isolate traffic, relieve congestion, separate collision domains (reduce collisions), segment and restart distance/repeater rules.

Daisy Chaining Switches -what not to do

Real world scenarios may require you to temporarily daisy chain switches.  If you do, test the network and run additional backbones or replace core switches to accommodate more nodes as soon as you can. (remember, replace any hubs in your network)

Daisy chaining

One of many solutions is to run independent lines to the core switch

alternative

Basic tips on optimization of your network -

  • Use stackable managed switches
  • Purchase switches that support
    IEEE 802.1D , IEEE 802.1p , IEEE 802.1Q , IEEE 802.1s , IEEE 802.1w , IEEE 802.1x , IEEE 802.3 , IEEE 802.3ab , IEEE 802.3ad (LACP) ,
    IEEE 802.3ae , IEEE 802.3u , IEEE 802.3x , IEEE 802.3z
  • Use a battery backup on the switches

This is the very basics behind network switch infrastructure.  Managing switches and using the IEEE standards above along with optimizing your network and managing the network infrastructure is important.

Excellent articles on Networking Infrastructure

http://www.lantronix.com/resources/net-tutor-switching.html

http://www.techrepublic.com/blog/it-consultant/only-novices-daisy-chain-switches/

Configuring WDS to extend your wireless network

Want to extend your network and make it more reliable and robust?   

Here’s what you will need -

  • Two routers with the same firmware
    • Preferably Tomato or DD-WRT

Login to the first router.  

In this example, the static number 192.168.1.1 is the Main router.

  • Enable the WAN to match your ISP  
  • Enable DHCP
  • Enable Access Point + WDS  (Picture two below)
    • You must have the same wireless configuration on both routers
      • Enter the MAC address of router two under WDS Link with.

Router 1 no 1

Router 1 no 2

Login to the second router

  • Disable the WAN
  • Disable DHCP
  • Assign the router a static IP address (Below we have given the router .250)
  • Enter Router One’s IP Address for the Gateway
  • Enter a DNS of your choice
  • Make the wireless configuration the same as the first router.  Under WDS, change the drop down to automatic.

Router 2 no 1

Router 2 no 2

With the same settings, you can now extend your network several hundred feet under the right conditions.  Because the SSIDs are the same, once you join one of the routers with a smartphone or laptop, it will seamlessly change to the stronger signal.

With Tomato, you can chain together approximately 12 devices.

Links-

Tomato RAF

Shibby’s Tomato

DD-WRT

Note; The IP addresses and MAC addresses are in a lab environment.

How does it look on a network map?  The two routers are actually connected together.  The switch is the four ports on the back of the router closest to the internet.

Map

The Ultimate Toolkit for IT Professionals – GE Geek Toolkit

I discovered GE Geek through Rick at What’s On My PC.  GE Geek is a resource like no other.  The time and dedication to linking and uploading the thousands of resources at GE Geek is commendable.

The best feature by far is GE Geek’s Toolkit that contains 1.7 gigabytes of tools that every IT pro needs.

“A complete collection of over 300 Portable Freeware Tech Related
programs, all accessible from one Menu Launcher Utility. There’s
even a program to update all the essential programs automatically,
all contained on a USB/Flash drive for travel.” ~GE Geek

Here’s a short list of the categories -

Apps to Install
App Updates
App Uninstallers
BackUps
Benchmarking
Compression
Configurations
Diagnostics
Drivers
FTP Tools
Internet
Maintenance
Malware Removal
Multimedia
Network Tools
Recovery
Remote Tools
Repair Tools 1
Repair Tools 2
Scripts
Search
Security
System Information
System Tools
Tweaking Tools
Windows Services Defaults
Windows 7 Tools
Windows 7 Troubleshooting
Windows 7 / 8 Shortcuts
Dozens more
getoolkit 

 

Here’s a Snapshot of his Site. You have to visit the site to get an understanding of how this has to be one of the best sites on the web for IT Professionals.   Link

SnapShot

Excellent site to understand deployment

Need a step by step tutorial on Sysprep, ImageX or other Windows’ deployment methods?  Me, Myself and IT has excellent step by step tutorials on these different methods.

Getting started using Windows Deployment

Create a Windows PE USB    (Includes Dropbox download)

Capture an image using ImageX

Apply a WIM using ImageX

How to build an UnAttended Answer File

Adding drivers

Preparing and Using Sysprep

Experiments with Sysprep

MDT

Commands in Telnet – DD-WRT and Tomato routers

If you have flashed your router with DD-WRT or Tomato you can probably use the following linux commands in the picture below.

Before you get started, you’ll need to enable Telnet client on your Windows computer.  Go to Programs and Features under the Control Panel.   Telnet client is found under add/remove features.

If you want to capture the information to a local Windows computer, during the telnet session, make a folder on your C: drive named telnet.  Then type :

telnet youripaddress -f c:\telnet\capture.txt

Enter your username and password.

Want to see the commands that are available?  Type ls /*bin /*/*bin . – ls will list the commands and used with bin will give the commands found in the different directories that have ‘bin’ in the name.

commands

While there are hundreds of command options for both operating systems, they are primarily Linux.

Here’s a great list – link.  (Not all commands will work)

uname -a gives the Linux version

Linux

 

Want to see a ton of information about your router?  Type sysinfo | more

This will give you information about the system including CPU, memory, network and a ton of other information.

unknown login: root
Password:
Tomato v1.28.0000 MIPSR2-120 K26 Max
========================================================
Welcome to the Linksys E2000 [TomatoUSB]
Uptime: 00:39:53 up 1:54
Load average: 0.16, 0.03, 0.01
Mem usage: 30.8% (used 8.88 of 28.84 MB)
WAN : 192.168.0.3/24 @ C0:C1:C0:xx:xx:xx
LAN : 192.168.1.1/24 @ DHCP: 192.168.1.2 – 192.168.1.51
WL0 : Zeus @ channel: 6 @ C0:C1:C0:xx:xx:xx
========================================================
root@unknown:/tmp/home/root# ls /*bin
/bin:
ash date fgrep ls netstat ping sed udpxy
busybox dd grep mdu nice ping6 sh umount
cat df gunzip mkdir ntpc ps sleep uname
chmod dmesg gzip mknod ntpstep pwd stty usleep
chown eapd kill more ntpsync rm sync vi
cp echo ln mount nvram rmdir tar watch
cstats egrep login mv pidof rstats touch zcat
/sbin:
arp hotplug mtd-erase sched
buttons hotplug2 mtd-unlock service
console ifconfig mtd-write setconsole
ddns-update init ppp_event syslogd
dhcp6c-state insmod radio udevtrigger
dhcpc-event klogd rc udhcpc
dhcpc-release led rcheck vconfig
dhcpc-renew listen reboot wldist
disconnected_pppoe lsmod redial
gpio modprobe rmmod
halt mount-cifs route
root@unknown:/tmp/home/root# sysinfo
Tomato v1.28.0000 MIPSR2-120 K26 Max
Linux version 2.6.22.19 (root@tomato) (gcc version 4.2.4) #37 Sat Jun 7 05:30:28
CEST 2014
NVRAM
1012 entries, 21604 bytes used, 39836 bytes free.
INTERFACES
br0 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:185075 errors:0 dropped:0 overruns:0 frame:0
TX packets:166658 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21559405 (20.5 MiB) TX bytes:160278768 (152.8 MiB)
eth0 Link encap:Ethernet HWaddr C0:C1:C0xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:165763 errors:0 dropped:0 overruns:0 frame:0
TX packets:175648 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:161724476 (154.2 MiB) TX bytes:22794209 (21.7 MiB)
Interrupt:4 Base address:0×2000
eth1 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:235085 errors:10 dropped:0 overruns:0 frame:269509
TX packets:234875 errors:72 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:56724666 (54.0 MiB) TX bytes:201731456 (192.3 MiB)
Interrupt:3 Base address:0×1000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:87 errors:0 dropped:0 overruns:0 frame:0
TX packets:87 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:13018 (12.7 KiB) TX bytes:13018 (12.7 KiB)
vlan1 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:7418 errors:0 dropped:0 overruns:0 frame:0
TX packets:16101 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5137752 (4.8 MiB) TX bytes:1536952 (1.4 MiB)
vlan2 Link encap:Ethernet HWaddr C0:C1:C0xx:xx:xx
inet addr:192.168.0.3 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:158047 errors:0 dropped:0 overruns:0 frame:0
TX packets:159142 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:153556156 (146.4 MiB) TX bytes:21209557 (20.2 MiB)
ROUTING TABLE
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 vlan2
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 vlan2
Kernel IPv6 routing table
Destination Next Hop
Flags Metric Ref Use Iface
::1/128 ::
U 0 0 1 lo
ARP TABLE
192.168.0.1 dev vlan2 lladdr 00:09:5b:cd:50:40 REACHABLE
192.168.1.38 dev br0 lladdr 68:5d:43:e7:83:44 REACHABLE
IP TABLES
:filter
Chain INPUT (policy DROP 403 packets, 193K bytes)
pkts bytes target prot opt in out source destination

692 61801 DROP all — * * 0.0.0.0/0 0.0.0.0/0
state INVALID
10214 1655K ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 shlimit tcp — * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 state NEW
14 2052 ACCEPT all — lo * 0.0.0.0/0 0.0.0.0/0

6522 793K ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT udp — * * 0.0.0.0/0 0.0.0.0/0
udp spt:67 dpt:68
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

253K 139M all — * * 0.0.0.0/0 0.0.0.0/0
account: network/netmask: 192.168.1.0/255.255.255.0 name: lan
0 0 ACCEPT all — br0 br0 0.0.0.0/0 0.0.0.0/0

59 2360 DROP all — * * 0.0.0.0/0 0.0.0.0/0
state INVALID
9434 453K TCPMSS tcp — * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0×06/0×02 TCPMSS clamp to PMTU
128K 15M monitor all — * vlan2 0.0.0.0/0 0.0.0.0/0

249K 138M ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 wanin all — vlan2 * 0.0.0.0/0 0.0.0.0/0

4738 223K wanout all — * vlan2 0.0.0.0/0 0.0.0.0/0

4738 223K ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 12586 packets, 5087K bytes)
pkts bytes target prot opt in out source destination

Chain monitor (1 references)
pkts bytes target prot opt in out source destination

0 0 RETURN tcp — * * 0.0.0.0/0 0.0.0.0/0
WEBMON –max_domains 2000 –max_searches 2000
Chain shlimit (1 references)
pkts bytes target prot opt in out source destination

0 0 all — * * 0.0.0.0/0 0.0.0.0/0
recent: SET name: shlimit side: source
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0
recent: UPDATE seconds: 60 hit_count: 4 name: shlimit side: source
Chain wanin (1 references)
pkts bytes target prot opt in out source destination

Chain wanout (1 references)
pkts bytes target prot opt in out source destination

:nat
Chain PREROUTING (policy ACCEPT 9977 packets, 1113K bytes)
pkts bytes target prot opt in out source destination

403 193K WANPREROUTING all — * * 0.0.0.0/0 192.168.
0.3
0 0 DROP all — vlan2 * 0.0.0.0/0 192.168.1.0/
24
Chain POSTROUTING (policy ACCEPT 10 packets, 1912 bytes)
pkts bytes target prot opt in out source destination

6165 323K MASQUERADE all — * vlan2 0.0.0.0/0 0.0.0.0/0

26 8531 SNAT all — * br0 192.168.1.0/24 192.168.1.0/
24 to:192.168.1.1
Chain OUTPUT (policy ACCEPT 1812 packets, 127K bytes)
pkts bytes target prot opt in out source destination

Chain WANPREROUTING (1 references)
pkts bytes target prot opt in out source destination

0 0 DNAT icmp — * * 0.0.0.0/0 0.0.0.0/0
to:192.168.1.1
:mangle
Chain PREROUTING (policy ACCEPT 273K packets, 142M bytes)
pkts bytes target prot opt in out source destination

128K 124M DSCP all — vlan2 * 0.0.0.0/0 0.0.0.0/0
DSCP set 0×00
Chain INPUT (policy ACCEPT 17877 packets, 2707K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 253K packets, 139M bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 12618 packets, 5092K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 266K packets, 144M bytes)
pkts bytes target prot opt in out source destination

IP6 TABLES
:filter
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

:mangle
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

NET STATS
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 :::53 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 :::23 :::* LISTEN
udp 0 0 127.0.0.1:38032 0.0.0.0:*
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 127.0.0.1:38000 0.0.0.0:*
udp 0 0 :::53 :::*
raw 0 0 0.0.0.0:255 0.0.0.0:* 255
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
FILE SYSTEMS
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/root 5056 5056 0 100% /
tmpfs 14764 172 14592 1% /tmp
devfs 14764 0 14764 0% /dev
MOUNTPOINTS
rootfs on / type rootfs (rw)
/dev/root on / type squashfs (ro)
proc on /proc type proc (rw)
tmpfs on /tmp type tmpfs (rw)
devfs on /dev type tmpfs (rw,noatime)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw)
SWAPS
Filename Type Size Used Priority
PARTITIONS
major minor #blocks name
31 0 256 mtdblock0
31 1 7872 mtdblock1
31 2 5091 mtdblock2
31 3 1856 mtdblock3
31 4 64 mtdblock4
ENVIRONMENT
USER=root
HOME=/root
PS1=\u@\h:\w\$
LOGNAME=root
TERM=vt100
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/home/root:/mmc/sbin:/mmc/bin:/mmc/usr/sbin:/
mmc/usr/bin:/opt/sbin:/opt/bin:/opt/usr/sbin:/opt/usr/bin:
SHELL=/bin/sh
PWD=/tmp/home/root
CPU INFO
0.12 0.03 0.01 2/32 3739
system type : Broadcom BCM4716 chip rev 1 pkg 9
processor : 0
cpu model : MIPS 74K V4.0
BogoMIPS : 176.53
cpu MHz : 354
wait instruction : no
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : no
hardware watchpoint : yes
ASEs implemented : mips16 dsp
shadow register sets : 1
VCED exceptions : not available
VCEI exceptions : not available
unaligned_instructions : 4
INTERRUPTS
CPU0
3: 770819 MIPS eth1
4: 298897 MIPS eth0
7: 687164 MIPS timer
8: 13 IRQ2 serial
ERR: 0
MEMORY
total used free shared buffers
Mem: 29532 18664 10868 0 2464
-/+ buffers: 16200 13332
Swap: 0 0 0
MemTotal: 29532 kB
MemFree: 10864 kB
Buffers: 2464 kB
Cached: 7112 kB
SwapCached: 0 kB
Active: 6188 kB
Inactive: 5336 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 1952 kB
Mapped: 1592 kB
Slab: 4228 kB
SReclaimable: 676 kB
SUnreclaim: 3552 kB
PageTables: 284 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 14764 kB
Committed_AS: 5068 kB
VmallocTotal: 786356 kB
VmallocUsed: 2404 kB
VmallocChunk: 782068 kB
WIRELESS VER
5.10 RC147.0
wl0: Mar 4 2010 00:00:47 version 5.10.147.0
US (US/0) UNITED STATES
LOADED MODULES
Module Size Used by Tainted: P
xt_webmon 16320 1
xt_DSCP 992 1
ip6table_mangle 992 0
ip6table_filter 704 0
xt_recent 6800 2
xt_IMQ 736 0
imq 2320 0
nf_nat_pptp 1440 0
nf_conntrack_pptp 3808 1 nf_nat_pptp
nf_nat_proto_gre 1072 1 nf_nat_pptp
nf_conntrack_proto_gre 2464 1 nf_conntrack_pptp
nf_nat_ftp 1568 0
nf_conntrack_ftp 5792 1 nf_nat_ftp
nf_nat_sip 5920 0
nf_conntrack_sip 19008 1 nf_nat_sip
nf_nat_h323 5504 0
nf_conntrack_h323 37120 1 nf_nat_h323
wl 1781264 0
et 49280 0
igs 13680 1 wl
emf 17408 2 wl,igs
PROCESSES
Mem: 18812K used, 10720K free, 0K shrd, 2464K buff, 7112K cached
CPU: 0% usr 0% sys 0% nic 100% idle 0% io 0% irq 0% sirq
Load average: 0.12 0.03 0.01 1/32 3757
PID PPID USER STAT VSZ %VSZ %CPU COMMAND
1609 1 root S 2684 9% 0% httpd
2031 1 root S 1312 4% 0% crond -l 9
1612 1611 root S 1304 4% 0% -sh
3564 434 root S 1304 4% 0% -sh
1610 1 root S 1304 4% 0% udhcpc -i vlan2 -b -s dhcpc-event -H u
nknown -m
314 313 root S 1300 4% 0% /bin/sh
434 1 root S 1296 4% 0% telnetd -p 23
3676 3564 root S 1296 4% 0% {sysinfo} /bin/sh /usr/sbin/sysinfo
3757 3676 root R 1296 4% 0% top -b -n1
2018 1 root S 1292 4% 0% syslogd -L -s 50 -b 1
2020 1 root S 1292 4% 0% klogd
1 0 root S 1260 4% 0% /sbin/init noinitrd
312 1 root S 1244 4% 0% buttons
313 1 root S 1184 4% 0% console
1611 496 root S 1140 4% 0% dropbear -p 22 -a
1295 1 nobody S 1104 4% 0% dnsmasq -c 1500 –log-async
1225 1 root S 1080 4% 0% nas
496 1 root S 1072 4% 0% dropbear -p 22 -a
1242 1 root S 968 3% 0% cstats
1236 1 root S 916 3% 0% rstats
1222 1 root S 900 3% 0% eapd
273 1 root S 616 2% 0% hotplug2 –persistent –no-coldplug
87 2 root SW< 0 0% 0% [mtdblockd]
3 2 root SW< 0 0% 0% [ksoftirqd/0]
5 2 root SW< 0 0% 0% [khelper]
42 2 root SW 0 0% 0% [pdflush]
44 2 root SW< 0 0% 0% [kswapd0]
2 0 root SW< 0 0% 0% [kthreadd]
43 2 root SW 0 0% 0% [pdflush]
4 2 root SW< 0 0% 0% [events/0]
45 2 root SW< 0 0% 0% [aio/0]
18 2 root SW< 0 0% 0% [kblockd/0]
DMESG
Linux version 2.6.22.19 (root@tomato) (gcc version 4.2.4) #37 Sat Jun 7 05:30:28
CEST 2014
CPU revision is: 00019740
Found a 8MB ST compatible serial flash
Determined physical RAM map:
memory: 02000000 @ 00000000 (usable)
On node 0 totalpages: 8192
Normal zone: 64 pages used for memmap
Normal zone: 0 pages reserved
Normal zone: 8128 pages, LIFO batch:0
Built 1 zonelists. Total pages: 8128
Kernel command line: root=/dev/mtdblock2 noinitrd console=ttyS0,115200
Primary instruction cache 32kB, physically tagged, 4-way, linesize 32 bytes.
Primary data cache 32kB, 4-way, linesize 32 bytes.
Synthesized TLB refill handler (20 instructions).
Synthesized TLB load handler fastpath (32 instructions).
Synthesized TLB store handler fastpath (32 instructions).
Synthesized TLB modify handler fastpath (31 instructions).
PID hash table entries: 128 (order: 7, 512 bytes)
CPU: BCM4716 rev 1 pkg 9 at 354 MHz
Using 177.000 MHz high precision timer.
console [ttyS0] enabled
Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
Memory: 29416k/32768k available (33k kernel code, 3352k reserved, 2718k data, 11
6k init, 0k highmem)
Calibrating delay loop… 176.53 BogoMIPS (lpj=882688)
Mount-cache hash table entries: 512
NET: Registered protocol family 16
PCI: Using membase 8000000
PCI: Disabled
PCI: Fixing up bus 0
PCI: Fixing up bus 1
NET: Registered protocol family 2
Time: MIPS clocksource has been installed.
IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
TCP established hash table entries: 1024 (order: 1, 8192 bytes)
TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
TCP reno registered
squashfs: version 3.0 (2006/03/15) Phillip Lougher
io scheduler noop registered (default)
HDLC line discipline: version $Revision: 4.8 $, maxframe=4096
N_HDLC line discipline registered.
Serial: 8250/16550 driver $Revision: 1.90 $ 2 ports, IRQ sharing disabled
serial8250: ttyS0 at MMIO 0xb8000300 (irq = 8) is a 16550A
PPP generic driver version 2.4.2
MPPE/MPPC encryption/compression module registered
NET: Registered protocol family 24
PPPoL2TP kernel driver, V0.18.3
PPTP driver version 0.8.5
pflash: found no supported devices
Creating 5 MTD partitions on “sflash”:
0×00000000-0×00040000 : “pmon”
0×00040000-0x007f0000 : “linux”
0×00127400-0×00620000 : “rootfs”
0×00620000-0x007f0000 : “jffs2″
0x007f0000-0×00800000 : “nvram”
u32 classifier
OLD policer on
Netfilter messages via NETLINK v0.30.
nf_conntrack version 0.5.0 (512 buckets, 4096 max)
ip_tables: (C) 2000-2006 Netfilter Core Team
ipt_account 0.1.21 : Piotr Gasidlo <quaker@barbara.eu.org>, http://www.barbara.e
u.org/~quaker/ipt_account/
net/ipv4/netfilter/tomato_ct.c [Jun 7 2014 02:58:57]
NET: Registered protocol family 1
NET: Registered protocol family 10
ip6_tables: (C) 2000-2006 Netfilter Core Team
NET: Registered protocol family 17
802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>
All bugs added by David S. Miller <davem@redhat.com>
VFS: Mounted root (squashfs filesystem) readonly.
Freeing unused kernel memory: 116k freed
Warning: unable to open an initial console.
emf: module license ‘Proprietary’ taints kernel.
PCI: Setting latency timer of device 0000:00:02.0 to 64
eth0: Broadcom BCM47XX 10/100/1000 Mbps Ethernet Controller 5.10.147.0
PCI: Setting latency timer of device 0000:00:01.0 to 64
eth1: Broadcom BCM4328 802.11 Wireless Controller 5.10.147.0
Algorithmics/MIPS FPU Emulator v1.5
vlan1: add 33:33:00:00:00:01 mcast address to master interface
vlan1: add 01:00:5e:00:00:01 mcast address to master interface
vlan1: dev_set_allmulti(master, 1)
vlan1: dev_set_promiscuity(master, 1)
device eth0 entered promiscuous mode
device vlan1 entered promiscuous mode
device eth1 entered promiscuous mode
br0: port 2(eth1) entering forwarding state
br0: port 1(vlan1) entering forwarding state
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: add 01:00:5e:00:00:01 mcast address to master interface
IMQ starting with 2 devices…
IMQ driver loaded successfully.
Hooking IMQ after NAT on PREROUTING.
Hooking IMQ before NAT on POSTROUTING.
vlan2: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan2: del 01:00:5e:00:00:01 mcast address from master interface
vlan2: del 33:33:00:00:00:01 mcast address from vlan interface
vlan2: del 33:33:00:00:00:01 mcast address from master interface
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 01:00:5e:00:00:01 mcast address to master interface
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: del 33:33:00:00:00:01 mcast address from vlan interface
vlan2: del 33:33:00:00:00:01 mcast address from master interface
vlan2: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan2: del 01:00:5e:00:00:01 mcast address from master interface
br0: port 2(eth1) entering disabled state
br0: port 1(vlan1) entering disabled state
vlan1: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan1: del 01:00:5e:00:00:01 mcast address from master interface
vlan1: del 33:33:00:00:00:01 mcast address from vlan interface
vlan1: del 33:33:00:00:00:01 mcast address from master interface
device vlan1 left promiscuous mode
br0: port 1(vlan1) entering disabled state
device eth1 left promiscuous mode
br0: port 2(eth1) entering disabled state
vlan1: add 33:33:00:00:00:01 mcast address to master interface
vlan1: add 01:00:5e:00:00:01 mcast address to master interface
device eth1 entered promiscuous mode
br0: port 2(eth1) entering forwarding state
br0: port 1(vlan1) entering forwarding state
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: add 01:00:5e:00:00:01 mcast address to master interface

 

Can Hackers Steal Secrets from Reflections?

I encourage my students to go over and visit Rick, Paul and Bill’s blog.  In 2009, Rick posted a link to a Scientific American article on How Hackers Steal Secrets from Reflections.   Great Article.  With our students going through some of the best security courses available, these links are very valuable.

Although we used a mirror for this example, we have tried glasses and other reflective materials and you can take a picture and reverse the photo.

Reverse Image

Reversed with Irfanview

Corrected with IRFanview