Some interesting links related to 802.11b; mostly gleaned from BAWUG postings. Currently unordered.

Intriguing use of Fujitsu Stylistic 1200 as a portal box:
Rob Flickenger writes: "We're using them in Sebastopol to run the NoCatAuth portal (it gives co-op users a 'login', and casual users a 'this network brought to you by' splash screen.) Connect a Stylistic to your DSL and over a crossover cable to an AP in bridge mode, and you have an active portal with bandwidth throttling and firewalling. When the software AP mode drivers for Linux come into their own, we'll even eliminate the AP. You'll want at least 16Mb total if you wanna run the portal.

They also make a handy repeater (two radios, one with a directional to get to the backbone, and the other repeating locally, maybe even over another directional.) They're battery powered, cheap, small, and really handy..."

See the NoCatNet site for details on the portal software, and an excellent set of links to related projects.

Steve Cybuch wired a USB port into his Fujitsu Stylistic 1200 so he didn't need to use the port expander.

Terry Schmidt built a super low-cost weatherproof enclosure for an access point. Go Rubbermaid!

Recycling a Primestar dish as a directional antenna.

External antenna for Apple Airport. A similar trick would work for the Lucent/Orinoco RG-1000, since they are basically the same inside.

Doug Ambrisko has a version of FreeBSD for an Airport. Bob Vaughan used Doug's work to derive picobsd.

Linux based wireless sniffer, WEP cracker (AirSnort). Bob Tanner says it "Works like a charm with Prism2 cards."

Slashdot link to an article about free 802.11b access. Beware: this Slashdot link references an Infoworld article that has inaccuracies, and the content is a matter of quite a bit of debate on the BAWUG mailing list.

Innovative use of steel tubing, washers, wire, and pringles/planters cans:
http://www.netscum.com/~clapp/wireless.html
http://verma.sfsu.edu/users/wireless/pringles.php

A list of various plans for innovative 802.11b antennae.

A response to a query wondering about linking some buildings that were a separated by a couple thousand feet:

From: Evil Pete
Date: Wed, 29 Aug 2001 07:12:39 -0700

If you have phone lines between the buildings you can use that copper for 10Mbt connections with a Netgear product phoneline x10 (PE102). At Defcon we used a few of these devices to "deliver" network connectivity the APs in the pool area and rear of the hotel using the ancient copper we had problems maintaining dialup over. These puppies can practicality send data over wet string. http://www.netgear.com/product_view.asp?xrp=7&yrp=17&zrp=43

From: moore@eds.org (Jonathan Moore)

29 Aug 2001, Rob Flickenger wrote:
> We have had some interesting results using VTUN over SSH... Yes, the
> tunnel goes down when you move from AP to AP, but you can script it to
> reestablish. And it can give you the oddity of a "real" IP behind a NAT,
> which tends to spook the local network jockeys...

If you want to do strange tunnels and you are using linux or windos then you should check out CIPE:
http://sites.inka.de/sites/bigred/devel/cipe.html
It is a udp based crypted tunnel which will go through just about any thing, even a SOCKS proxey. Also on the same site check out:
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html
for a explanation of why tunneling TCP trafic over ssh is a bad thing.

> What is the best method of connecting the WAP11 to the antenna. Should I
> remove the N connector and add a connector compatible with the Linksys, or
> should I make an adaptor?

Your best bet would be to make a custom (or purchase) cable with N-female on one end and RP-TNC male (I think) on the other. It would be best to use the lowest loss cable as possible like LMR-400 and of course keep the runs as short as possible. One possible place for the needed parts is http://www.rfparts.com

As for enclosures I have no experience in this but obviously anything water proof. Power over ethernet is also a plus. One idea is to use a bulk head connector like http://www.rfparts.com/connectors.html#N (Fig. 18N). This way it will be easier to water proof your enclosure.

Wireless Firewall Gateway White Paper
http://www.nas.nasa.gov/Groups/Networks/Projects/Wireless/index.html

When using AiroPeek, make sure that you have the correct channel selected for the AP that you desire to listen to. Wildpackets claims they are working on supporting the Orinoco (hermes) card, which means a couple of months out.

NetStumbler is great for finding this out (Channel), but then that app only works now on hermes cards. I know Marius is working on this and other improvements to NetStumbler.

Earlier in this thread there were some incorrect statements about chipsets:

The Cisco Aironet 340/350 is similiar to the Prism 2 but not the same. The Lucent Orinoco card is NOT a Prism 2 card. It is Lucent's own chipset (hermes).

AirSnort and AirSniff will only work on Prism 2 cards. Also one will have to passively capture 110meg to 1 gig of traffic before attempting to recover the WEP key set.

Prism 2 cards include the following:
Bromax Freeport
Compaq WL100
D-Link DWL-650
GemTek (Taiwan) WL-211
Linksys WPC11
Samsung SWL2000-N
SMC 2632W
Z-Com XI300
Zoom Telephonics ZoomAir 4100
LeArtery Solutions SyncbyAir LN101

Hermes type cards include the following:
Orinoco (aka Wavelan Turbo, Gold & Silver)
Dell TrueMobile 1150
Toshiba 802.11b Wireless Cards
Compaq WL110
Cabletron Roamabout
ELSA AirLancer
ARtem ComCard
1stWave 1ST-PC-DSS11
Buffalo Airstation WLI-PCM-L11

From: "Bob Hrbek" (bhrbek@bextreme.net)
To: (wireless@lists.bawug.org)
Subject: Re: [BAWUG] Wavelan/EC -WAP11 == APclient || AP || Bridge
Date: Fri, 28 Sep 2001 01:27:10 -0500

You can now make a WAP11 (with latest firmware) act as an AP client
and setup this:
(wireless and wired)LanA------WAP11(APmode)<----wireless----->WAP11(APclientmode)----LanB(wired only)

I have this setup and it works fine. Check out the config utility pic. http://www.speakeasy.org/~puckett/lc.jpg

Date: Thu, 11 Oct 2001 14:18:15 -0500 (CDT)
From: Nate Carlson
To: Jon Knight
cc: "wireless@lists.bawug.org"

On Thu, 11 Oct 2001, Jon Knight wrote:
> Does it? I've been trying to get Win2K to talk IPsec via a FreeS/WAN
> gateway on a Linux box with little success. Whilst I can get it to do
> IPsec been the Win2K box and the Linux box itself in host mode, I can't
> persuade the Win2K machine to do tunnelling properly. I've had a look on
> the FreeS/WAN mailing lists/FAQs and this appears to be a known problem.
>
> If you know different, please do share your ipsec config with us! :-)

Yeah, it works fine, as long as you have patched FreeS/WAN with X.509 support, and you have a static IP on the Windows side.

FreeS/WAN config just looks like:

conn ipsec
authby=rsasig
left=%any
leftcert=client.pem
right=(your linux box's ip)
rightcert=localhost.pem
auto=add
pfs=yes

conn ipsec-world
authby=rsasig
left=%any
leftcert=client.pem
right=(your linux box's ip)
rightcert=localhost.pem
rightsubnet=0.0.0.0/0
auto=add
pfs=yes

Then, on the Windows side, you have to create two connections, both using the client's certificate for authentication. For the localhost->world tunnel, you set up the vpn gateway as the ip of your vpn gateway. For the world->localhost tunnel, you set the vpn gateway as your local ip address (this is where your static ip comes in).

Pretty easy, all in all.. I was surprised!

To: wireless@lists.bawug.org
From: Marvin Demuth
Subject: Re: [BAWUG] 900 mhz wireless

At 07:57 PM 10/20/01 -0400, Jerry A. Shenk wrote:
>Anybody know anything about 900 mhz wireless data transfers? From what I've
>found so far, it looks like it's all fairly old stuff. Looks like the
>Proxim Rangelan was one, probably prior to the 2.4 gHz Range2Lan. It also
>looks like WaveLan was originally a 900 mhz name.
>
>I'm guessing that security on those things was probably non-existent. I'm
>also wondering what it would take to intercept some traffic.

It is interesting that you asked today. I spent hours this morning researching this subject. If you would like to look at the higher-end of what is available and can be done with 902-928Mhz applications, look at this site:

http://www.nova-eng.com/novaroam.html

There is complete documentation of the 70 mile LOS application that utilizes this technology for IP traffic.

Months ago, I read the information is this link: http://isp-lists.isp-planet.com/isp-satellites/0105/msg00030.html

This short quote down in the body of one of the messages might whet your appetite to read it:

...There is NO 2.4ghz radio that can do that under those jungle, canopy, wet leaves, conditions. With one possible exception - the very new Nova Engineering Roaming radios - 902-928Mhz with almost 1 watt of power, which have been tested to 70 miles LOS, AND were MADE for IP traffic. But THEY cost $1,800 apiece!

From: Phil Cox "phil.cox@systemexperts.com"
Subject: RE: [BAWUG] 802.11B vs A
Date: Wed, 7 Nov 2001 21:26:43 -0800

A good paper I found was at http://www.mobilian.com/documents/2.4GHz_and_5GHz_WLAN.pdf

Date: Fri, 23 Nov 2001 03:39:47 -0800
From: Matt Peterson
To: wireless@lists.bawug.org
Subject: [BAWUG] MDC's SecureSupplicant (802.1x for Linux)

Meetinghouse Data Communications has released SecureSupplicant offering 802.1x support in Linux for both wired and wireless devices. MDC's SecureSupplicant (802.1x for Linux) http://www.mtghouse.com/supplicant_priv.html

From: "John E. Kreznar"
To: NANP@jetcafe.org, wireless@lists.bawug.org
Subject: [BAWUG] Linux on Apple Airport

Noted on the FreeSwan mailing list: Linux has been ported to the Apple Airport.

http://www-hft.ee.tu-berlin.de/~strauman/airport/airport.html

From: "natecars@real-time.com"

Subject: [BAWUG] Firmware Collections for WAP11 + RG-1000

I finally got my RG-1000's on the $59 special, and in playing around with them, found that nobody seemed to have the newest versions of the firmware available anywhere. So, I've started collecting various firmware versions for both the Linksys WAP11 and Orinoco RG-1000 on my web site. Everything I've got right now is available at:

http://www.natecarlson.com/wireless/

Current firmware available:

WAP11:
1.3k1 (Linksys)
1.4g5 (Linksys)
1.4g7 (SMC)
1.4g8 (Linksys)
1.4h3 (Linksys)

RG-1000:
Airport v1.3.1
Airport v2.0
RG-1000 v3.90
AP-500 v3.92
AP-1000 v3.92

I also have the 3 newest configuration utilities for the WAP11's on the site.

WAP 11 Antennas:
On Thu, 17 Jan 2002, Gary Eck wrote:
Does anyone have a recommendation for external antennas for the Linksys WAP11? Only need to go about 600 feet between buildings.

Go with the cheapest panel you can find.. Superpass (www.superpass.com) has some good deals; and they are great guys to deal with.
Nate Carlson | Phone : (952)943-8700
http://www.real-time.com | Fax : (952)943-8500