Marcelo Toledo

One of the systems I work on is VexBox, a multi-architecture Linux distribution for hotspots, it comes with all the softwares needed to serve a user, dhcp server, legitimate ARP Spoof, web server, radius client, etc.

For simple testing purposes it’s ok to open up a notebook, find the SSID, connect and do all your tests. But some times you need more then this, you need more users, more time connected and you might not have all the resources you need.

That’s when I came up with the idea of creating a hotspot simulator. For each client we use an Access Point (AP) running a modified version of VexBox.

Each one of them can be seen as a real user with a Wi-Fi enabled device, they will do exactly the same thing users does, it will navigate, download, idle, roam between APs, disconnect, reconnect and everything you can imagine.

We have projected and implemented a model to handle twenty simultaneous users, they are stored in two piles connected to two switches and one external power source with enough watts with an on/off button.

The main software controls the clients telling them what to do, find the SSID, try to get ip, authenticate, do some traffic, disconnect and so on.

It is written in Python and has a ncurses GUI so you can watch clients activities and control each one of them individually or globally. This way it can run in background or screen for months and can be accessed from any external network via a simple shell.

If you enjoyed this post, make sure you subscribe to my RSS feed!

I think blog comments aren’t productive, that’s why I don’t allow them. A lot has been said, I’ll just quote what I agree with:

“…to the extent that comments interfere with the natural expression of the unedited voice of an individual, comments may act to make something not a blog…. The cool thing about blogs is that while they may be quiet, and it may be hard to find what you’re looking for, at least you can say what you think without being shouted down. This makes it possible for unpopular ideas to be expressed. And if you know history, the most important ideas often are the unpopular ones…. That’s what’s important about blogs, not that people can comment on your ideas. As long as they can start their own blog, there will be no shortage of places to comment.” Dave Winer ideas about comments on blogs.

“The important thing to notice here is that Dave does not see blog comments as productive to the free exchange of ideas. They are a part of the problem, not the solution. You don’t have a right to post your thoughts at the bottom of someone else’s thoughts. That’s not freedom of expression, that’s an infringement on their freedom of expression. Get your own space, write compelling things, and if your ideas are smart, they’ll be linked to, and Google will notice, and you’ll move up in PageRank, and you’ll have influence and your ideas will have power.”

“When a blog allows comments right below the writer’s post, what you get is a bunch of interesting ideas, carefully constructed, followed by a long spew of noise, filth, and anonymous rubbish that nobody … nobody … would say out loud if they had to take ownership of their words. Look at this innocent post on a real estate blog. By comment #6 you’re already seeing complete noise. By #13 you have someone cursing and saying “go kill yourself.” On a real estate blog. #18 and #23 have launched into a middle eastern nuclear conflageration which continues for 100 posts.” Joel Spolsky

If you enjoyed this post, make sure you subscribe to my RSS feed!

I’ve sent this message to the NetworkManager List, if the idea is well accepted I’ll implement it:

“I would like to add WISPr support to NetworkManager, I would like to hear your comments if it’s an acceptable feature, before I start working on it.

First of all, what is WISPr?

From wikipedia: WISPr or Wireless Internet Service Provider roaming - Pronounced “whisper,” WISPr is A protocol from the Wi-Fi Alliance that allows users to roam between wireless internet service providers in similar fashion to cellphones. A RADIUS server is used to authenticate the subscriber’s credentials.
Clearly speaking, when you have a hotspot with a captive portal where you have to type your username and password, normally you have an alternative form of authentication called wispr, which it’s commonly used by smart clients.

What’s the idea of implementation?

The only way to identify if a network is wispr compliant is after connecting to this network, perform a http request to an non-walled garden URL and it will return a standard XML tag.

This XML contains the url where you need to send your credentials and get automatically connected.

I would like to use the same structure used for security, but let me list all possible forms of networks:

• WISPr only
• WISPr + Encryption
• Encryption Only
• None

As you can see it’s an optional attribute combined or not with security. I would like to see it as a trigger after successful connection and I would to implement it flexible enough so other implementations could be added in the future, any kind of trigger after connection.

I am thinking about having one more select list called Post-Authentication, values [WISPr, others...], right bellow “Wireless Security”.

And when selecting WISPr it will draw a username and password text field, everytime connected to a wispr compliant network it would automatically authenticate myself.

If selected a network from the list where I never registered my credentials, I could be prompted any time to type it, just like encryption passwords.

Comments?”

If you enjoyed this post, make sure you subscribe to my RSS feed!