» 2006 » August

At previous Defcons, someone would usually bring a WRT54G or equivalent for the hotel room. We would plug it into the hotel RJ45 port at the Alexis Park and have mad PAT action, bypassing the per-MAC fees on the internet access and "only" pay $10/day.

This year, I "volunteered" for the task of bringing network equipment. I was driving this year, so I went a little overboard: access point, switch, FrankenDell server/router, many network cables, and various small gear. And a cooler for Coronas. I even brought a $20 CompUSA AP/router just in case everything went to hell. I thought I did a good job on the server, with the usual services (DHCP, DNS, etc), and even an OpenVPN connection that would route/encrypt everything to my server in San Jose, just in case hax0rz were listening on the hotel network. BTW, the term "FrankenDell" came from the fact that I pieced it together from odd pieces of about 40 workstations that we were about to donate to charity.

Well we got to our room at the Riviera (Alexis Park had MUCH nicer/bigger rooms, but the Riviera's nicer/bigger convention space makes up for it), and I start unpacking gear. I got the server out, plugged in a few cables, and started looking for the RJ45 port for ethernet. And looked. And looked some more. Eventually I find the "wireless internet access for only $9/day!" card on the room table. We collectively thought of 2 things: 1) aww crap, we didn't think that the hotel internet access would be wireless, and 2) that network is going to be pwned pretty quickly, one way or another. And because of #2, we weren't too inclined to put a credit card # into the captive portal page that came up when one of us associated with the network.

Edgan got to work examining the wireless network's infrastructure, while I began looking at ways to modify the FrankenDell to be able to route stuff through the wireless network. We could route stuff through somebody's laptop, but nobody liked the idea of turning their laptop into a full-time router. We could turn our own AP into a bridge client and plug it into the "outside" interface of the FrankenDell, but unfortunately the AP was a WRT54G, and only WAP54Gs could natively bridge. We could flash the WRT54G with OpenWRT and let it do bridging, but that requires internet access and is, like, hard. We could attach a USB wireless port to the FrankenDell, but all we turned up is a WUSB54G that required ndiswrapper for Linux, and the Frankendell has neither internet to download ndiswrapper, nor ndis drivers for loading into ndiswrapper, nor development tools/kernel headers to compiel ndiswrapper. At this point, a few of us decided we need to find a better USB wireless adapter. To Fry's!

In the meantime, Edgan got a few details. The captive portal box is running Mandrake (will probably get rooted), and unauthenticated, only TCP ports 80 and 8080 were open, both redirecting to the captive portal software. Also, UDP port 53 was open to the outside world, unmolested. Woohoo! We could run OpenVPN to a server that is listening on port 53! (OpenVPN rocks because it just requires UDP. No GRE or anything fancy.) However, chicken/egg problem... Can't get outside to set up a server on port 53 without the VPN. However... Edgan checked port 53, but did he check other... no! All UDP ports are available unauthenticated! I had OpenVPN on my laptop, so I fire it up, and sure enough, I now had free internet access. Now, for the others... We jump in the nuclear-powered Prius and drive to Fry's.

At Fry's, we head for networking, and call ghz to google various network cards. We were ideally looking for an old prism2 or hermes-based card, either in USB or half-height PCI. However, all we found were new crap which either had a broadcom chipset (FrankenDell didn't have 2.6.17, and development tools/kernel headers would take a long time to download), atheros chipset (same deal with kernel headers for madwifi), or even worse, we weren't sure since vendors change chipsets frequently and don't list the version on the box art. No 802.11b-only cards to be found. At the last minute, I thought of using a PCCARD PCI adapter, as I had an orinoco silver card in my laptop bag, but I was unlikely to find an adapter at Fry's. But pdx6 stepped in and said he saw one in the Mac aisle. Sure enough, a full PCCARD adapter, not just a dumb wireless bridge for a certain card. It was full-height, but we could just set up the FrankenDell with the case opened slightly.

We brought it back to the hotel room and opened the case... only one problem: the adapter plus orinoco card extended WAY past the end of the case, so while the adapter itself could be fit in the PCI slot, there was no way of getting the orinoco card in. However, the machine was basically expendable, so we could hack off the back of the case. But... all we had in the way of tools was a screwdriver; a Dremel would have been nice. 20 minutes, 1 screwdriver, a lot of swearing, and some blood (ghz's) later, we got enough of the case hacked off to fit the entire card into the case. Booted it up, Debian found the PCCARD bridge and Orinoco card just fine (even gave it eth1, the same interface that the former wired card had, so I didn't have to change any of my firewall scripts), and OpenVPN worked.

So that's it. We bastardized a Dell case, and got free in-room internet access as a result. With our little case mod, we inadvertantly redefined the word FrankenDell for this case. The VPN worked fine, and the hotel wireless was amaingly up for a good 80% of Defcon. Folks, this is the kind of story you tell your grandchildren.

1 Comment
Posted in Uncategorized
This post was imported from LiveJournal.

Article posted on Aug 7

NoDoz

Posted by Ryan Finnie on August 7, 2006, 7:22 pm

I'm back from Defcon. Don't ask me how, but I consistenly make the 11 hour drive in 6.5 hours without ever going over the speed limit. :)

Anyway, I have problems with drowsiness while driving long highway trips. Even if I'm not tired, I still get drowsy. So on the way back I figured I'd try NoDoz, which I had never tried before. I got a travel packet with 2 doses, and took one dose about a half hour outside Vegas, and the other about 4 hours later. They worked as intended but appearantly it has a rather interesting side effect for me...

Read the rest of this entry »

1 Comment
Posted in Uncategorized
This post was imported from LiveJournal.

Article posted on Aug 6

FrankenDell

Posted by Ryan Finnie on August 6, 2006, 4:51 pm

FrankenDell, originally uploaded by fo0bar.

I will be posting details about why this abomination came to exist later. All I can say for now is, as you can probably tell, no Dremels were used in this case mod.

Leave Comment
Posted in Uncategorized
This post was imported from LiveJournal.

Article posted on Aug 2

Finnix 88.0 Released!

Posted by Ryan Finnie on August 2, 2006, 2:14 pm

Finnix is a small, self-contained, bootable Linux CD distribution for system administrators, based on Debian testing. Today marks the release of version 88.0 for the x86, PowerPC, and UML/Xen platforms.

Finnix 88.0 features Linux 2.6.17, a faster, more complete hardware autodetection routine, DMA mode enabled by default, Broadcom 43xx support, a DOS boot profile, and NTFS write support. Linux 2.6.17's new bcm43xx drive has been tested successfully on both G4 PowerBooks and x86 laptops with Broadcom cards, even with optional wpa_supplicant. FreeDOS ODIN, a 1.44MB image containing many DOS utilities may be booted by typing "dos" at the boot menu. The NTFS FUSE package, while present in Finnix 87.0, has been heavily tested, and seems to work rather well. Instead of mounting the normal way, simply type "ntfsmount /dev/hda1 /mnt/ntfsmount" to use the FUSE functionality.

Home page: http://www.finnix.org/
Download: http://www.finnix.org/Download
Release notes: http://www.finnix.org/Finnix_88.0_release_notes

P.S. Many thanks to the Oregon State University Open Source Lab for providing primary Finnix release mirroring, after still-unresolved problems with SourceForge's mirroring system. Thanks OSL!

P.P.S. This announcement is being made a day early, as I'm confident I'll have internet access tomorrow evening, and I'd rather release a day early than a day late.

Leave Comment
Posted in Finnix
This post was imported from LiveJournal.

Ryan Finnie

Site Search

Identica Posts

@frankenspock Hi.
@majnoona See? Isn't this much better than not having Pad Thai? http://www.flickr.com/photos/fo0bar/4417322363/
@frankenspock Pad Thai...Jar.
@majnoona Wait, why aren't you having Pad Thai? That seems wholly inferior to actually having Pad Thai.
@frankenspock I don't like medical programs.