|
发表于 2005-9-25 20:25:39
|
显示全部楼层
Slackware 10.2 Tips
主要关于无线网卡配置的
http://www.dualisanoob.com/slack_102_tips.txt
Wireless Access and Anonymity
-----------------------------
Oh, the can of worms you open when you go to the local cafe for some coffee and
a little Wi-Fi. We are going to show some things that can help you stay
anonymous at a public hotspot.
You know what we hate? Having our MAC address broadcast for all the world to
see. You don't need my MAC, nor does the owner of the hotspot need my MAC. The
purple-haired guy with the 12" iBook definitely doesn't need my MAC, and we're
going to take some serious steps to prevent it.
1. Make sure that no wireless interface comes up at boot.
The way we are going to do this is to edit the file /etc/rc.d/rc.inet1.conf.
For example, bland's network interfaces are set up so that eth0 is an Orinoco
wireless adapter and eth1 is a 3Com NIC. Determine which interface is your
wireless adapter with:
# iwconfig
Then you are going to, also as root, edit /etc/rc.d/rc.inet1.conf and remove the
"yes" from the USE_DHCP line for your wireless device as shown here.
USE_DHCP[0]=""
This brings networking and the interface up at boot, but does not solicit the
DHCP server at the hotspot, keeping your MAC your business. You may be asking,
"If my interface does not get an address from the access point, then I cannot
partake in the succint and prestigious Internet." That is true, more or less.
We are going to obtain an IP from the DHCP server, just not yet.
2. Spoof your MAC address.
The fact remains that you are going to need a MAC address for the DHCP server to
assign an IP to. So you are going to use a MAC address, just not the one that
came with your wireless card. There are many ways to spoof your MAC, but we
will show one basic method. As root, type
# ifconfig eth0 hw ether 00E:AD:BE:EF:00 up
# dhcpcd eth0
# ping -c2 google.com | grep received
See where it says "2 received, 0% packet loss" down at the bottom? The tingling
means that it's working. In just three lines, you:
- Gave your wireless card a unique MAC address
- Performed a DHCP transaction with dhcpcd that bound an IP to your new,
improved MAC
- Bounced two packets off of Google to assure ingress and egress from the router
that was kind enough to let you on with such a bunk MAC
- Have taken a large step towards protecting your privacy
3. Use your, possibly new, bash skills to automate such actions.
Remember adding /root/bin/ to root's path? This is where it comes in handy.
Copy those three lines above and paste them into a file called pubwifi in
/root/bin. Add "#!/bin/bash" to the top and then chmod 700 /root/bin/pubwifi.
Now when you go to your local haunt, you simply boot, su -, and type pubwifi.
Similarly, you can make a /root/bin/homewifi that contains your home wireless
settings, WEP and all:
--------------------------------------------------------------------------------
#!/bin/bash
/sbin/iwconfig eth0 essid SSID key INSERT_YOUR_WEPKEY
/usr/bin/sleep 1
/sbin/dhcpcd eth0
/usr/bin/sleep 1
/bin/ping -c2 google.com | /usr/bin/grep received
--------------------------------------------------------------------------------
Speaking of WEP, let us take this opportunity to address overall security. WEP
may be acceptable security for you, or it may not. As a Linux user, you are
more than likely conscious of security significant situations. Please use that
awareness.
A final wireless tip, which facilitates the awareness just mentioned, deals with
Ethereal. Capturing packets with Ethereal is a prvileged operation. You may
find that when you su - to run Ethereal on Slackware that you recive a display
error.
(ethereal:4148): Gtk-WARNING **: cannot open display:
You could log out and then log back in as root, working around the problem. Or,
you could just enter these commands, and then successfully launch Ethereal.
$ xauth extract .xauth $DISPLAY
$ su -
# export DISPLAY=":0.0"
# xauth merge ~username/.xauth
# ethereal
Addendum
--------
- Reduce laptop boot time by commenting out the probe line in
/etc/rc.d/rc.pcmcia and uncommenting the appropriate module.
# PCIC=probe
# PCIC=i82365
# PCIC=tcic
PCIC=yenta_socket |
|