Mandrake 10.1 Download Edition + FakeAP
HOW TO
Install Guide
Modified for FakeAP March 13 2005
[email protected]
Description
The primary goal of this How-To is to install and configure Mandrake 10.1 with HostAP + FakeAP These instructions were created using the following hardware: Asus P4PE-V, Pentium 4 Motherboard based PC with Mandrake 10 download edition on a 8.4GB IDE hard drive. The wireless card used is a Netgear MA311 PCI card for a desktop system. A Proxim mini PCI card and PCI adapter card using a Texas Instruments 1410 chipset was not successful for this task and was removed from the system.
Problems
This installation may depend on the Mandrake Linux 10.1 & Airsnort RPM How to in that it was performed after that installation. It may not work if used alone.
When the initial Mandrake 10.1 installation was done the orinoco_cs (for Orinoco mini pci card in a TI 1410 based adapter) and orinoco_pci (for Netgear MA311) drivers were modified to version orinoco-0.15rc2 and set to be loaded automatically upon startup. (I have not figured out how to stop them from loading yet)
Turn off or remove any other network adapters. If you leave them in you will be eth2, eth3 or something that will really confuse you. I had the internal Broadcom BCM4401 10/100 adapter installed and it caused my wireless adapter to be numbered eth2. It was real confusing. Lets keep it simple and get it to work before screwing it up.
As of 03/13/05 this document is in alpha draft and may contain errors with the procedures , installation steps or operation.
Index
Install Mandrake 10.1 Linux (Not
needed if you did the Mandrake 10.1 Airsnort install)
1. Internet Station
2. Configuration Console
3. Console tools
4. Gnome Desktop
Created a user called "admin"
Install Mandrake 10.1 Linux Kernel Source (not needed if you did the Mandrake 10.1 Airsnort install)
When Mandrake 10.1 boots up and after you log in you will find that the Netgear MA311 is not functioning and was not installed during the installation.
Several files will be required to complete the installation process. Download the following files into the specified directories:
Install prism2 utilities (not needed it you did the Mandrake 10.1 Airsnort install)
From the GUI open "Computer" icon and go to /root
Run the prism2-utils-0.2.1-0.pre21.2mdk.i586.rpm package. Follow the on screen instructions.
Install
HostAP Drivers (Required)
HostAP This is a Linux driver for wireless LAN cards based on Intersil's Prism2/2.5/3 chipset. The driver supports a so called Host AP mode.
Open a terminal window as "root"
# cd /root
# tar -zxf hostap-driver-0.3.7.tar.gz
# cd hostap-driver-0.3.7
# make
# make install
Unload the orinoco_pci driver
# ifconfig eth0 down (shutdown the orinoco driver)
# modprobe -r orinoco_pci (unload the orinoco driver)
Load the hostap PCI driver.
# modprobe hostap_pci (this loads the hostap driver)
# ifconfig wlan0 up (start the wireless network interface)*
(if you have more than one adapter ifconfig eth0,eth1 or whatever but you will have to sort that out)
* if you skip this step it will seem like its working but nothing is being transmitted.
Startup Example
[root@localhost root]# ifconfig wlan0 up
[root@localhost root]# cd fakeap
[root@localhost fakeap]# perl fakeap.pl --interface wlan0 --wep 0.7
fakeap 0.3.1 - Wardrivring countermeasures
Copyright (c) 2002 Black Alchemy Enterprises. All rights reserved
Using interface wlan0:
Using WEP with probability 0.7
Using 22 words for ESSID generation
Using 2 vendors for MAC generation
To check if the driver loaded: (return should have wifi0 )
# dmesg
[root@localhost root]# dmesg
hostap_pci: 0.3.7 - 2005-02-12 (Jouni Malinen <[email protected]>)
PCI: Found IRQ 11 for device 0000:02:0b.0
PCI: Sharing IRQ 11 with 0000:00:1d.7
hostap_pci: Registered netdevice wifi0
wifi0: Original COR value: 0x50
prism2_hw_init: initialized in 198 ms
wifi0: NIC: id=0x8013 v1.0.0
wifi0: PRI: id=0x15 v1.0.7
wifi0: STA: id=0x1f v1.3.6
wifi0: defaulting to host-based encryption as a workaround for firmware bug in Host AP mode WEP
wifi0: defaulting to bogus WDS frame as a workaround for firmware bug in Host AP mode WDS
wifi0: Intersil Prism2.5 PCI: mem=0xef800000, irq=11
wifi0: registered netdevice wlan0
[root@localhost root]#
If wifi0 is present then the driver loaded. Note that the wifi0 device is registered as wlan0. We will be using wlan0 as or interface later.
# iwpriv wifi0
You should get something like this: If not it did not load.
[root@localhost root]# iwpriv wifi0
wifi0 Available private ioctl :
monitor (8BE4) : set 1 int & get 0
readmif (8BE3) : set 1 byte & get 1 byte
writemif (8BE2) : set 2 byte & get 0
reset (8BE6) : set 1 int & get 0
inquire (8BE8) : set 1 int & get 0
set_rid_word (8BEE) : set 2 int & get 0
maccmd (8BF0) : set 1 int & get 0
wds_add (8BEA) : set 1 addr & get 0
wds_del (8BEC) : set 1 addr & get 0
addmac (8BF2) : set 1 addr & get 0
delmac (8BF4) : set 1 addr & get 0
kickmac (8BF6) : set 1 addr & get 0
prism2_param (8BE0) : set 2 int & get 0
getprism2_param (8BE1) : set 1 int & get 1 int
txratectrl (0002) : set 1 int & get 0
gettxratectrl (0002) : set 0 & get 1 int
beacon_int (0003) : set 1 int & get 0
getbeacon_int (0003) : set 0 & get 1 int
pseudo_ibss (0004) : set 1 int & get 0
getpseudo_ibss (0004) : set 0 & get 1 int
alc (0005) : set 1 int & get 0
getalc (0005) : set 0 & get 1 int
dump (0007) : set 1 int & get 0
getdump (0007) : set 0 & get 1 int
other_ap_policy (0008) : set 1 int & get 0
getother_ap_pol (0008) : set 0 & get 1 int
max_inactivity (0009) : set 1 int & get 0
getmax_inactivi (0009) : set 0 & get 1 int
bridge_packets (000A) : set 1 int & get 0
getbridge_packe (000A) : set 0 & get 1 int
dtim_period (000B) : set 1 int & get 0
getdtim_period (000B) : set 0 & get 1 int
nullfunc_ack (000C) : set 1 int & get 0
getnullfunc_ack (000C) : set 0 & get 1 int
max_wds (000D) : set 1 int & get 0
getmax_wds (000D) : set 0 & get 1 int
autom_ap_wds (000E) : set 1 int & get 0
getautom_ap_wds (000E) : set 0 & get 1 int
ap_auth_algs (000F) : set 1 int & get 0
getap_auth_algs (000F) : set 0 & get 1 int
allow_fcserr (0010) : set 1 int & get 0
getallow_fcserr (0010) : set 0 & get 1 int
host_encrypt (0011) : set 1 int & get 0
gethost_encrypt (0011) : set 0 & get 1 int
host_decrypt (0012) : set 1 int & get 0
gethost_decrypt (0012) : set 0 & get 1 int
busmaster_rx (0013) : set 1 int & get 0
getbusmaster_rx (0013) : set 0 & get 1 int
busmaster_tx (0014) : set 1 int & get 0
getbusmaster_tx (0014) : set 0 & get 1 int
host_roaming (0015) : set 1 int & get 0
gethost_roaming (0015) : set 0 & get 1 int
bcrx_sta_key (0016) : set 1 int & get 0
getbcrx_sta_key (0016) : set 0 & get 1 int
ieee_802_1x (0017) : set 1 int & get 0
getieee_802_1x (0017) : set 0 & get 1 int
antsel_tx (0018) : set 1 int & get 0
getantsel_tx (0018) : set 0 & get 1 int
antsel_rx (0019) : set 1 int & get 0
getantsel_rx (0019) : set 0 & get 1 int
monitor_type (001A) : set 1 int & get 0
getmonitor_type (001A) : set 0 & get 1 int
wds_type (001B) : set 1 int & get 0
getwds_type (001B) : set 0 & get 1 int
hostscan (001C) : set 1 int & get 0
gethostscan (001C) : set 0 & get 1 int
ap_scan (001D) : set 1 int & get 0
getap_scan (001D) : set 0 & get 1 int
enh_sec (001E) : set 1 int & get 0
getenh_sec (001E) : set 0 & get 1 int
basic_rates (0020) : set 1 int & get 0
getbasic_rates (0020) : set 0 & get 1 int
oper_rates (0021) : set 1 int & get 0
getoper_rates (0021) : set 0 & get 1 int
hostapd (0022) : set 1 int & get 0
gethostapd (0022) : set 0 & get 1 int
hostapd_sta (0023) : set 1 int & get 0
gethostapd_sta (0023) : set 0 & get 1 int
wpa (0024) : set 1 int & get 0
getwpa (0024) : set 0 & get 1 int
privacy_invoked (0025) : set 1 int & get 0
getprivacy_invo (0025) : set 0 & get 1 int
tkip_countermea (0026) : set 1 int & get 0
gettkip_counter (0026) : set 0 & get 1 int
drop_unencrypte (0027) : set 1 int & get 0
getdrop_unencry (0027) : set 0 & get 1 int
Install FakeAP
Fake AP generates thousands of counterfeit 802.11b access points.
The installation of FakeAP is as follows:
# cd /root
# tar –xzf fakeap-0.3.1.tar.gz
# cd
/root/fakeap-0.3.1
To run FakeAP
# cd /root
# cd fakeap
# perl fakeap.pl –-interface wlan0 (Your adapter may be different eth0,eth1 etc.
# perl fakeap.pl (this will display a menu of switches find out more from the ReadMe file.)
If you want to use WEP then you have to copy hostap_crypt_conf file from the HostAp utilities.
Install HostAP-Utilities (if you
want to use WEP )
The Hostap-Utils provides a set of interfaces for accessibility.
The installation of HostAp Utilities is as follows:
#
cd /root
# tar –xzf hostap-utils-0.1.3.tar.gz
# cd /root/hostap-utils-0.1.3
# make
Copy the hostap_crypt_conf file to /usr/local/bin
# cp /root/hostap-utils-0.1.3/hostap_crypt_conf /usr/local/bin/
(if you look in fakeap.pl you will find that this is where the program expects to find host_crypt_conf)
03/13/2005 - Create How-to- some issues with Eth0. Eth1, Eth2, Wifi0
03/13/2005a - Installation
and operation steps are tested and repeatable.
Questions/Concerns/Comments
WARNING ! ! Use this HowTo at your own risk. No liability expressed or implied. It may even blow up your computer! My Email address is : [email protected].
Copyright 2005 [email protected] all rights reserved.