* Spoof MAC address in Windows or gnu/linux

Oct 132009
 
 Posted by at 2:25 pm documentation, networking, wireless , , , , , , ,  No Responses »

start -> run -> regedit
make a backup, if you want.
goto:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}

look through the list of subkeys (0000, 0001, etc)
DriverDesc keyword will tell you which network adapter. For example, “NVIDIA nForce Networking Controller”
when you find it, right click and add -> new -> string value

new keyword:

Value Name: = NetworkAddress
Value Data: = your new MAC, with no space or : For example, 0019DB71C830

then type:

ipconfig /release
ipconfig /renew
ipconfig /all   (to verify the new mac took)

Now your a l33t Winblows H4|<3r! If you want to go back to your hardware MAC, remove the NetworkAddress key and restart the interface.

FYI, in gnu/linux follow these simple steps to change your MAC address

ifconfig eth0 hw ether 00:19:DB:71:C8:30

if you get this error

SIOCSIFHWADDR: Device or resource busy - you may need to down the interface

do this

ifconfig eth0 down

and try to change the MAC again.

* Free Wireless in Santa Fe, NM

Oct 122009
 
 Posted by at 11:13 am wireless ,  No Responses »

Here is a list of free wireless spots in Santa Fe. I’m sure I will miss some or make errors, please let me know. I don’t list locations that use a password, as it irritates me when people inconvenience patrons for some ignorant reason.

* Santa Fe Baking Company (one of the first and best wireless spots in town, lots of seating and ample power, food and kitchen smell can be harsh)
* Pyramid Cafe (VERY fast internet, Amazing Mediterranean food)
* Second Street Brewery (very solid reliable connection, inside or out. great beer too!)
* Counter Culture Cafe (the qwest connection goes down a lot, the ap is too far from the seating area, but great place to hang, eat and work)
* Teahouse (The best selection of teas and generally good internet, very relaxing place. great food too)
* Aztec Cafe (small but friendly environment, good coffee and sandwiches)
* Blue Corn (the bar downtown has it, ask the bar tender for password (indiapaleale). The southside is open AP and I think the essid is jaguar)
* Flying Star Cafe (the wireless is always slow, food is overpriced and not very good. They use sputnik as a captive portal, its annoying to ask users to sign up for internet. I login with user: free pass: wireless There is a lot of space and the air is fresh)
* Santa Fe Brewing Company (its awesome they provide internet so far out of town)
* Backroad Pizza (south side location has it, not sure about the 2nd street location)
* Joe’s Good food, friendly staff, good internet
* Body (great healthy food, limited seating in front cafe area, back dining area reserved for no computers and no cell phones :-)

* openwrt, firewall to block public wireless from private lan

Oct 072009
 
 Posted by at 7:14 pm firewall, wireless , , ,  No Responses »

A while ago Second Street Brewery asked for a good stable public wireless internet connection. Of course, the solution was obvious, openwrt on a linksys wrt54gl. The office, point of sale and public networks all share the same gateway. The problem was segregating the public wireless network from the private office lan. Sam (http://thepromisedlan.org) and I set out to setup a firewall to protect them. This is what we came up with:

check if the following is in /etc/config/firewall otherwise, add it

config include
option path /etc/firewall.user

and in /etc/firewall.user we put:

#Insert this into the chain, so 10.1.10.0/24 (office) can connect to public 192.168.10.0/24.
#This rule gets repeated by the setup script /etc/init.d/firewall.
iptables -I FORWARD 1 -m state --state RELATED,ESTABLISHED -j ACCEPT

#block all traffic to any possible private network address (10.*.*.*, 172.16-32.*.*, 192.168.*.*)
iptables -I FORWARD 2 -d 192.168.0.0/16 -j DROP
iptables -I FORWARD 2 -d 172.16.0.0/12 -j DROP
iptables -I FORWARD 2 -d 10.0.0.0/8 -j DROP

If you would like to have remote administration on the openwrt so you can access the luci web interface and ssh from the wan side of the router, you can change /etc/config/firewall wan zone to allow it. !!WARNING!! If you are directly connected to the internet, this will expose your open ports to the world. You should take precautions to secure them before changing this firewall rule.

config 'zone'
option 'name' 'wan'
option 'input' 'REJECT' #<- change this to ACCEPT
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
option 'masq' '1'