Sunday, September 07, 2008

Sunday War-Sitting

You can't really call it War-Driving when you are sitting in a Lay-Z-Boy with your favorite drink (generic grape Gatorade, aka "DRANK"). So this Sunday, I bring you the first War-Driving story in many moons. Here's the setup ...

This past week I started reading about the new Ubuntu Intrepid alpha releases which among other cool improvements contains the "ath5k" driver which is built right into the latest kernel, 2.6.27 (still in development). The new breed of ath5k driver supports the Atheros card used for the Asus eee PC (horay). So I have installed the latest Xubuntu to my eee PC 2G surf and I have al ready noticed some grand improvements in my WiFi strength. While the "quality" is still not at all accurate, I am now able to connect to distant access points which wouldn't even show up in my list before. Thank you ath5k developers, for saving me from lacking madwifi support. Now on with the show.

This morning I sat down and connected to a nearby school which I had previously only explored from my bedside using "Audrey II" (my old iBook). Installing Wireshark (from their network, thank you) I revealed some interesting packets. Namely ... these right here ...

There were half a dozen packets every thirty seconds or so in broadcast form (hence the destination address ending in .255). In the data portion of the packet was "SynchronEyes". Not having any idea what this was, I did some Googling about it. It ends up that this is some software which teachers can use to set up live exams for their kids. How hard could it possibly be to find a copy of this to download and use? I Googled: intitle:"index of" synchroneyes. The to search result was someones accidental mirror of what I was after.

For this, I went back to my home network and downloaded the software. I also took a copy of that activation key text file. That will come in handy. And while I am at it, I should figure out how I am going to run Windows software on my eee PC running Xubuntu. So I went into terminal and did a "sudo apt-get install wine". Next, I ran wine against the installer.

I opted not to install the Internet Explorer toolbar, thankyouverymuch.

Hooray, ready to launch.

Uh oh, why do you need an e-mail address? I'm not giving you that.

It says that it can't connect to the Internet and my registration is no good. That's fine, because it still opens and runs. With the teacher console I made some ill attempts to start connecting to things. My first attempt was to connect to that address that I first came across sending out the broadcast packets. Still watching with Wireshark I could see that it told me to get lost in the form of a "RST" packet.

Oh wait. I think I understand it now. This is a student looking for a teacher. Let's see what my packets look like when I go searching for "a class to join".

Oops. We're all students waiting for a class I guess.

So I did the obvious thing. I made myself a class and waited for the student to join me. No dice. In Wireshark I could see that the student workstation recognized me as a teacher, but would not automatically join the class I had just created.

This little software package could be a lot of fun if I were to join it during school hours. Then I could create duplicate classes and derail students. Or perhaps I could join as a student, and begin asking insulting questions of the teacher. But then I will be at work while school is in session ruining the possibility of any fun like that.

There is still a lot of network to explore here, but I don't expect I will spend much more time on it. For one, when this particular private network ID looked familiar I did some research on what I was connecting to. It ends up that this school is managed by my old employer who performs network monitoring and security services. When I worked there, I had many conversations with the admin of this network. He is over-stretched, over-worked, and most definitely under-paid. It would be well of me to inform him that he has an unsecured wireless network here which I am sure he is not aware of.

But I will send that e-mail later. I still want to explore a bit.

No comments:

Post a Comment