Page 254 - Hacking Roomba
P. 254
Chapter 12 — Going Wireless with Wi-Fi 235
The first thing to do when debugging any network is to reduce the number of variables to
make things as simple as possible. If you can create a private network with just the device under
test and the computer you use to test with, you don’t have to worry about getting confused by
data from other network devices. On an Ethernet network this means using a hub with only
the two devices plugged in. On a Wi-Fi network this means configuring an access point with a
different SSID name and only configuring the devices you want to connect to it.
Also, simplify your test Wi-Fi networks by turning off all security and authentication features.
When you have everything working, you can turn it back on, but they just get in the way when
you’re testing.
On Windows, the default PING.EXE program may not give you the expected results. You may
see either no response or responses with the broadcast address. This is wrong and partly due to
the Windows implementation of TCP/IP. Using Cygwin and its ping package helps a little, but
Windows machines may still be invisible to broadcast pings. In such cases, you can use nmap -sP
in place of ping.
Stumblers
Your operating system has a rudimentary means of detecting Wi-Fi networks, but it reports
only what it has noticed in a small window of time. Stumbler applications continuously scan
for wireless networks and provide a historical view of the observed networks and their signal
strength, usually in graphical form. For Windows there is NetStumbler (http://netstumbler
.com/), the progenitor of the stumbler moniker. For Mac OS X you can use iStumbler
(http://istumbler.net). For Linux, the built-in system command-line programs iwlist
and iwspy coupled with a few simple shell scripts give you the same information, and there
are several GUI programs available.
Low-Level Debugging
If you need to debug at an even lower level than what a stumbler provides, and look at the
raw Wi-Fi data emitted from both access points and wireless clients, then Kismet (http://
kismetwireless.net/) is for you. Kismet is an open-source tool for Linux to passively scan
Wi-Fi networks by putting a computer’s wireless adapter in promiscuous mode. It is a very pow-
erful tool used by network administrators to perform intrusion detection, detect unauthorized
access points, and do accurate site surveys of their facilities’ wireless networks. If you’re unsure
if a wireless device is transmitting at all, Kismet can detect if it is emitting any information.
If you suspect interference of a sort not identifiable by even Kismet, then you need a spectrum
analyzer. They examine a frequency spectrum you’re interested in and display it graphically.
Normally, these devices are extremely expensive: many thousands of dollars for a basic one.
The 2.4 GHz spectrum is full of chatter, not just Wi-Fi. The clever geeks at Metageek (www
.metageek.net/) have created a spectrum analyzer for $99 that plugs into your USB port
and analyzes just the frequencies of interest around 2.4 GHz for Wi-Fi, Bluetooth, cordless
phones, microwave ovens, and so on. It’s perfect when you’ve exhausted all your ideas as to why
your wireless connection has problems.
