Page One

Campus Computing News

Academic Mainframe Services to be Terminated in 2003

ID Change Affects Some Users

Jove Shutdown Imminent

Appropriate Use of Personal Web Page Publishing on People.unt.edu

Summer Hours

Automatically Archiving Your GroupWise E-mail

UNT's General Access Labs

Today's Cartoon

RSS Matters

SAS Corner

The Network Connection

Link of the Month

WWW@UNT.EDU

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

Network Connection

By Dr. Philip Baczewski, Associate Director of Academic Computing

Adventures in Wireless Networking

I recently came into the possession of an Apple PowerBook G3 notebook computer for use as my home workstation. Although a couple generations behind, the G3 ("Wallstreet") PowerBook is still a quite nice system, with a 14 inch display that is larger than the Sony "15 inch" monitor I currently use at home. The notebook format is also nice because it's portable. If I want to index my CD collection (as if I'll ever get around to that project), I can take the computer to the CDs, rather than vice-versa. But more importantly, having a portable computer finally pushed me over the edge into the realm of wireless networking at home.

I'm not exactly a stranger to wireless, since at the office I have been using a PowerBook G4 with an Apple Airport wireless base station for several months. Over the last couple of generations of its computers, Apple has been building wireless capability into all of its models. The PowerBook G4 has an antenna built in around the display. An Apple Airport card installs in an internal slot and gets connected to that built-in antenna for seamless wireless operation. Apple's Airport software makes connecting to a wireless network a rather easy process, especially if you are using an Airport base station.

Venturing from the Fold

In setting up my home wireless network, I had one major criterion: cheap. Wireless base stations currently range in cost from about $130 to $500 or more, with the most common price point being about $150. Apple's Airport base station is around $300, but can also function as an Internet access point for multiple computers, since it has a built-in modem and an Ethernet interface. The newer model can also act as a firewall to a broadband or dialup Internet connection. Wireless base stations with such capabilities are usually in the $175-$500 range, so the Airport is not overpriced in this regard. My needs, however, were for something more basic. I just needed a device to act as a bridge from the wireless network to an Ethernet "wired" network.

Most current wireless data networking is based upon IEEE standard "802.11b". Wireless networking uses radio technology and broadcasts in the 2.4 Ghz frequency band (not one you could tune into on your FM radio). The data transfer rate for wireless maxes out at 11 megabits per second which is about the same speed as many "wired" networks (although 100 megabits per second is the campus standard and also the standard on new Ethernet-capable computers). Depending upon your base station and antenna card, a wireless network can operate as far as 150 to 1500 feet from the base station.

Getting on Base

In my quest for home wireless networking, I was lucky to find an SMC 2652W "EZ Connect" wireless base station on sale at a closeout price of about $80. This met all of my criteria: it connected directly to an Ethernet network; it implemented the 802.11b standard; it supported encryption of the network connection via "Wireless Encryption Protocol" (WEP) with 64 or 128-bit keys; and it was cheap. It was also billed as a "plug and play" device which required no configuration and could immediately start serving wireless computers as soon as it was installed onto a network.

The only catch was that the SMC base station only supports Microsoft Windows as a platform for configuring it. This is something I'm used to as a Macintosh and UNIX user. Most manufacturers don't want to take the trouble to make their computer products usable by Macintosh or UNIX users, since most of their sales go to people using Microsoft operating systems. Still, a resourceful Mac user can often work around this short-sightedness and figure out a way to survive in spite of this MS-centric market. In reading about the SMC base station I found that it supported Web browser-based configuration control, although it was operational as soon as it was attached to the networked and powered on.

In looking at the SMC documentation, they instructed using their Windows-based setup program to access the configuration screens. It appeared that all the PC program did was find the IP address that the base station was using on the network. Sure enough, when I fired up my LINUX system and scanned my home network, there was the base station talking on a local IP address. All it took was pointing my Web browser to that address and I was instantly connected to the configuration screens even though I was using a non-Microsoft browser on a non-Microsoft operating system. (Even if you don't have network scanning software, you can find your computer's network address in the TCP/IP control panel and do some guessing of addresses in the same numeric range.) I had full control over the base station and I was ready for the next step: connecting my PowerBook to the wireless network.

It's in the Cards

For a computer to communicate with a wireless base station, some kind of wireless radio device needs to be attached to that computer. There are three variants of such a device for desktop and notebook computers. Some connect via a USB (Universal Serial Bus) port. Others are in the form of PCI cards which can be installed in desktop computers. The third format is a PCMCIA card which is supported by many notebook computers or can be used in a compatible PCI card in a desktop system. These devices are currently priced around $50 to $90 with the PCMCIA and PCI card combination being slightly more expensive.

My PowerBook can support a PCMCIA format card, so my next task was to find one which which would fit my major criteria (cheap). While wireless PCMCIA 802.11b radio cards are available for as little as $49 or so (see http://www.tigerdirect.com/ for example), I needed to be sure I got one which was compatible with my Macintosh. After a bit of research the list was narrowed to the Proxim (used to be Farallon) Skyline or the Orinoco (used to be Lucent and might now be Agere, but no one can tell for sure) cards. There are two versions of the Orinoco cards. The "Gold" version supports 128 and 64-bit WEP, and the Silver supports only 64-bit WEP. Of these three options, the Orinoco Silver was the least expensive at about $75.

I chose the Orinoco Silver card, because I knew that Airport was at least developed around it (the original Airport base station contains an Orinoco Silver card and the new models contain an Orinoco Gold card) and I'd read reports where people had successfully used that card in a PowerBook G3. It also came closest to my major criterion (cheap) and I was satisfied that 64-bit WEP would meet my needs.

What's WEP Doc?

Maybe this is a good time to talk about WEP. Wireless systems which use WEP encrypt all traffic between the wireless devices and require a password to join the wireless network. The WEP encryption method uses one key to encrypt and decrypt the information and is considered to be a weak scheme as encryption goes. As with all encryption, the more numbers you can use to scramble the key, the harder it will be for someone to be able to "crack the code". Using this rationale, it would follow that 128-bit WEP would be preferable to 64-bit WEP and in general it is, however, the bad news is that both 64 and 128-bit WEP keys have been "broken" by researchers testing the robustness of the encryption system. This does not mean that WEP is not useful.

WEP for wireless networks is like the lock on the front door of your house. Most house locks can be defeated by a "brute force" method such as a battering ram, yet we still use them because they deter people who don't have a battering ram and would rather go find a less secure house than spend time figuring out how to get into yours. You can use a simple lock (64-bit WEP) or a deadbolt (128-bit WEP), but neither can totally guaranty the security of your front door. If you run a wireless network base station without WEP security turned on, it is like leaving your front door unlocked and standing wide open. It won't be vulnerable to a hacker at some remote location on the Internet, but anyone wandering by could walk in and help themselves to the contents of your refrigerator or jewelry box.

In my case, I was more concerned that one of my neighbors who happened to have a wireless card might wander onto my network (but actually, my neighbors seem to be nice people, so I'm not too worried). I suppose that neighborhood gangs of computer geeks might also be wandering the streets with their wireless computers finding all the open access points, but so far that hasn't been a problem in my neighborhood. Then there's the person driving by who happens to come into range of the wireless network (this seems silly, except that I've heard of people who have taken vacations driving up and down the California coast and mapping the wireless network access along the way). So in spite of the fact that I know and trust most of my neighbors, I still lock the front door and likewise decided that I needed at least 64-bit WEP to feel somewhat secure about my wireless network.

Putting it all together

I ordered my wireless base station and wireless PCMCIA card from different places, but within 5 minutes of each other on the same day, they both showed up on my doorstep (actually, that was kind of eerie since they were shipped via different "overnight" carriers). I instantly (after a 5-day wait) had all I needed to free myself from the leash of wired networking. I decided to work first with the wireless PCMCIA card in my PowerBook, since I would need it to see if the base station was working.

My initial action was to find the Orinoco Web site and download the latest drivers for the Orinoco silver card. This is a common practice of computer support professionals, since the latest versions usually fix bugs or improve functionality. Orinoco is one of the few pieces of wireless hardware which actually supports and provides drivers for Mac OS (one of the other reasons I chose it). I installed the latest drivers on my PowerBook and inserted the card. I could run the control panel for the Orinoco hardware, but it told me that there was no card installed (even though I had a card icon on my Mac OS desktop).

Not deterred, I decided to see if installing the latest Airport software would help. It didn't. Airport could not see any wireless card installed either. Next I uninstalled the latest Orinoco drivers and installed the older versions that came on the install CD which was packaged with wireless card. This included a "Wavelan" control panel (WaveLan being the previous name of the Orinoco hardware). Unfortunately, the Wavelan control panel would not run at all under Mac OS 9.2, so it was useless in determining the status of the wireless card. I eventually uninstalled the Wavelan driver and control panel too, and discovered that Airport could directly interact with the Orinoco card with no extra drivers needed. Airport could see the card and I could set TCP/IP to communicate via the wireless card, so I was getting closer to wireless nirvana.

Touching Base

The next step was to assemble and install the wireless base station. This process consisted of attaching a short black antenna to a connector on the back of the SMC unit and plugging in the now ubiquitous black-boxed power converter that comes with every piece of small electronic equipment (can't someone invent a smaller power converter?). Once it was powered on, I first checked to see if the Airport software could see a base station. There in the pulldown menu where it had not been before, was an entry named "WLAN." This was evidence that the SMC base station was indeed talking to my PowerBook. I connected the base station to my Ethernet network and suddenly I had wireless connectivity from anywhere in my house to the Internet -- nerdvana* achieved.

My joy was short-lived, however, because I immediately decided to do some customized configuration and turn on 64-bit WEP encryption. This was not hard to configure on the base station. I found it's IP address and connected to it via my Web browser. It let me sign in with a default password which I immediately changed via their configuration tools. I also customized the TCP/IP networking setup to match how I like to run my home network. Then I found the security configuration panel. Setting 64-bit WEP was a matter of selecting it on a pull-down menu and then typing in a password phrase to be used as the basis for generating the WEP "key" that is used to encrypt the network traffic.

Weeping over WEP

When you connect using WEP, Airport tells you that the base station requires a password. You type it in and theoretically you are then connected to the wireless network. I say theoretically, because I instead got a message from the Airport software that "there was a problem connecting to the wireless network." Here we see a basic flaw of easy-to-use systems like Mac OS: the error messages are just useless. I guess Mac software designers think that if there's any kind of error it must be the fault of your karma, and that you should just cease and desist trying to use that feature since you have not yet reached that level of enlightenment.

Instead, I opted for increased enlightenment via the Apple support Web site. It took quite a bit if digging, but after piecing together information from user discussions on the Apple site and other leads found via Google (my other source of enlightenment), I found that when using a third-party card with Airport software you must enter what apple calls an "equivalent network password" which is simply 10 hexadecimal digits (26 in the case of 128-bit WEP) and it must be prefixed by a dollar sign ($). I tried this and was heartened when the password seemed to be accepted. But, alas, when I tried to reach the Internet, there was no communication happening.

Making it Work

It took some more reading and some experimentation with different versions of Airport software to find out what would let all my wireless parts and pieces work together. In the process, I proved that version 1.3 was no more capable than version 2.2 at 64-bit WEP. In version 2 of Airport, Apple added support 128-bit WEP so it stood to reason that perhaps they had messed up 64-bit WEP in the process. This was somewhat reinforced by the fact that my G4 with the internally installed Apple Airport card and Airport 2.2 could connect and communicate through the SMC base station when it was set to use 128-bit WEP. The answer turned out to be simpler than I was trying to make it.

The SMC user's guide included the following gem of technical documentation:

'Key Entry - this field can be set to "Passphrase" or "Manual Entry". [So far so good...] The "Passphrase" means the key elements will be auto generated by the internal algorithm accroding the string defined in the Passphrase field. ["accroding"?? who wrote this, George Bush?] The "Manual Entry" means the key elements allow/need user key in by manually.'

Aha! "The Manual entry means the key elements allow user key in by manually!" Translated from SMC into English this means that you must select "Manual Entry" to allow the hexadecimal key elements to be keyed in manually by the wireless client user. Sure enough, once I'd done so, I had 64-bit WEP encryption and full network connectivity.

Some Final Thoughts

As I write these final paragraphs I am comfortably ensconced on my sofa with my wireless link to the Internet at full throttle. In the process of making it work I was pleased to find out how easily some parts worked together, but was disheartened at finding that technical documentation is in a sorry state these days, especially as regards wireless networking. In particular, Apple has no formal documentation on the wireless standards or operation. What little I did find was in the user discussion area and that was unfocussed. Only occasionally would an Apple support person chime in with a bit of a hint. I've yet to find any extensive documentation of the Airport software.

As we've seen, SMC's documentation is sparse and barely understandable as English. While the features of the SMC base station worked as minimally described, going beyond the default configuration proved to be a task made more confusing by their poor attempt at technical writing. Still, getting up and running only took two or three days of intermittent wrangling and in the process, I learned quite a bit about how the 803.11b standard and the hardware and software that implement it. But most importantly, I can sit on my sofa with my notebook computer on my lap and a functional Web browser and Internet connection. This really is nerdvana.

*credit goes at least partially to Scott Adams of Dilbert fame for the term "nerdvana".