Pages

Friday, June 10, 2011

How to setup an Ad-Hoc Network and Secure it

Ad hoc networkAd-hoc Network is a decentralized wireless network which you can setup in your home or organization. If you use mobile devices in the network then it becomes a mobile ad-hoc network (MANET). Ad-hoc Networks can be used to form a local network and share internet connections. There are many advantages associated with this system.
First of all, it saves you the bandwidth and can be improvised to share the download streams. This means that it is possible to form a peer to peer (P2P) network and download files from your ‘peers’ (other people who are connected to the network), provided someone has already downloaded that file. Moreover it increases the scalability of wireless network and is totally independent of any ‘access points’ (as in normal wireless networks).


But one of the biggest mistakes that people do is that they use WEP for encrypting the data in the network. This is futile, as WEP encryptions can easily be decrypted. And anyone can intercept the messages and see what you are actually doing in the network.

This post of Borntohack shows you how to setup an ad-hoc network and secure it using WPA encryption method.

Setting up the network

Note: You need to issue all  commands as ‘root’ user

Before you start configuring the network, you need to stop the network manager:
/etc/dbus-1/event.d/25NetworkManager stop

Now stop the interface from running by issuing:
ifconfig eth1 down
I have wireless extension in my ‘eth1’ interface. Sometimes you interface may be wlan0, in that case you need to issue:
ifconfig wlan0 down

In order to enable ad-hoc mode in your wireless card issue the following command:
iwconfig eth1 mode ad-hoc

Now you can set the channel by giving this command:
iwconfig eth1 channel no
(Replace ‘no’ by the number)

Create an SSID (name) for the adhoc network
iwconfig eth1 essid ‘name_of_your_network’

You also need to add your WEP encryption key (Please note that here we are adding the WEP key. We will enable WPA later)
iwconfig eth1 key your_key

Enabling network

Enable the interface by issuing:
config eth1 up
Then, start dhclient (for DHCP) to get address
dhclient eth1

Now you are connected to the ‘network’. You may use the iwconfig command to see the details. You can also find the ‘cell number’ here. Others can also connect to this ‘network’ now, and you need to make sure that they are also in the same ‘cell’. Once they are connected, try pinging a peer.
ping ip_address
Well, when I tested this it don’t work. But when I used
ping -I eth1 ip_address
it worked. So you can also try the command by specifying the interface.

Now go to ‘/etc/network/interfaces’ file and add the configuration details

auto eth1
iface eth1 inet static
wireless-mode ad-hoc
wireless-channel no
wireless-essid ‘name_of_your_network’
wireless-key your_key
address 192.168.0.2
netmask 255.255.255.0
gateway 192.168.0.1

Wireless cards
My wireless card is Broadcom and it worked properly. But one of my friends had to use the Madwifi driver in order to enable ad-hoc mode. We also found that Intel cards are working fine in the network

Using WPA
It is very easy to setup the network using WEP. But the network is not secure and this makes it useless. But you can enable WPA by using ‘wpa_supplicant’ (which you can find in your distribution’s repository).
After installing wpa_supplicant, open wpa-adhoc.conf and add:

ap_scan=2
network={
        ssid="name_of_your_network"
        mode=1
        frequency=2412
        proto=WPA
        key_mgmt=WPA-NONE
        pairwise=NONE
        group=TKIP
        psk="your_passkey"
}

Now issue this command:
wpa_supplicant -cwpa-adhoc.conf -iwlan0 –Dwext

Done! You have enabled WPA encryption in your network.
(I also tried to use WPA2, but it failed)

Debugging
Sometimes you may have issues with dhclient. In that case try avahi-autoip. After installing it, issue:
wlanconfig ath0 destroy

And then:
wlanconfig ath create wlandev wifi0 wlanmode adhoc

Now you will be able to ping the other hosts (peers) in the network
ping hostname.local

Do let me know your experience through comments....!!

No comments:

Post a Comment