[CentOS] CentOS4, KDE3.3 and 128 WEP

Wed May 25 15:27:57 UTC 2005
John Logsdon <j.logsdon at quantex-research.com>

Ryan+list

The link lights are up on the card from very early in the boot process.  I
am pretty sure the card is working except it is just unavailable if I try
and start eth1.  The system-config-network gui for wireless doesn't
actually let you select the channel to use either.  I am actually on
channel 13 which should work OK.  As I say, all things currently point to
the /en/ locale not being installed.  Can this be retrofitted?  I can't
find the files in the CentOS4 packages anywhere.

TIA

John

John Logsdon                               "Try to make things as simple
Quantex Research Ltd, Manchester UK         as possible but not simpler"
j.logsdon at quantex-research.com              a.einstein at relativity.org
+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com


On Tue, 24 May 2005, Ryan wrote:

> is the link/power light on your pcmcia card on when you plug it in, or 
> is it stay off?
> 
> John Logsdon wrote:
> > Ryan and list
> > 
> > pcmcia set 0,1,6 off and 2,3,4,5 on.  
> > 
> > If I try to restart pcmcia, it obviously complains that pcmcia_core is
> > used by i82365,pcnet_cs,ds as I have another network card plugged in at
> > the moment so I can use the machine (the Tosh Portege 3490CT's other
> > network interface requires plugging the big dongle thing in so I use a
> > card).
> > 
> > And while using the standard CentOS update solved the gpg problem, 
> > 
> > yum upgrade kde (for example) gave an error:
> > 
> > Traceback (most recent call last):
> >   File "/usr/bin/yum", line 7, in ?
> >     yummain.main(sys.argv[1:])
> >   File "/usr/share/yum-cli/yummain.py", line 34, in main
> >     locale.setlocale(locale.LC_ALL, '')
> >   File "/usr/lib/python2.3/locale.py", line 381, in setlocale
> >     return _setlocale(category, locale)
> > locale.Error: unsupported locale setting
> > 
> > which may be entirely unconnected but is an error in the same area as the
> > strace indicated for the wireless card.  I can post the strace if needed
> > but it is quite long.
> > 
> > TIA
> > 
> > John
> > 
> > John Logsdon                               "Try to make things as simple
> > Quantex Research Ltd, Manchester UK         as possible but not simpler"
> > j.logsdon at quantex-research.com              a.einstein at relativity.org
> > +44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> > 
> > 
> > On Mon, 23 May 2005, Ryan wrote:
> > 
> > 
> >>Does chkconfig have pcmcia in it? If so, what is it set to?
> >>
> >>John Logsdon wrote:
> >>
> >>>That seems a bit better so I can add the 128 bit WEP code.  But for some
> >>>reason I still can't activate it.  I get:
> >>>
> >>>SIOCSIFFLAGS: Resource temporarily unavailable
> >>>
> >>>which does not point too far.
> >>>
> >>>I have checked that the atmel_cs module is installed (the card is a Belkin
> >>>F5D6020 rev 2).
> >>>
> >>>I have tried an strace and it seems to be looking for a file libc.mo in
> >>>/usr/share/locale/[en.UTF-8|en.utf8|en]/LC_MESSAGES but there is one in
> >>>/usr/share/local/en_GB/LC_MESSAGES and pretty nearly every other locale
> >>>which are all in glibc-common.  
> >>>
> >>>I guess this is because I switched from en_US to en_GB when I installed -
> >>>ie I unchecked US English.  I don't seem to recall having this problem 
> >>>with other machines although this is the first one that I have tried
> >>>to use wireless with...
> >>>
> >>>I tried changing LANG to be en and I get the same result although the
> >>>strace now fails rather earlier.
> >>>
> >>>So it seems at least that I should reinstall en=en_US but I am not
> >>>convinced that this will solve the problem. And where is it anyway?  I
> >>>can't see it in any of the CentOS4 rpms - I have been through all 1404 of
> >>>them.  It seems to be installed from somewhere when you set up CentOS4.  
> >>>Surely I don't have to reinstall?
> >>>
> >>>Clues?
> >>>
> >>>TIA
> >>>
> >>>John
> >>>John Logsdon                               "Try to make things as simple
> >>>Quantex Research Ltd, Manchester UK         as possible but not simpler"
> >>>j.logsdon at quantex-research.com              a.einstein at relativity.org
> >>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> >>>
> >>>
> >>>On Mon, 23 May 2005, ryan wrote:
> >>>
> >>>
> >>>
> >>>>system-config-network from the commandline brings up a GUI that you can
> >>>>enter in the WEP key for. You do not need to upgrade to KDE 3.4 for this.
> >>>>
> >>>>
> >>>>
> >>>>>What do people recommend?
> >>>>
> >>>>My recommendation is to use a different included GUI tool than kwifi
> >>>>(system-config-network). Instructions are here:
> >>>>http://www.centos.org/docs/4/html/rhel-sag-en-4/s1-network-config-wireless.html
> >>>>
> >>>>You can also edit /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever
> >>>>your LAN card is) directly, but if you have never done this before, I'd say
> >>>>use the GUI.
> >>>>
> >>>>
> >>>>----- Original Message ----- 
> >>>>From: "John Logsdon" <j.logsdon at quantex-research.com>
> >>>>To: "CentOS mailing list" <centos at centos.org>
> >>>>Sent: Monday, May 23, 2005 4:25 AM
> >>>>Subject: Re: [CentOS] CentOS4, KDE3.3 and 128 WEP
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>Folks
> >>>>>
> >>>>>My concern is not so much just how good or bad WEP is - and I agree that
> >>>>>it is much better to use ssh or a vpn tunnel.  Until 802.11i is fully
> >>>>>implemented, standard wireless is always going to be very easy to hack by
> >>>>>a sniffing geekster.
> >>>>>
> >>>>>The problem is that there are quite a lot other machines on the network
> >>>>>that have been configured with WEP128.  I don't use DHCP and I have MAC
> >>>>>filtering enabled so that is some protection.  Unconfiguring all those
> >>>>>machines will be a pain and as some of them are WinDroze XPoor, almost
> >>>>>certainly to fall over.
> >>>>>
> >>>>>OK - maybe the solution is to upgrade to KDE3.4.  There are comments about
> >>>>>128 WEP in the 3.4 kdenetwork package.  And is KDE3.4 already stable
> >>>>>enough to be included?  What do people recommend?  Has anyone upgraded to
> >>>>>3.4?
> >>>>>
> >>>>>Another issue is where is the gpg public key repository for CentOS4?
> >>>>>
> >>>>>So my problem remains.  At the moment I am using a regular wired
> >>>>>connection but that means that the garden is out of bounds and it is nice
> >>>>>and sunny today here in Manchester ... :-)
> >>>>>
> >>>>>Best wishes
> >>>>>
> >>>>>John
> >>>>>
> >>>>>John Logsdon                               "Try to make things as simple
> >>>>>Quantex Research Ltd, Manchester UK         as possible but not simpler"
> >>>>>j.logsdon at quantex-research.com              a.einstein at relativity.org
> >>>>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> >>>>>
> >>>>>
> >>>>>On Sun, 22 May 2005, Ryan wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>>I disagree with this assessment.
> >>>>>>
> >>>>>>WPA-PSK is not much more secure than 128-bit WEP, since its passphrases
> >>>>>>vulnerable to common dictionary attacks.  Worse, linux has poor WPA
> >>>>>>support - not every wifi card supported by linux has WPA support.
> >>>>>>
> >>>>>>Also, many non-computer devices (wireless webcams, etc) only have WEP as
> >>>>>>an option.
> >>>>>>
> >>>>>>Use system-config-network , not kwifi, and you should be able to use WEP
> >>>>>>with no problem. Also, consider turning OFF DHCP, turning the AP off
> >>>>>>when you aren't using it, and enabling MAC filtering.
> >>>>>>
> >>>>>>If you are really concerned about security, consider using an SSH or VPN
> >>>>>>tunnel to encrypt data between laptops and a wired router/server.
> >>>>>>
> >>>>>>For some information on WPA-PSK weaknesses:
> >>>>>>http://wifinetnews.com/archives/002452.html
> >>>>>>
> >>>>>>
> >>>>>>system-config-network requires you enter in "0x" bbefore the key.
> >>>>>>
> >>>>>>
> >>>>>>Maciej Zenczykowski wrote:
> >>>>>>
> >>>>>>
> >>>>>>>You can skip wep128 or wep64 or any other wep for that matter,
> >>>>>>>currently a standard notebook with a supported wireless card running
> >>>>
> >>>>linux
> >>>>
> >>>>
> >>>>>>>can passively break through wep64/wep128 encryption within 10-30
> >>>>>>>minutes, switching to active mode can break through the encryption
> >>>>>>>within 3-5 minutes.  Simply put, encryption of the WEP kind is no
> >>>>
> >>>>longer
> >>>>
> >>>>
> >>>>>>>worth the bother.
> >>>>>>>
> >>>>>>>Just look around on google, he's a quote I found:
> >>>>>>>
> >>>>>>>Department: Here's a demo of the FBI, using commonly available and
> >>>>
> >>>>openly
> >>>>
> >>>>
> >>>>>>>documented hardware & software to crack WEP 128-bit security in three
> >>>>>>>minutes.
> >>>>>>>
> >>>>>>>http://www.tomsnetworking.com/Sections-article111-page1.php
> >>>>>>>
> >>>>>>>The needed utilites can be freely downloaded of the internet.
> >>>>>>>
> >>>>>>>Cheers,
> >>>>>>>MaZe.
> >>>>>>>
> >>>>>>>On Sun, 22 May 2005, John Logsdon wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>CentOS4 standard installation.
> >>>>>>>>
> >>>>>>>>I see that KwifiManager doesn't support 128 bit WEP which I need for
> >>>>>>>>other
> >>>>>>>>machines on the network, which is a bit of a blow - and rather
> >>>>
> >>>>surprising
> >>>>
> >>>>
> >>>>>>>>really as security should be quite a consideration on an enterprise
> >>>>
> >>>>level
> >>>>
> >>>>
> >>>>>>>>system (NB RH!).
> >>>>>>>>
> >>>>>>>>Is there a workaround?  An alternative way of configuring my Belkin
> >>>>>>>>F5D6020 ver 2 card?  eg a cvs download that I can get and copy via a
> >>>>>>>>stick?  Or how to do it manually?  I have tried regressing kdenetwork
> >>>>
> >>>>but
> >>>>
> >>>>
> >>>>>>>>that doesn't include kwifimanager at all.
> >>>>>>>>
> >>>>>>>>Ideas?
> >>>>>>>>
> >>>>>>>>TIA
> >>>>>>>>
> >>>>>>>>John
> >>>>>>>>
> >>>>>>>>John Logsdon                               "Try to make things as
> >>>>
> >>>>simple
> >>>>
> >>>>
> >>>>>>>>Quantex Research Ltd, Manchester UK         as possible but not
> >>>>
> >>>>simpler"
> >>>>
> >>>>
> >>>>>>>>j.logsdon at quantex-research.com              a.einstein at relativity.org
> >>>>>>>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>_______________________________________________
> >>>>>>>>CentOS mailing list
> >>>>>>>>CentOS at centos.org
> >>>>>>>>http://lists.centos.org/mailman/listinfo/centos
> >>>>>>>>
> >>>>>>>
> >>>>>>>_______________________________________________
> >>>>>>>CentOS mailing list
> >>>>>>>CentOS at centos.org
> >>>>>>>http://lists.centos.org/mailman/listinfo/centos
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>>_______________________________________________
> >>>>>>CentOS mailing list
> >>>>>>CentOS at centos.org
> >>>>>>http://lists.centos.org/mailman/listinfo/centos
> >>>>>>
> >>>>>
> >>>>>_______________________________________________
> >>>>>CentOS mailing list
> >>>>>CentOS at centos.org
> >>>>>http://lists.centos.org/mailman/listinfo/centos
> >>>>>
> >>>>
> >>>>_______________________________________________
> >>>>CentOS mailing list
> >>>>CentOS at centos.org
> >>>>http://lists.centos.org/mailman/listinfo/centos
> >>>>
> >>>
> >>>
> >>>
> >>>_______________________________________________
> >>>CentOS mailing list
> >>>CentOS at centos.org
> >>>http://lists.centos.org/mailman/listinfo/centos
> >>>
> >>>
> >>
> >>_______________________________________________
> >>CentOS mailing list
> >>CentOS at centos.org
> >>http://lists.centos.org/mailman/listinfo/centos
> >>
> > 
> > 
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> > 
> > 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>