Category Archives: WiFi

Getting a Buffalo USB Wireless N adapter WLI-UC-GN to work on OSX 10.5.8

Posted on January 29, 2010 by | Leave a comment

All of Apple’s laptops come with a built-in WiFi adapter called an Airport. But I needed a second WiFi port for a client application. I didn’t anticipate any issues with just adding a USB wifi adapter.

However after checking out the three Mac stores in downtown Vancouver, Simply Computing, WestWorld and Mac Market I came up dry. No one even wanted to talk about using a USB wireless adapter on a Mac laptop. The consensus seemed to be it was impossible.

Well fortunately RAlink develops drivers for all their wireless chipsets that enable them to work with Windows, Linux AND Mac! The chipsets are used by a variety of manufactures to build WiFi N USB adapters.Here’s what I did to get the Buffalo WLI-UC-GN Wireless N USB dongle working with OSX 10.5.8, Darwin kernel 9.8.0. It took me a couple of days to get it running. Hopefully this post will help someone else get their Buffalo Wifi adapter running with fewer hassles.

Here’s a related forum thread Insanely Mac Forum ThreadI got the idea for the fix from ayenon – the site is in Japanese, but you can get the main idea by looking at the screen print.

I chose the Buffalo Wireless N USB dongle WLI-UC-GN because it uses the Ralink chipset which is well supported on Macs. And it was on sale for about $40 at NCIX in Vancouver.

I installed the driver, rebooted and plugged the dongle in. The dongle showed up in System Profiler, but the blue activity light on the USB dongle stayed on constantly. On a properly installed dongle the activity light should be flashing. I also got a “No Device” status when I opened the Ralink Utility. The problem boiled down to an incorrect product id in the info.plist file for the device’s driver.

The Buffalo USB dongle uses the Ralink 2870 chipset. (Google “Buffalo WLI-UC-GN chipset”

1. Download the Macintosh drivers version 2.0.1.0 from RAlink Macintosh Drivers. The drivers for for Buffalo WLI-UC-GN are labelled USB(RT2870 /RT2770 /RT307X /RT2070 /RT3572).

2. Plug in the Wifi dongle and verify it is showing up in System Profiler.
Click Apple =>About this Mac => More Info => USB => 802.11n WLAN

Verify that the device is being recognized and has enough current:

Current Available (mA): 500
Current Required (mA): 450

3. Write down the Product ID and Device ID for the WLI-UC-GN, This should be the same for everybody.

Click Apple =>About this Mac => More Info => USB => 802.11n WLAN
The Product ID 0x014f or 335 in decimal
The Device ID 0×0411 or 1041 in decimal

4, Open up /System/Library/Extensions/RT2870USBWirelessDriver.kext/Contents/Info.plist using nano and scroll down until you reach the information related to Buffalo.

There are 3 entries 2870-1, 2870-2 and 2870-3.

The Product ID in the third entry needs to be changed from 336 to 335 to match the settings from system profiler above.

Write the file out.
Exit

4. Delete /System/Library/Extensions.mkext

cd /System/Library
sudo rm -R Extensions.mkext

5. Reboot (You should see a message {“Updating Boot Caches”)

6. Remember to boot with the -f parameter.

Important! While the system is loading the blue activity light on the WLI-UC-GN should start flashing. If the light on the dongle stays blue constantly it is not installed correctly.

If the blue light on the dongle is flashing you can go on to the next step.

7. Go into System Preferences and add another device for the USB Wifi dongle.

Apple => System Preferences => Network
Click on the + sign in the lower left. An additional drop down menu entry will appear in the list for “Ethernet”. Highlight it and click create. Click Apply.

8. Go into the Applications => RAlink utility => Site Survey and you should see the Wireless access points.

9. Add a profile for your wireless access point.

10. Open terminal and delete /System/Library/Extensions.mkext again. Reboot again. When the system starts the USB dongle light should be flashing. Open the Ralink Utility and verify that you’re connected. Check the link status. Open Firefox. Enter the URL google.com and verify that you are connected.

In OSX the internal ethernet adapter is usually configured as en0, airport adapter is configured as en1 and your new usb adapter should be en2. After installing the driver correctly you should be able to type “ifconfig en2″ into terminal to find out how the dongle is configured.

Done!

→ Leave a comment

Posted in BUFFALO Wifi Dongle, Hackintosh, OSX, WiFi

How to use free coffee shop wireless securely – part 3 – Your Own Virtual Private Network (VPN)

Posted on December 3, 2009 by | Leave a comment

Create your own virtual private network with Hamachi

You can do things between computers on your home or office network you can’t do securely on a public WiFi network like listen to a shared iTunes library, access files in shared folders and corroborate on shared projects. But using the free virtual private network application Hamachi, you and your buddies can access your computers from anywhere on the internet anywhere on the planet as if you were all connected on your own private local network. This is called a Virtual Private Network.

Today we’ll use Hamachi to create a virtual private network between a PC, Mac and Ubuntu Linux box and listen to a shared iTunes library over the internet.

First what’s Hamachi VPN?

Hamachi is a free desktop application and gives you a secure, zero-configuration LAN over the internet. Any application that works over a local network can be used with Hamachi over the internet, like Windows file sharing, iTunes, Remote Desktop, FTP, VNC and gaming. All of Hamachi’s connections are secure, encrypted, authenticated and peer-to-peer. Though Hamachi acts as a mediator between your computers and creates the tunnels for their communication, Hamachi’s servers don’t listen in on or log your activity.

Here are some situations where you might use Hamachi:

Your company has a team of salesmen on the road with laptops and they want secure access to office network, printers. applications and files.

Your office or dorm room computer is behind a restrictive firewall that doesn’t let you reach it from the internet.

You want to add encryption to insecure network protocols like VNC.

You want to set up a shared folder of files for friends and family to access.

Sound useful? Let’s get started.

Set up Hamachi

1. Download and install Hamachi. For the most part, the Windows installation is the usual “just click next” routine, except for two notes: Hamachi will attempt to install a virtual network adapter which Windows XP says is not supported. – just hit the “Continue Anyway” button at that point. Also, if you have Windows Firewall enabled (or any firewall, for that matter), it will ask if you want to allow traffic to and from the Hamachi client. You do. Click the “Unblock” button to allow Hamachi traffic through your firewall, as shown.

For Mac and Ubuntu Linux users, the Hamachi installation is a bit more complicated. Even more disappointing, the application itself is command line, not point and click. (Warning: comfort in the Terminal required. UPDATE: HamachiX is a free GUI Hamachi client for the Mac.

2. Create your Hamachi network. Once Hamachi’s installed it will walk you through a quick tutorial to get you started. Read it – it’s worth it. Then, hit the network button (bottom right hand corner, second button to the left) and choose “Create new network” from the menu. Give your network a name (mine was “vancouverwest4″) and a password. Click the Create button.

Now your computer will be a member of the new network, and get its own Hamachi IP address (in addition to its regular IP address). It will also have a nickname that will identify it on your network. Mine was “socrates-pc.”

3. Join your Hamachi network. At this point you can tell your friends or co-workers your Hamachi network’s name and password so they too can join it with the Hamachi client installed. To connect my Mac to my new network, I issued a hamachi join gtrap-home command after setting my nickname to “powerbook.” Once my Mac was on the network.

4. Network away! Now you’re ready to share files or stream your iTunes library to other computers in your Hamachi virtual home network anywhere in the world the internet reaches. Within iTunes on my PC I turned sharing on and tried to listen on my Mac. At first the sharing didn’t work because Windows Firewall wasn’t allowing it. Once I opened up port 3689 (iTunes sharing port) within Windows Firewall, I was all set.

Then, I could see and play tunes in my PC’s shared library within iTunes on my Mac. (Be sure to check off “Look for shared libraries” in iTunes’ Preferences Sharing panel.)

Finally, you can manage your Hamachi networks and clients through a web interface as well. Register for a free account at My Hamachi and enter your client’s Hamachi IP. Once you grant the web site access to your network information, view all your networks and clients on the web site, like this (click to enlarge):

Streaming music (and, uh, copying uncopyrighted songs from others’ shared iTunes libraries) is only one example of what can be done with your virtual home network. Browse shared Windows folders, remote control your PC, access an FTP or web server (over Hamachi’s encrypted connection). Anything you can do locally you can do over the ‘net with Hamachi.

Are you a die-hard VPN/Hamachi user? Got questions or tips? Drop me an email or comment.

West 4 Communications can set up a secure Virtual Private Network for your force of global road warriors.

→ Leave a comment

Posted in Mobile Computing, Network Security, WiFi

Tagged , ,

How to use free coffee shop wireless securely – part 2 – Create a secure tunnel using SSH

Posted on December 3, 2009 by | Leave a comment

Create a secure tunnel using SSH

by John Davidson

In part 1, we learned that using Wi-fi in public hotspots can be dangerous because of packet sniffers which can view and log all unencrypted network data. You need to protect yourself by encoding both what you are sending and receiving over by using https:// (note the “s” for secure) connections whenever possible to connect securely to sites.

But some site don’t offer any kind of secure login. i’ll show you how to roll your own using SSH to create a secure tunnel connection from you remote laptop to a trusted home or office computer running an SSH server. All your network traffic will be sagely protected using encryption.

Laptop – Client Side Software: SSH Client
* Windows – PuTTY (I’m currently using Release 0.60)
* Linux/OSX – SSH from the command line

Server – Either at home or trusted remote web host with SSH access
* Windows – SSH server
* Linux/OSX – SSH server daemon

If you have trouble connecting to port 22 on your web host, double-check the port address. Some web hosts use oddball ports for SSH. My current web host uses port 2222 instead of 22.

I’ll use PuTTY on the client site for this walk-through. We will set up port 7000 as the secure channel.

1. Open PuTTY and click on the + sign beside SSH to see the tunneling options. Use the following tunnel settings:

PuTTY SSH Tunnel Configuration

* Source Port: 7000
* Destination: localhost
* Select Dynamic and Auto

2. Click Add. D7000 should show up in the forwarded port box.
3. Select Open and log in using your username and password.

You’re done setting up the secure channel.

4. In Firefox
a. Click Tools->Options->Advanced->Network->Settings
b. Click the “No Proxy” radio button
c. Click OK twice to close the configuration panes
d. Go to URL http://whatismyip.com
e. The ip address displayed is the ip address for the coffee shop

5. Configure Firefox to use the secure channel
a. Click Tools->Options->Advanced->Network->Settings
b. Click the “Manual proxy configuration” radio button.
c. Set SOCKS Host
d. Set SOCKS Port: 7000
e. Click the SOCKSv5 radio button
f. Close the configuration pane
g. Go to URL http://whatismyip.com
h. The ip address displayed should be the ip address for remote trusted computer.

You can also encrypt your BitTorrent traffic or your MSN connection by changing connection/proxy settings in the application connection options to point to localhost port 7000 and SOCKS v4 or v5.

You can use the applicatin proxifier to forward all your connections at once to the remote ip address.

An easy way to switch proxy settings in Firefox is to install the Switchproxy add-on — change proxy settings with just a click.

Enjoy your secure browser session!

→ Leave a comment

Posted in Mobile Computing, Network Security, WiFi

Tagged , , ,

How to use a secure tunnel to view US televison on hulu.com, nbc.com and comedycentral

Posted on December 3, 2009 by | Leave a comment

Stream Hulu, NBC and Comedy Central to your computer while living or traveling outside the United States.

by John Davidson

Watch full episodes of all the best in US TV programming streamed to your home computer. Are you a fan of Highlander, Family Guy or Heroes? Well you can watch seasons of episodes the whole library of shows is clicks away any time you want! Hulu.com. nbc.com, thedailyshow.com, comedycentral.com are a few of the sites streaming US programming.

But there is a problem if you are living or traveling outside the United States. Content owners use sophisticated geographical ip filtering to block streaming of the videos outside the US. For example, when you try to view hulu.com from Canada, you get the following message, “We’re sorry, currently our video library can only be streamed within the United States.” I’ll describe a way to get around the blocks.

This method requires that you have a Virtual Private Server (VPS) account in the continental United States with Secure Shell (SSH) access. I use a VPS account with linode.com which costs $US 19.95/Month. The trick to avoid the geoblocking is to forward your IP connection from your home computer in Canada. Japan or anywhere outside the US to the US based server using an SSH secure tunnel. The server forwards all the data received back to the foreign client transparently. This works well because to the US-based website (HULU, NBC, Fox) you are now connecting from a US ip instead of a foreign ip address.

Important Caveat 1

It’s important that the latency (ping delay) between your true location and your US server is less than 100 ms to ensure an enjoyable video experience. Otherwise you’ll have to keep waiting for buffer delays. The latency from Vancouver, Canada to my New Jersey server is 88 ms.

Important Caveat 2

Verify the bandwdth caps or limitations on your US server. I’m allowed 200 GB of traffic on my account. A couple of hours of daily TV works out to about a giga-byte of traffic daily or less than 50 giga-bytes a month.

Here we go:

1. Sign up for a VPS account on Linode. Log into your Linode account and create a Ubuntu linode instance. Note the IP address of your server.

SERVER side

2. SSH into the root account of your fresh Ubuntu server
apt-get update
apt-get install
apt-get upgrade
adduser tunnel

Client running OSX or Ubuntu:

3. Open a terminal window
4. ping yourserver.com ; verify connectivity to the server
5. ssh -D 8080 -p 22 -f -N tunnel@yourserver.com ; forward port and then go into background
6. enter password for tunnel when prompted

The ssh command is used to create an encrypted secure connection between a client port and a server port.

The “-D port” option specifies dynamic port forwarding. This works by allocating a socket to listen at a port on the local side. The port can be any number greater than 1024. Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported,

The “-p port” option specifies the port to connect to on the remote server. Port 22 is the standard port an SSH server to listen on. If you have troubles connecting, check to ensure the remote server is using the standard port. Sometimes servers use oddball ports – hostgator for example uses port 2222.

The “-f ” option requests ssh to go to background just before command execution. This is useful if ssh is going to ask for passwords or passphrases. After the password is entered SSH goes into the background.

The “-N” option means do not execute a remote command. This is useful for just forwarding ports (SSH version 2 only).

Client is running Windows:

3. Download PuTTy from http://www.filehippo.com
4. Open the PuTTy SSH client. Look under Connection -> SSH -> Tunnels.
Add a dynamic port forward, use port 8080 and no need to specify the destination.
5. Click on the open button and enter password when prompted

Client Side: Now set up Firefox to use the local SOCKS server (localhost:8080).

6. Open up Firefox

7. Verify connectivity
a. go to URL http://whatismyip.com and write down the ip address for your client computer
b. click on the speed test button and write down the upload and download speeds

UPDATE Hulu has updated their geo-blocking use new step 8

OLD STEP 8
Click on Tools -> Options -> Advanced -> Network -> Settings
Click the Manual proxy configuration radio button
On the SOCKS option enter localhost and 8080 as the port.

NEW STEP 8
a. Download Proxifier (30 days free trial version) http://www.proxifier.com/download.htm
b. Install and launch proxifier
c. Click option > proxy settings> add
IP address: localhost
Port: 8080
Type: SOCKS5
d. Click OK button

Testing

9. Verify your port is being forwarded.
a. go to URL http://www.whatsmyip.org/ and verify that the ip is different than in step 5a
b. click on the speed test button to confirm you are getting reasonable upload and download speeds

This entry was posted on Tuesday, May 5th, 2009 at 1:11 pm and is filed under Technology, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed.

→ Leave a comment

Posted in Mobile Computing, Network Security, Networking, WiFi

Tagged , ,