After seeing the unusually high price tag of a Microsoft Xbox 360 Wireless Adapter, I almost had a heart attack. $99.99 retail. Let me say it again, FREAKING $99.99; is Microsoft out of their mind? I mean, routers and wireless adapters cost much less than that! Luckily, there is a way to create an adapter with a La Fonera wireless router.

Basically, the La Fonera is loaded with a third party firmware called DD-WRT. The firmware allows you to put the Fonera into client bridge mode. This basically lets the Fonera connect to your home wireless network and pass that data through the ethernet port to your Xbox. Its kind of like one of these Linksys gaming adapters, but cheaper and with more capabilities.

Here’s the full guide:
http://fonerahacks.com/index.php/Tutorials-and-Guides/Xbox-360-Wireless-Adapter-Using-the-La-Fonera.html

NOTE: You must have a La Fonera with DD-WRT firmware loaded onto it before this will work. If you need help installing DD-WRT to the Fonera, see the guides here

The Alfa 500mw wireless USB adapter is known to many war drivers. At 500mw, the Alfa has 20 more Tx/Rx power than the Linksys WPC11 (25mw), 2.5 times more power than the Senao’s 200mw, and 1.67 times more power than the Zcomax 300mW and Ubiquiti 300mW. In addition to its high power, the Alfa contains the RTL8187L Realktek chipset, which is known to be great for capturing and injecting wireless packets via Aircrack.

Alfa 500mw Wireless Adapter at Amazon.com

Here’s a little test I did comparing a Zonet ZEW 2500p USB wireless adapter vs the Alfa 500mw USB wireless adapter. I couldn’t find the power rating on the Zonet, but I’m pretty sure its not more than 50mw. First, here’s a scan using airodump in channel hop mode.

The location was indoors on the first floor close to a backyard window. It didn’t surprise me that the Zonet ZEW2500p didn’t pick up much. Although it can capture and inject packets, this little wireless card just doesn’t have the range.

Up next is the Alfa AWUS036H 500mw USB wireless adapter results. This is with the included 2db antenna with the adapter sitting in the same spot as the Zonet.

Not bad, but not as good as expected. The strength to the unamed AP increased and one other AP was picked up. Let’s see what happens when we use a larger antenna. I had a Fontenna laying around, so I decided to try it out. The Fontenna is a 7db directional atenna made by Fon to pair with their La Fonera. However, the Fontenna uses an RP-SMA connector, so you can just about use the antenna with any other device that has the same connector. I then used double sided adhesive to attach it to the top of my window and connected it to the Alfa via RP-SMA connectors. Here are the results:

As you can see, I picked up a lot more APs than expected. I was even able to fake authenticate and associate with one of the APs that I couldn’t even see with the Zonet ZEW2500p. However, I recommend that you swap the stock 2db antenna with something a little stronger.

WEP, WPA/WPA2, and the associated authentication methods are designed to keep invaders out. However, it has become increasingly easier to crack WEP encrypted networks (see the video here) and cracking WPA/WPA2 networks is difficult, but feasible. These methods help keep external users from being able to access sensitive data, but what about internal, authenticated users?

Internal wireless security is important when utilizing networks of hundreds of users. Say I have a WPA2 AES encrypted network. A normal user will connect to the network and be granted access to the internal wireless network. Unlike wired networks, wireless networks do not have switches to direct traffic to the right ports (users), therefore, every authenticated user can see everybody else’s traffic. Now, with a network of hundreds of users, this can pose a problem. Once somebody is authenticated, they are free to sniff traffic, perform man-in-the-middle attacks, etc. It doesn’t matter what encryption method (WEP, WPA/WPA2) was used because each authenticated user is using the same key as everyone else to encrypt their data.

For example, many universities are now creating wireless networks around campus which hundreds of students may be connected to simultaneously. What is preventing one student from logging onto the wireless and sniffing all traffic from the gateway until he gets some passwords? Information like that can be used to access someone’s email account and once your email account is compromised, you’re hosed (hint, “Forgot Password?”)

The standard solution to this problem is VPN tunnels. Here’s an example, a user joins an open access point provided by the company. When he opens his browser, he is redirected to a page where he needs to download and install the VPN client. After installation, the user will login and the VPN client sets up an encrypted, independent tunnel. Now, he is safe from both external and internal hackers because every bit of his data goes through this tunnel and is encrypted. You could do a man-in-the-middle attack, but all you’ll get is encrypted packets.

However, the implementation may not be an option for universities or companies who give 2 cents about user friendliness. Establishing a VPN tunnel requires a client program. That’s one more program users need to install on their computers; one more program that users DO NOT want to install. Not only that, the VPN client is yet another product the IT department must support and it also creates an additional level of failure. Some product’s installation procedures are less than stellar and can cause more headaches than smiles. You also have to look at how easy it will be to implement over the existing system, support options, delivery of the client, and finally, compatibility. With Windows Vista and it’s dreaded UAC, installation of a VPN client has become even more of a hassle that some vendors are trying to overcome for the sake of user friendliness.

A simple solution would be to issue different, unique keys to each user. This encrypts their data with different keys and would act like a VPN tunnel. You could “MacGuyver” it and create an access point with a different key for each user, but that relies on IT “manual labor” and is vastly inefficient. However, if each user got a different key, there would be no client program (a plus for user friendliness) and no additional hardware needed if the software lies on the access point or controller.