MY80211.com

It is important to understand the difference between active and passive client scanning. Here is an overview ~ Wireless clients learn about available APs by scanning other IEEE 802.11 channels for available APs on the same WLAN/SSID. Scanning other IEEE 802.11 channels can be performed actively or passively as follows: 

Active scan—Active scanning occurs when the client changes its IEEE 802.11 radio to the channel being scanned, broadcasts a probe request, and then waits to hear any probe responses (or periodic beacons) from APs on that channel (with a matching SSID). The IEEE 802.11 standards do not specify how long the client should wait, but 10 ms is a representative period. The probe request frames used in an active scan are one of two types:

Directed probe—The client sends a probe request with a specific destination SSID; only APs with a matching SSID will reply with a probe response 

Broadcast probe—The client sends a broadcast SSID (actually a null SSID) in the probe request; all APs receiving the probe-request will respond, with a probe-response for each SSID they support.

During a channel scan, the client is unable to transmit or receive client data traffic. There are a number of approaches clients take to minimize this impact to client data traffic:

•Background scanning—Clients may scan available channels before they need to roam. This allows them to build-up knowledge of the RF environment and available APs so they may roam faster if it becomes necessary. Impact to client traffic can be minimized by only scanning when the client is not actively transmitting data, or by periodically scanning only a single alternate channel at a time (scanning a single channel incurs minimal data loss)

•On-roam scanning—In contrast with background, on-roam scanning occurs after a roam has been determined necessary. Each vendor/device may implement its own algorithms to minimize the roam latency and the impact to data traffic. For example, some clients might only scan the non-overlapping channels.

Typical Scanning Behavior

Although most client roaming algorithms are proprietary, it is possible to generalize the typical behavior.

Typical wireless client roam behavior consists of the following activities:

•On-roam scanning—This ensures clients have the most up-to-date information at the time of the roam.

•Active scan—An active scan is preferred over a passive scan, due to lower latency when roaming.
There are some informational attributes that may be used to dynamically alter the roam algorithm:

•Client data type—For example, voice call in progress

•Background scan information—Obtained during routine periodic background scans

Ways in which attributes can be used to alter the scan algorithm include: •Scan a subset of channels—For example, information from the background scan can be used to determine which channels are being used by APs in the vicinity. •Terminate the scan early—For example, if a voice call is in progress, the first acceptable AP might be used instead of waiting to discover all APs on all channels. •Change scan timers—For example, if a voice call is in progress, the time spent waiting for probe responses might be shortened during an active scan.

From -- Cisco Voice Over Wireless LAN 4.1 Design Guide

If you’re going for the Cisco CCIE lab you need to know the GUI and CLI cold. Let’s face it. Time is short and your tasks will be MANY when you sit lab. You don’t want to have an issue between the chair and the PC. If you catch my drift … 

If you are new to the WLC the dashboard can be a little overwhelming for some folks. Lets face it, there are TON and TONs of ‘nerd knobs’. And knowing where these commands live can be a task.  When consulting and training, I came up with a process that helped students quickly grasp where these commands live. Let’s review the dashboard shall we ….

The dashboard has (8) buttons. They are Monitor, WLANs, Controller, Wireless, Security, Management
Commands and Help. 

MONITOR– Monitor is just that. The monitor page shows you a HUD of what is going on in your WLC. Understand each of the fields and the data collected in the monitor page for quick reference. This will help you to gather information when troubleshooting. For example controller summary, access point summary, client summary, rogue summary and most recent traps are located here. These areas give you a real QUICK snap shot of valuable information.  In short – Monitor is just that … Monitoring of your WLC …

WLANs – This is where your SSIDs live. This is where you will create your SSIDs, apply security (L2/L3), Wireless QoS and SSID tuning, such as P2P blocking, session timeout, etc.  You will find these under the advance tab.  On the left panel you will see an Advanced link as well. NOT to be confused with the Advance tab under WLANs. This is where your AP group config lives. In Short – WLANs is where your SSIDs live.

CONTROLLER – Controller is where your Wired lives. This is where you will configure your controller interfaces, vlans, gateways,  dhcp, ip addresses, general controller settings, ports, internal DHCP services, mobility groups, CDP and NTP.  These are all wired related options… In Short – Controller is where your wired lives

WIRELESS – This is probably one of the busiest links and the most confusing for first time users. In fact you have more options on this link then any of the others. Wireless is where your access points, RRM, mesh, QoS profiles, hreap groups and your wireless network (data rates) etc live. I might suggest you become very very comfortable with the options under wireless.

Lets look briefly at a few of the options. On the left panel you have access points. This is a list of access points that are joined to the controller. Under which you have radios  802.11a/n and  802.11b/g/n. This is where you can config the different radio per access point.

The next session under this is the 802.11a/n and 802.11b/g/n. Again not to be confused with the commands under access points. This is where your network and RRM settings live for each side of the radio. In short – Understand the wireless link COLD. This is where your access point and wireless data rates live. 

SECURITY – This is where your controller security and database security lives. Again, not to be confused with security under WLAN. You will find you radius server options, local eap, TACACS+, webauth, ACLs, wireless protection polices, etc. In short – Think of wired WLC security

MANAGEMENT – This is where your controller management lives. These commands are very very forward. HTTP, HTTPS, TELNET, SSH, logs, user sessions, user account creation, snmp, management via wireless. In short – This is where you will manage your WLC

COMMANDS – This is where you will upload/download  code, sig files, reset factory defaults, reboot the controller, set time. In short – This is where you will find your administration of code updates.

HELP – No need to cover this … If you are looking at this during your lab … You may not be ready for the lab … 

Has anyone heard about this new device that charges battery's from WiFi signals? I am really interested to hear how this works? If this is indeed real, this takes the prize for best technology innovation of the decade in my book..  Check it out, what do you think..

We don't usually associate RCA with new and innovative technologies, but we think know they're on to something with its Airnergy power system, which harvests energy from WiFi signals. Shipping this summer, the pocketable dongle picks up WiFi signals from the air and manages to charge an internal battery through some magic inside. You don't have to connect to a network, you just have to be in a place that has signal, and it will automatically charge up. As if we weren't intrigued already, they told us that they're planning on building the tech into actual cellphone batteries, so you would theoretically never need to plug in again and your device would always be topped off. Yeah, we want.

We don't usually associate RCA with new and innovative technologies, but we think know they're on to something with its Airnergy power system, which harvests energy from WiFi signals. Shipping this summer, the pocketable dongle picks up WiFi signals from the air and manages to charge an internal battery through some magic inside. You don't have to connect to a network, you just have to be in a place that has signal, and it will automatically charge up. As if we weren't intrigued already, they told us that they're planning on building the tech into actual cellphone batteries, so you would theoretically never need to plug in again and your device would always be topped off. Yeah, we want.

Here is the video link: http://www.viddler.com/explore/engadget/videos/1001/ 

Leeched: http://www.engadget.com 

You are probably asking yourself, why!? Or perhaps, you did not know you could add access points in “Monitor” mode only. So, let’s deep dive this design consideration and why you as a Wireless Admin may want to consider deploying monitor access points in your WLAN.

We all seen the access point and client rogue alerts, signature attacks, (IDS, IPS) and other environment events on the WLC and WCS dashboard. Do you know how these alerts are gathered? This function is part of RRM (Radio Resource Monitoring/Management) Lets look how…

Cisco Unified (Lightweight) access points go off-line and conduct scans in the environment. Much like if you had a sniffer, in the area of the access point conducting the scan on your laptop.  During these scans the information gathered is sent to the WLC where this information is processed and displayed.  But here is the problem.   

Cisco Unified (Lightweight) access points only spends 0.2% off-channel scanning. Further more, the access point will only spend 60ms during EACH scan (10ms to switch channels and 50ms to scan the actual channel).  This activity is distributed across your WLAN so that adjacent access points are not scanning at the same time.

Note: In the presence of voice traffic (in the last 100 ms), the access points defer off-channel measurements.

I’ve completed specific testing with no monitor access points deployed in large enterprise environments, only using existing access points with default RRM monitoring enabled.

I conducted testing where I deployed a (1/6) access point ratio. By this I mean for every 6 production access points I would add (1) access point in monitor mode and found a 5% increase on average of environment information. The reason for this increase is simple. Access points that are only on a channel for short intervals can not see every packet, while access points that are on channel can see far greater more packets. 

Additionally, Cisco unified access point modes include more then just monitor. It includes rouge detector and sniffer modes. Allowing you to leverage your monitor access points in more ways then one. 

In closing, you may want to consider deploying monitor access points in your design.

This is an interesting move to start off 2010.

GREENBELT, MD -- 01/06/10 -- Presidio, Inc., a diversified professional and managed services firm delivering advanced IT infrastructure solutions, announced today that Coleman Technologies, Inc. has merged with and into Presidio, Inc. Coleman, based in Orlando, FL, is a leading edge IT and systems engineering services firm and will complement Presidio's existing business lines, including: Presidio Networked Solutions, a professional services and advanced IT infrastructure solutions provider; Presidio Managed Networks, a Managed Services and Telecom Consulting firm; Atlantix Global, a provider of remarketed technology solutions; and Presidio Technology Capital, a captive leasing operation.

This combination brings an exciting new dynamic to Presidio's already vibrant Virtualization/Data Center; Collaboration/Unified Communications; Mobility; Security and Managed Services practices. Coleman further expands Presidio's extensive team that has been purposely built to focus on providing innovative advanced IT infrastructure solutions for the complete IT Lifecycle. The result is a company with unmatched strength in customer service and support, technical acumen and financial viability.

Coleman brings a complementary and expanded geographic reach, solidifying Presidio's market presence in Florida, Georgia, Oklahoma and the Public Sector, while accelerating a more expansionary footprint throughout Texas, Tennessee, the Carolinas, Alabama, Ohio, Illinois and Indiana. The merger also significantly strengthens Presidio's current capabilities in Contact Center and Managed Services. Additionally, Coleman holds several unique capabilities in their Federal Systems and Electronic Systems groups with solutions ranging from hardened communications devices (EnviroXtreme), to mobile communications solutions (RAPTOR) and covert GPS tracking devices (AGenT), that leverage their product development and software design skills and solutions.

Joel Schleicher, Chairman and Chief Executive Officer of Presidio, Inc., stated, "We are ecstatic with this combination due to Coleman's stellar reputation, unique approach to the market, and culture. We view the Coleman team as the perfect complement to Presidio. There are few companies that offer the engineering/implementation excellence, customer satisfaction approach and are as forward thinking, from a standpoint of utilizing technology as a productivity enhancement tool for their customers, as Coleman."

Highlights of the merged company include:

-- Revenue of over $1.1B, making it the leading solutions provider in
   its markets
-- 70 Cisco CCIEs  and over 1,800 technology certifications
-- 530+ highly certified engineering and consulting professionals among
   our 1,200 employees, delivering unequalled levels of engineering
   expertise
-- 425 Business Development Professionals to meet developing market needs
-- Recognition as one of Cisco's top five (5) partners in North America,
   along with being  the fourth largest in Unified Communications and
   third largest in Contact Center, and similar stature with other
   strategic partners including VMware and Microsoft
-- One of only five (5) Cisco global partners approved to design and
   deploy the largest and most complex VBlock 2 Solutions
-- HP Virtualization Elite Partner trained and certified to design and
   deploy HP's Matrix and other advanced datacenter server and storage
   solutions
-- Expanded Managed Services including additional Network Operations
   Centers (NOCs) and Security Operations Centers (SOCs)
-- Excellence in customer satisfaction and increased industry
   recognition including:
   -- Cisco accolades : Partner of the Year; Global Enterprise Partner
      of the Year; Commercial Partner of the Year for North America;
      Solution Innovation Partner of the Year; Customer Advocacy Partner
      of Year; Data Center Partner of the Year; Customer Satisfaction
      Excellence;
   -- Top certifications in Virtualization and Data Center;
      Collaboration and Voice; Wireless; Security; Physical Security;
      ISO 9001:2000 and Managed Services;
   -- EMC Services Partner of the Year in 2009 and 2008 and EMC's
      6th largest partner in NA;
   -- First VMware Certified Center of Excellence in North America. 

Speaking on the deal, Ben Patz, Chief Executive Officer of Coleman Technologies, Inc, commented, "Joining with Presidio broadens the solutions we can offer our customers, expands our market for innovative solutions and enhances our ability to invest in our people and processes. Moving forward, our combined teams will continue to deliver the same innovative services and solutions that have differentiated us in the marketplace and upon which our customers have come to depend."

I got bit by the "twitter" bug. You can now follow me on twitter. Where I will share with you the going on's in and around wireless deployments and troubleshooting!

 http://twitter.com/wirelesssguru

Once the issues are ironed out, this could be a handy tool in the hands of a hacker. I may just have to jailbreak my iPhone.

Pirni is the worlds first native network sniffer for iPhone. The iPhone's Wi-Fi has some major drawbacks in its hardware design, thus we can not properly set the device in promiscuous mode.

This is why Pirni comes with an ARP spoofer that successfully routes all the network traffic through your device and then uses packet forwarding to send it to it's normal recipient (ie. the router).

After a successful network sniffing, you can transfer the dumpfile to your computer and open it up with Wireshark (or any other traffic analyzer that supports pcap) to analyze the traffic.

BPF filters allow you to select which packets to be dumped. This allows you to "filter" packets, so that only "interesting" packets can be supplied to the software using BPF; this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode, reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets.

leeched from: www.net-security.org

There can be countless reasons why you may want to block a wireless client from accessing the WLAN. One real world scenario happened a few months back where I was contacted by a customer who's enterprise was just hit with a virus. As they quarantined and identified infected hosts they could not account for 50+ wireless clients, which were infected and online.

As they cleaned infected machines, these machines became infected again due to these 50+ devices. They needed a way to disable them from the WLAN,  but didn't have time to locate the 50+ nor did they know their exact location.Here is how to disable clients blocking access to the WLAN.

NOTE: WHEN A CLIENT IS ON THE EXCLUSION LIST, THE WLC IGNORES PROBE REQUEST FROM THE CLIENT. SEE DEBUG BELOW

 

CONFIG CLIENT EXCLUSION

(Cisco Controller) >config exclusionlist ?              
add            Creates a local exclusion-list entry
delete         Deletes a local exclusion-list entry
description    Sets the description for an exclusion-list entry

(Cisco Controller) >config exclusionlist add 00:25:d3:8b:00:13

REMOVE CLIENT EXCLUSION (ALLOWS CLIENT ACCESS TO WLAN)

(Cisco Controller) >config exclusionlist delete 00:25:d3:8b:00:13

DEBUG CLIENT WHILE EXCLUDED

NOTE: THE WLC IS IGNORING THE CLIENTS PROBE REQUEST

(Cisco Controller) debug>client 00:25:d3:8b:00:13
Fri Jan  1 17:57:04 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:08 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:09 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:12 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:13 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:17 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:21 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:22 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:25 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:26 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:27 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:29 2010: 00:25:d3:8b:00:13 Ignoring probe request due to exclusion-listing of the mobile
Fri Jan  1 17:57:29 2010: 00:25:d3:8b:00:13 Association request(2): Exclusion-listed!!

DHCP address assignment required is one of those check boxes that makes you go huh, while you scratch your head, if you don't know how it works. Cisco's best pratice for voice is to disable this feature. However, keep in mind,  if DHCP Addr. Assignment Required is selected, clients must obtain an IP address via DHCP. Any client with a static IP address is not allowed on the network.

request/renew every time they associate to the WLAN before they are allowed to send or receive other

After having worked on countless Cisco WLAN VoIP deployments a general rule of thumb from Cisco TAC is to disable TKIP countermeasure on ALL voice WLANs and lessen the timer for DATA WLANs. Again this is all subject to your comfort level and performance requirements. Personally, I can't say I have ever seen this to be an issue or had an issue that was directly related to the countermeasure. But something to chew on!

TKIP countermeasure mode can occur if the Access Point receives 2 message integrity check (MIC) errors within a 60 second period. When this occurs, the Access Point will de-authenticate ALL TKIP clients associated to that 802.11 radio and holdoff any clients for the countermeasure holdoff time (default = 60 seconds).

ap#config t

ap(config)#interface dot11Radio 0

Note: This is radio specific on autonomous access points

ap(config-if)#countermeasure tkip 0

Note:  Configures TKIP MIC countermeasures hold-down timer (0-65535 seconds), unlike the WLC which is (0-60 seconds)

After having worked on countless Cisco WLAN VoIP deployments a general rule of thumb from Cisco TAC is to disable TKIP countermeasure on ALL voice WLANs and lessen the timer for DATA WLANs. Again this is all subject to your comfort level and performance requirements. Personally, I can't say I have ever seen this to be an issue or had an issue that was directly related to the countermeasure. But something to chew on!

TKIP countermeasure mode can occur if the Access Point receives 2 message integrity check (MIC) errors within a 60 second period. When this occurs, the Access Point will de-authenticate ALL TKIP clients associated to that 802.11 radio and holdoff any clients for the countermeasure holdoff time (default = 60 seconds).

(Cisco Controller)config wlan security <tkip> hold-down <seconds> <wlan id>

Note:  Configures TKIP MIC countermeasures hold-down timer (0-60 seconds)

The following command disables TKIP countermeasure on WLAN 1 

(Cisco Controller) >config wlan security tkip hold-down 0 1

This is very interesting news. The WiFi Alliance is considering the certification of single-stream 802.11n product.

The Wi-Fi Alliance said it has started testing single-stream access points and routers that use 802.11n technology.

In an email to SmallNetBuilder, Kelly Davis-Felner, the WFA's Marketing Director said that testing had started last week.

Products that pass the test will not be Wi-Fi CERTIFIED n, since the 802.11n standard does not allow for single-stream access points and routers. Instead, they will carry the mark shown above (or a version without the "a" for single-band products).

According to Alliance literature, the single-stream certification indicates that the product is Wi-Fi CERTIFIED to the previous standards shown, and also contains some of the features of Wi-Fi CERTIFIED n. These products may be referred to as “wireless-n” or “Wi-Fi n” by manufacturers.

Single stream products typically support a maximum connection rate of 65 Mbps using the default 20 MHz channel bandwidth and 135 Mbps using 40 MHz channel bandwidth.

Leeched from: http://smallnetbuilder.com 

We've all been there... You need to drop the show-run command and you get the "Press Enter to continue Or <Ctl Z> to abort" or "--More-- or (q)uit". All you want is to drop the entire config. Wells here is how.

If you are fimilar with Cisco IOS routers and switches then you may have used the "term length 0"command. This eliminates the the page breaks. Under the WLC "Airespace OS" the equivalent is the "config paging disabled" 

(Cisco Controller) >config paging ?

enable         enable paging

disable        disable paging 

DISABLE CONFIG PAGING

The following command will allow the entire show command drop in one piece:

(Cisco Controller) >config paging disable

ENABLE CONFIG PAGING

The following command will allow paging:

(Cisco Controller) >config paging enable

So you forgot your WLC password, eh? WLC version 5.1 and later, you can use the CLI from the controller's serial console in order to configure a new user name and password. Complete these steps in order to configure a new user name and password.

       1. After the controller boots up, enter Restore-Password at the user prompt.
       Note: For security reasons, the text that you enter does not appear on the controller       console.

       2. At the Enter User Name prompt, enter a new user name.

       3. At the Enter Password prompt, enter a new password.

       4. At the Re-enter Password prompt, re-enter the new password.
       note: The controller validates and stores your entries in the database.

       5. When the User prompt reappears, enter your new username.

       6. When the Password prompt appears, enter your new password.
 

Note: For WLCs that run earlier versions of firmware (prior to 5.1), there is no way to recover the password.

If you use the Cisco Wireless Control System (WCS) in order to manage the WLC, wireless LAN controller Module (WLCM) or Wireless Services Module (WiSM), you should be able to access the WLC from the WCS and create a new administrative user without logging into the WLC itself.

Or, if you did not save the configuration on the WLC after you deleted the user, then a reboot (power cycling) of the WLC should bring it back up with the deleted user still in the system. If you do not have the default admin account or another user account with which you can log in, your only option is to default the WLC to factory settings and reconfigure it from scratch.

Mac filtering was popular back when WEP was the only means of wireless security. Mac filtering added an additional layer of authentication by validating the wireless NIC mac address prior to authenticating to a wireless network. Although, mac filtering is still used today, it is a management burden for larger deployments and it is very easy for a hacker to spoof the mac address with a sniffer since the mac is sent in the clear.

What you need know about local authentication on the Cisco WLC. By default, the WLC local database supports 512 entries and can be configured up to a total of 2048 max entries. This is a hard limitation and can not be exceeded unless you use a Radius server for MAC authentication.

When using EAP-FAST you want to insure you give the client enough time to obtain the PAC. By default the WLC is set to only 2 seconds. However I noticed with code 6.0.188.0 it is set to 30 seconds by default. This command can only be configed from the CLI of the WLC.

When using EAP-FAST, the IEEE 802.1X timeout on the controller must be increased (default = 2 seconds) in order for the client to obtain the PAC via automatic provisioning. The default timeout on the Cisco ACS server is 20 seconds, which is the recommended value.

Did you know if you don’t set the time on a WLC it is very likely your access points won't join your WLC. Why do you ask!?  LWAPP/CAPWAP access points contain certificates. If your controller's time is set outside of the access points certificate validity they wont join the WLC.

You can check your access points certificate validity with the following command from the AP CLI. A lot of information will be displayed with this syntax. You are interested in the section that states "Certificate". You need to insure your WLC time is set within the APs validity time frame.

(Cisco Controller) >show crypto ca certificates

Certificate
  Status: Available

  Certificate Serial Number: 3BC24B9600000012211221
  Certificate Usage: General Purpose
  Issuer:
  cn=Cisco Manufacturing CA
  o=Cisco Systems

  Subject:
   Name: C1130-001c58734445
   ea=support@cisco.com
   cn=C1130-001c58734445
   o=Cisco Systems
    l=San Jose
   st=California
     c=US

  CRL Distribution Points:

    http://www.cisco.com/security/pki/crl/cmca.crl

  Validity Date:

    start date: 12:56:31 UTC Jun 30 2007
    end   date: 13:06:31 UTC Jun 30 2017
    Associated Trustpoints: Cisco_IOS_MIC_cert

Lets set the time on the WLC. You can set the time manually which is locally stored on the WLC or via NTP server.

(Cisco Controller) >config time ?

manual         Configures the system time.
ntp               Configures the Network Time Protocol.
timezone      Configures the system's timezone

Lets look at the manual config:

(Cisco Controller) >config time manual ?
(Cisco Controller) >config time manual <MM/DD/YY> <HH:MM:SS>
(Cisco Controller) >config time manual 12/21/09 23:30:00

Lets now look at the NTP config:

(Cisco Controller) >config time ntp ?
interval       Configures the Network Time Protocol Polling Interval.
server         Configures the Network Time Protocol Servers. 

<Interval> is the polling interval the WLC will sync with the NTP server - between 3600 and 604800 (in seconds).
<Server> is the NTP server ip address. You also can index the NTP servers. By this it means you can add multple servers.

(Cisco Controller) >config time ntp server <index> <ip address>
(Cisco Controller) >config time ntp server 1 192.168.1.1 

Note: If you want to delete your NTP entry use 0.0.0.0 as your IP address.

The last part of the config is to set the time zone

I stumbled across an interesting IPhone app called dot11wavelength by The Perseus Group @ www.wirelessfabric.com. This app displays the on channel frequencies for the different 802.11a (5GHz) and 802.11g (2.4GHz) channels.

This app is helpful if you need the exact frequency for a channel in the field or if you are studying for your CWNA exam. They just updated the APP to include other country channel frequencies (JP,ES,IT, DE and FR).

I remember some of the first "home made" WiFi rigs in cars many years ago in fact I built one myself. It is no surprise to see this hit main stream. Having media and information at your finger tips is the advantage of todays technology. And lets face it, we've all done it at one point or another we needed to check email and pulled over to leech someones WiFi. However, the concern is, will this be just another distraction for drivers? I mean really.. You see it all the time, folks talking on cells and texting while diving, but now surfing?!?  From a hacking side of things ... This would make one sweet a$$ honey pot ! Talk about the information you could mine from one of these puppys !

Long over due from Cisco. If anyone uses these I would like to hear your feedback.

Cisco has just introduced three new antennas to give additional options in AP1250 installations. The ANT2451NV is a ceiling mount, dual-band omnidirectional 802.11n antenna, and the ANT2460NP and ANT5160NP are 802.11n patch antennas for 2.4GHz, and 5GHz respectively.

Please see the following part numbers, list pricing, and installation references.

• AIR-ANT2451NV-R= 2.4 GHz 3 dBi/5 GHz 4 dBi 802.11n dual band omni antenna $475

• AIR-ANT2460NP-R= 2.4 GHz 6 dBi 802.11n directional antenna $350

• AIR-ANT5160NP-R= 5 GHz 6 dBi 802.11n directional antenna $350