Hack 18 Connect to the Internet with GPRS Bluetooth

Attempt to get the impossible to happen: a GPRS data connection over Bluetooth with Knoppix.

Bluetooth is a Personal Area Networking (PAN) protocol with a very limited range (the most powerful consumer devices, Class 1, have a range of 100 meters). Bluetooth allows you to connect devices together into "pairs." GPRS, or General Packet Radio Service, is a packet-switched protocol that's layered on top of the circuit-switched GSM (or IS-136 TDMA) network. This permits the use of a packet-based data service (like TCP/IP). This hack pairs your cell phone with your computer's Bluetooth adapter and uses your cell phone as a pseudo-modem device. It's not your father's modem, that's for sure. No wires needed.

GPRS connections require either a terminal or cellular connection to your given provider. GPRS dynamically allocates bandwidth by the number of available timeslots (time period allocated to one call). In turn, it allocates timeslots based on need, and therefore, you will get extra timeslots only when it's necessary. This provides a very efficient use of the spectrum and has a major benefit over Circuit Switched Data, because it doesn't need to allocate a circuit for constant use. The theoretical bandwidth limit for GPRS is 172.2 Kbps; however, this is assuming that you are able to use all eight timeslots for a given cell. In reality, most providers only let you have two to four timeslots. For instance, T-Mobile gives four RX timeslots and two TX timeslots.

2.10.1 Parts List

You need more than just a Knoppix disc and a computer to get this connection to work. You must use the following parts:

A Bluetooth adapter

I have the Belkin USB Class 1 Bluetooth adapter. I choose this because of its lack of an antenna (it's harder to break), its small form factor, and its range (advertised at 100 meters).

A cell phone

I use the Nokia 3650 that has service with T-Mobile in San Francisco. The phone has the optional VPN Internet service for unlimited data. It's an extra $20 a month and it allows for unmetered GPRS data. This should work with other providers as long as they offer GPRS data.

Using GPRS data is useful for connecting to the Internet at low speed when there is no other reliable connection around. In nearly all cases, if you can make a cell phone call, you can get online. Be warned: GPRS data roaming is very expensive.

2.10.2 Configure the GPRS connection

First select K Menu KnoppixNetwork/InternetGPRS connection. Unless you have previously configured a modem, you will be prompted to configure a device as a modem using the gprsconnect shell script. You can also run the gprsconnect script from the command line to configure a modem. Answer Yes at the prompt to move to the next window, which displays the different types of modem connections you can choose from.

The connection type window (Figure 2-13) gives you the choice between Serial, USB, IRDA, and Bluetooth connections. Select Bluetooth.

Figure 2-13. GPRS connection type window

After you select Bluetooth, the script scans for any Bluetooth devices in range. It is entirely normal for this step to take 10 to 40 seconds. If the script quickly flashes by without a progress bar and it doesn't find your phone, the Bluetooth adapter didn't even attempt a scan. Make sure that you have a working hci0 device before you attempt to scan. You can test whether you can see your Bluetooth device by issuing the hciconfig -a command:

knoppix@ttyp0[knoppix]$ hciconfig -a

hci0:   Type: USB

        BD Address: 00:0A:3A:52:3A:20 ACL MTU: 192:8  SCO MTU: 64:8

        UP RUNNING PSCAN ISCAN

        RX bytes:376 acl:0 sco:0 events:16 errors:0

        TX bytes:305 acl:0 sco:0 commands:15 errors:0

        Features: 0xff 0xff 0x0f 0x00 0x00 0x00 0x00 0x00

        Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3

        Link policy: HOLD SNIFF PARK

        Link mode: SLAVE ACCEPT

        Name: 'Knoppix-0'

        Class: 0x000100

        Service Classes: Unspecified

        Device Class: Computer, Uncategorized

        HCI Ver: 1.1 (0x1) HCI Rev: 0x20d LMP Ver: 1.1 (0x1) 

        LMP Subver: 0x20d

        Manufacturer: Cambridge Silicon Radio (10)

In the event that the script doesn't find a device (and it did actually scan), it prompts you for the address of the hidden Bluetooth device. Use the hcitool program to manually scan for discoverable Bluetooth devices:

knoppix@ttyp0[knoppix]$ sudo hcitool scan

Scanning ...

        00:0A:D9:7D:B8:93       Get Hacked :-)

        00:60:57:4F:49:98       Fonbot

After you find your device and its address, enter the address at the prompt. Assuming that the script finds your device, it will present you with a list of devices. Select your device (in my case, Fonbot) and click OK.

Next, you are prompted for your Bluetooth PIN. Nearly all phones and Bluetooth devices default to a PIN of 1234, just like my luggage combination—a very strong default password; it's clearly hard to guess.

The next screen asks you if you would like to set /dev/modem to point to your newly configured device. Click "Yes."

You are now given a list of cell phone providers to choose from (Figure 2-14). This is the tricky part. My Nokia 3650 has service with T-mobile in San Francisco, but if you choose the Knoppix default of T-Mobile, it does not work. This means I have to manually enter the correct init string for my provider, so I select Other.

Figure 2-14. List of GPRS providers

If you select Other, you are asked to enter the custom init string for GPRS. The init string for T-mobile in the USA is:

AT+CGDCONT=1,"IP","internet3.voicestream.com"

I suggest you call your service provider and ask for the correct custom init string. You may also find your answer by searching on the Internet.

The next window that appears warns you that GPRS use can cause high costs due to high traffic volume. This phone has the unlimited T-Mobile data service, so I won't worry about this.

Now that the Bluetooth connection between the phone and the computer is created, the Nokia brings up a prompt that asks for the passcode for knoppix-0 (the default name for the Bluetooth device in Knoppix). Enter the passcode (in my case, 1234) and press OK on the phone.

You are then prompted on the computer for the outgoing Bluetooth PIN—in my case, 1234. The phone now asks you to "Accept connection request from Knoppix-0?" On the phone, select "Yes," and Knoppix attempts to create a GPRS connection and launches a terminal that displays the connection attempt. In this log, you are able to watch each step of the connection and tell whether the connection succeeded or failed.

Here is an example ppp0 configuration after a successful connection:

knoppix@ttyp0[knoppix]$ sudo ifconfig ppp0

ppp0      Link encap:Point-to-Point Protocol

          inet addr:208.54.115.125  P-t-P:10.6.6.6  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1

          RX packets:65 errors:0 dropped:0 overruns:0 frame:0

          TX packets:101 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3

          RX bytes:5282 (5.1 KiB)  TX bytes:8230 (8.0 KiB)

And here is the full output of pppd that you can see in the log window:

Jun 10 06:46:35 Knoppix pppd[2153]: pppd 2.4.2 started by root, uid 0

Jun 10 06:47:53 Knoppix chat[2244]: timeout set to 120 seconds

Jun 10 06:47:53 Knoppix chat[2244]: abort on (BUSY)

Jun 10 06:47:53 Knoppix chat[2244]: abort on (ERROR)

Jun 10 06:47:53 Knoppix chat[2244]: abort on (NO CARRIER)

Jun 10 06:47:53 Knoppix chat[2244]: send (ATE1^M)

Jun 10 06:47:54 Knoppix chat[2244]: expect (OK)

Jun 10 06:47:54 Knoppix chat[2244]: ATE1^M^M

Jun 10 06:47:54 Knoppix chat[2244]: OK

Jun 10 06:47:54 Knoppix chat[2244]:  -- got it 

Jun 10 06:47:54 Knoppix chat[2244]: send (AT+CGDCONT=1,"IP",

"internet3.voicestream.com"^M)

Jun 10 06:47:55 Knoppix chat[2244]: expect (OK)

Jun 10 06:47:55 Knoppix chat[2244]: ^M

Jun 10 06:47:55 Knoppix chat[2244]: AT+CGDCONT=1,"IP",

"internet3 voicestream.com"^M^M

Jun 10 06:47:55 Knoppix chat[2244]: OK

Jun 10 06:47:55 Knoppix chat[2244]:  -- got it 

Jun 10 06:47:55 Knoppix chat[2244]: send (ATD*99***1#^M)

Jun 10 06:47:55 Knoppix chat[2244]: expect (CONNECT)

Jun 10 06:47:55 Knoppix chat[2244]: ^M

Jun 10 06:47:55 Knoppix chat[2244]: ATD*99***1#^M^M

Jun 10 06:47:55 Knoppix chat[2244]: CONNECT

Jun 10 06:47:55 Knoppix chat[2244]:  -- got it 

Jun 10 06:47:55 Knoppix chat[2244]: send (\d)

Jun 10 06:47:56 Knoppix pppd[2153]: Serial connection established.

Jun 10 06:47:56 Knoppix pppd[2153]: Using interface ppp0

Jun 10 06:47:56 Knoppix pppd[2153]: Connect: ppp0 <--> /dev/modem

Jun 10 06:47:57 Knoppix pppd[2153]: Warning - secret file 

/etc/ppp/pap-secrets has world and/or group access

Jun 10 06:47:58 Knoppix pppd[2153]: Warning - secret file 

/etc/ppp/pap-secrets has world and/or group access

Jun 10 06:47:58 Knoppix pppd[2153]: PAP authentication succeeded

Jun 10 06:48:13 Knoppix pppd[2153]: local  IP address 208.54.116.45

Jun 10 06:48:13 Knoppix pppd[2153]: remote IP address 10.6.6.6

Jun 10 06:48:13 Knoppix pppd[2153]: primary   DNS address 66.94.25.120

Jun 10 06:48:13 Knoppix pppd[2153]: secondary DNS address 66.94.9.120

2.10.3 Connection Errors

If the connection is successful, but then you get disconnected, you may notice an error in the pppd log that looks something like this:

Jun 10 06:49:58 Knoppix pppd[2153]: No response to 4 echo-requests

Jun 10 06:49:58 Knoppix pppd[2153]: Serial link appears to be disconnected.

Jun 10 06:49:59 Knoppix pppd[2153]: Connection terminated.

Jun 10 06:49:59 Knoppix pppd[2153]: Connect time 2.1 minutes.

Jun 10 06:49:59 Knoppix pppd[2153]: Sent 23896 bytes, received 93053 bytes.

To fix this error, you have to edit your PPP options. In the file /etc/ppp/options are two options you need to change:

lcp-echo-interval 30

lcp-echo-failure 4

The lcp-echo-interval variable controls how many seconds between each echo request, and the lcp-echo-failure variable controls how many failed echo requests to allow before giving up. Experiment with changing lcp-echo-interval and lcp-echo-failure to higher values so you will not be disconnected as quickly. If you come across no carrier errors, such as after a forced disconnect, you will probably see the following log output:

Jun 10 06:53:19 Knoppix chat[2732]: timeout set to 120 seconds

Jun 10 06:53:19 Knoppix chat[2732]: abort on (BUSY)

Jun 10 06:53:19 Knoppix chat[2732]: abort on (ERROR)

Jun 10 06:53:19 Knoppix chat[2732]: abort on (NO CARRIER)

Jun 10 06:53:19 Knoppix chat[2732]: send (ATE1^M)

Jun 10 06:53:19 Knoppix chat[2732]: expect (OK)

Jun 10 06:53:19 Knoppix chat[2732]: ^M

Jun 10 06:53:19 Knoppix chat[2732]: NO CARRIER

Jun 10 06:53:19 Knoppix chat[2732]:  -- failed

Jun 10 06:53:19 Knoppix chat[2732]: Failed (NO CARRIER)

Wait until pppd tries to auto-reconnect, and the second time around, it should work. If this still fails, turn off the phone and start again.

Once you are connected, use the connection like any other Internet connection. On average, I can get between 1 and 3 Kbps, just enough for a shell connection or some web browsing. When you are finished, disconnect by pressing Ctrl-C in the GRPS connection terminal.

—Jake Appelbaum