Subscribe
Apr
5
The following is a list of open source sniffer applications that can be used to tap into your wireless network. You can sniff from a building across, from the floor above or below you or from down the road. Basically anywhere you can pick up a signal, you can sniff. Keeping your wireless network secure is no small task, but there are precautions you can take to secure your network as much as possible. The first half of this article will list numerous wireless network detectors and sniffers and the second half will provide some tips on how to best secure your wireless network.
- Tcpdump - a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Probably the most powerful network tool available to date.
- Ethereal - a network traffic analyzer, or “sniffer”, for Unix and Unix-like operating systems.
- Kismet - an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
- RogueScanner - a network security tool for automatically discovering rogue wireless access points by canning a wired network. In addition to finding access points, it will classify all discovered network devices.
- Wlandscape - a software-tool to collect and visualize informations of wireless networks. It allows to isplay several data, such as their expansion, signal-strength and status. The single wireless networks re displayed on a topographical map.
- Wavemon - ncurses-based monitoring application for wireless network devices.
- Hotspotter - passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name, Hotspotter will act as an access point to allow the client to authenticate and associate. Once associated, Hotspotter can be configured to run a command, possibly a script to kick off a DHCP daemon and other scanning against the new victim.
- Wellenreiter - a wireless network discovery and auditing tool. Prism2, Lucent, and Cisco based cards are supported. It is one of the easiest to use linux wireless scanning tools available.
- SSIDsniff - A nifty tool to use when looking to discover access points and save captured traffic.
- Mognet - wireless ethernet sniffer/analyzer written in Java. Currently being rewritten in C++ It was designed with handheld devices like the iPaq in mind, but will run just as well on a desktop or laptop.
- WiFiScanner - Just an another passive 802.11b scanner. It can dump traffic in realtime (like tcpdump) and you can change interactively the sniffed channel.
- Airfart - a wireless tool created to detect wireless devices, calculate their signal strengths, and present them to the user in an easy-to-understand fashion.
- Airsnarf - a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots–snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.
- AirTraf - wireless sniffer that can detect and determine exactly what is being transmitted over 802.11 wireless networks. This open-source program tracks and identifies legitimate and rogue access points, keeps performance statistics on a by-user and by-protocol basis, measures the signal strength of network components, and more.
- Driftnet - a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic. In an experimental enhancement, driftnet now picks out MPEG audio streams from network traffic and tries to play them.
Every computer on your network should be configured with best security in mind. Make sure that all networking devices support the latest and most secure encryption standards. Encryption is number one defense against someone tapping in and sniffing your network. Look for devices that support WPA or WPA-2 and use extremely long, random password consisting of letters, number and symbols. In the second half of this article, I will provide additional steps you can take to better secure your wireless network.
Firstly, if you’re worried someone is snooping around your network then encrypt your browsing. Type the following in your terminal:
ssh -ND 1500 localhost
and when prompted for password, enter your local password. If you’re using Firefox, go to Tools -> Options -> Advanced -> Network -> Settings and click on radio button Manual Proxy Configuration. At the SOCKS field, enter localhost and port 1500. Save all settings. Starting at this point, all your browser activity is encrypted via the SSH tunnel. This is an easiest and most basic way of increasing security when browsing.
Second, Use 128-bit WEP or WPA/WPA-2 encryption and use extremely long, random password consisting of letters, number and symbols for your access point. Do not broadcast your SSID. Keep it to yourself.
Third, Limit access rights by doing mac filtering. Only allow MAC IDs that you identify should have access to your network.
Fourth, Limit the number of IPs that should connect to your network. If you don’t have too many users, consider limiting the maximum number of DHCP addresses the network can assign, allowing just enough to cover the users you have.
Fifth, Disable remote administration of your access point.
Lastly and the most critical. If you’re router has built in firewall then use it. If it doesn’t then use it on your network and the devices that are attached to it.
There are many more things you can do to further secure your network. The most important thing is staying alert and keep up with the latest security articles and news.
Comments
6 Comments so far
[…] Linux Wireless Network Detectors and Sniffers […]
[…] on top of latest techniques used by hackers against wireless networking. Read our previous article Linux Wireless Network Detectors and Sniffers and put the steps you’ve implemented above into test. It would be interesting to test prior to […]
Your way to quicly secure web browsing is wrong: AFAIK what you do is cyphering data from localhost to localhost, but leave it unciphered on the air (because you connect to localhost as remote).
To really cypher data on the air, you need a host _behind_ the wireless network, and to have a valid account on it.
rentals charlotte xxx adult nc video pearl xxx charlotte caught adult nc rentals video
hentai lingo bike hentai ringo lingo