Differences between revisions 8 and 9
Revision 8 as of 2002-09-04 09:54:31
Size: 11688
Editor: cpe-66-87-95-73
Comment:
Revision 9 as of 2002-09-04 09:56:02
Size: 11688
Editor: cpe-66-87-95-73
Comment:
No differences found!

More and more WirelessSniffers are becoming available. These could be quite useful. If you are aware of one that we don't have listed, know more about one then we do or have comments/thoughts about them please list them here.

TableOfContents

Open Source / Free

Airsnort (Linux / BSD?)

  • http://airsnort.shmoo.com AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

Airosniff by ninsei research labs (FreeBSD)

  • http://gravitino.net/~bind/code/airosniff/ Airosniff can be used to assist in the identification of wireless networks by sniffing SSIDs. Airosniff, for the Cisco Aironet card allows one to seek out wireless networks, auto-config the card for sniffing and perform access point vendor identification.

APsniff (Windows)

Aerosol (Windows)

Ethereal (Linux or FreeBSD)

  • http://www.ethereal.com/ Ethereal is a GUI sniffer which understands 802.11b frames. Unfortunately right now the only way to get wireless frames into Ethereal is to use Linux 2.4.6 (or custom patches to 2.2.19) or the latest bleeding edge FreeBSD (version ??) and patches to Libpcap (or the current CVS version, or 0.7 beta version, from tcpdump.org; see below) and BPF. Ethereal works great under Free BSD 2.5, which is stable. It is in the ports directory (2/14/2002 Rich Gibson).

    • cd /usr/ports/net/ethereal
    • (as root) make install clean
    • rehash
    • ethereal - pick your interface, wi0, and Bob's your uncle.

Kismet (Linux)

===MacStumbler (Mac OS X)=== * http://homepage.mac.com/macstumbler/ Wireless scanning tool for the Apple Airport. It is a Beta, but I have not had any problems with it.

Mognet (Java/Linux)

  • http://chocobospore.org/mognet/ Still in early beta but looks promising. Requires the latest libpcap (newer then 0.6.2) and the java libraries to interface to libpcap.

NetStumbler (Windows)

  • The de facto sniffer for Hermes based cards. -- MariusMilner

Prism2Dump (*BSD)

  • Thsi is a tool that puts a Prism2Card into the wireless equivelent of promiscuous mode. I believe there is a Linux version around somewhere as well but I'm not sure where. -- AdamShand

Prism Dump (??)

  • http://developer.axis.com/software/tools/ ... Anyone got more info on this?

    I'm assuming this refers to the prismdump utility from Axis Communications, which "is a program intended for use with Intersil's PRISM-II based wireless LAN (WLAN) adapters and Ethereal (version 0.8.14 or later)". It captures 802.11 traffic and saves it in libpcap format, so the captures can be read by the current version of Ethereal (see above) and the 3.7 beta and current CVS versions of tcpdump (see below). -- Guy Harris (guy@alum.mit.edu)

TCPDump (Linux or FreeBSD)

  • http://www.tcpdump.org/ ... Install Linux and tcpdump on your computer. Run tcpdump. See all the network traffic of your wireless net. tcpdump doesn't care that it is a wireless net, so you only see the network traffic, not the 802.11 specific information. Works great.

    • My understanding is that this is not quite the same, the Linux box can only see what it can associate with and I'm not sure you get promiscuous mode. The wireless sniffers above will actually sniff everything that's out there and show you all the ESSID's and channels in use, signal strength etc. For straight IP debugging though tcpdump is a great cheap alternative. -- AdamShand

    True - You don't get all the same features that the commercial products offer. It only will give you information on networks that you associate with. However you can put the wireless network card into promiscous mode and sniff all the IP traffic that is going across it, even between two other computers. Also even if the AP has MAC address security, you can still sniff the packets going across the network, you just can't send any packets out. (Tested with Mac Airport (Client), UGate 3300 AP in BSS Mode, and Linux Laptop with Lucent Gold Card) -- TerrySchmidt

    • The current CVS version of tcpdump (available from the www.tcpdump.org Web site), and the 3.7 beta version, can dissect raw 802.11 packets; the current CVS, and 0.7 beta, versions of libpcap allow it (and Ethereal) to capture raw 802.11 packets on Linux and FreeBSD systems with the appropriate drivers (as per the comment in the section on Ethereal). -- Guy Harris (guy@alum.mit.edu)

wavemon (Linux)

  • http://www.jm-music.de/projects.html A text-mode/curses wireless utility. Shows basically all the iwconfig info in a screen that refreshes itself. It also has a histogram of signal strength and a list of in-range APs, although I have yet to see that feature work. Its the best text-mode way Ive seen of monitoring signal strength and thats what I use it for. -- DonPark wavemon 0.3.3 has problems with multiple wireless interfaces, the -i option is broken. A bug report has been submitted to the author. You can get a useful (but not as pretty) display by issuing the command 'watch "cat /proc/net/wireless"'.

Wellenreiter

  • http://www.remote-exploit.org/projects.php Did you ever try to scan for any networks on the road. Try Wellenreiter. Wellenreiter is a gtkperl program that makes the discovery and the audit of 802.11b wireless-networks much easier. It has an embedded statistic engine for the common parameters provided by the wireless drivers which enables you to fetch the detail about the consistency and signal strength etc of the network.For discover accesspoints / networks / ad-hoc cards, Wellenreiter got an amazing easy scanner window. It searches for any accesspoint in the range of the scanning device. It detects and differs essid boradcasting or non-broadcasting wireless networks in every channel,doing frequency switching automaticly. The manufactor is detected by the devices MAC-Address. WEP detection is also implemented and Wellenreiter detects and differs wherever the beacon broadcasting machine is an true accesspoint or an AD-Hoc mode station.

wlandump (Linux-WLAN $0?)

WLAN Expert (Windows $0?)

Commercial

Airopeek from Wild Packets (Windows $1995 on 16 March 2001)

  • http://www.wildpackets.com/products/airopeek "Airopeek is a comprehensive packet analyzer for IEEE 802.11b wireless LANs, supporting all higher level network protocols such as TCP/IP, Appletalk, NetBEUI, and IPX. Affordable and easy-to-use, Airopeek contains all of the network troubleshooting features familiar to users of our award-winning Etherpeek. In addition, Airopeek quickly isolates security problems, fully decodes 802.11b WLAN protocols, and expertly analyzes wireless network performance with accurate identification of signal strength, channel and data rates."

AP Scanner ($5 for comercial use)

Grasshopper from Berkeley Varitronics (~$2800)

  • http://www.bvsystems.com/Products/WLAN/Grasshopper/grasshopper.htm

  • http://lists.bawug.org/pipermail/wireless/2001-March/000540.html "Grasshopper[tm] is a handheld, wireless receiver designed specifically for sweeping and optimizing Local Area Networks. The instrument measures coverage of direct sequence CDMA networks which operate on the IEEE 802.11b standard allowing the user to measure and determine the AP (AccessPoint), PER (Packet Error Rate) and RSSI signal levels aiding in locating the hub and access points throughout a building. Grasshopper detects and differentiates from narrow-band multipath interferences such as microwave ovens and frequency hopping systems and features a built-in display, keypad and removable battery pack for true portability."

Sniffer Wireless from Network Associates (Windows $??)

  • http://www.sniffer.com/products/wireless/default.asp?A=5 "Sniffer Wireless was designed in accordance with the IEEE 802.11b interoperability standard. It includes network monitoring, capturing, decoding, and filtering-all the standard award-winning Sniffer Pro features you already know and appreciate. Sniffer Wireless also provides the most comprehensive 802.11b solution to the unique aspects of wireless networks. Sniffer Wireless is the industry-first Wireless LAN management tool that can spot security risks in real-time, identify network problems efficiently and reduce network-operating costs."

Teletronics 2MB & 11MB Card and Utility Software (<$100.00)

  • Contact Rick Lindahl at rickl@invictusnetworks.com or 503-635-2562

    • Teletronics has a nice color coded bar graph type, realtime monitor for watching 2.4GHz activity in a given area. It works only on their 2 & 11meg cards By using directional and/or omnidirectional antennas you can see how much RF activity is in a given area. Very inexpensive and quite functional for initial site surveys (updated 12-31-01 RickLindahl)

Isomair Wireless Sentry ($)

* Contact info@isomair.com, or +44(0)20-7940-0070

  • Isomair provide a wireless scanning device, the Wireless Sentry. This innovative product offers intrusion detection, auditing, performance management and many other advanced features. In addition the Wireless Sentry can be used for remote packet capture in enterprise wireless network environments. The device is intended to be infrequently moved, and provides permanent visibility of your wireless networks and remote controlled packet capture features. No more walking around your buildings looking for wireless networks, and highly cost effective remote data capture, avaliable now!


[CategorySoftware]

WirelessSniffer (last edited 2011-08-03 09:07:42 by ppp-70-128-110-20)