Answers to: Packet sniffing software for wireless networks

Answer by Ron

Ron — Thu, 01 Jul 2010 16:47:00 -0400

I would like to mention that all of the answers so far are very good tools, as I use them all myself and they are great. A few caveats I'd like to mention though....

1) You need a wifi card that can go into Promiscuous Mode to use aircrack-ng. I suggest an Atheros with the 512 or 512A chipset. There is a list available of compatible cards, but remember that wireless on Linux can be flakey at times, so don't rule that out of aircrack-ng doesn't work right away. Remember, ndiswrapper can be your friend.

2) The greatest weakness of security can also be it's greatest strength, and that is the end-user. Security is not a piece of software, hardware or a setting... it is a mindset. It is a way of thinking, being, and acting 24/7/365. All the network security in the World is useless if people can be social engineered or if physical security is ignored. If your network is secure, but someone steals your hard drive.... well, you get the idea.

I know your post is for tools to use to diagnose your network security, but to simply list the tools, and even how to configure and use them is only giving you PART of the answer. Your goal is beyond what tools to use, your real question and real goal is: "How do I properly assess and secure my network?"

If you have Adobe flash installed, that's a risk. If you have a . in your PATH, that is a security risk. If you login as root, that's a risk.

3) Wireless is not really able to be secured compared to wired. Nothing is 100% secure, so it's a matter of layers/depth of security.

Answer by Gani Utomo

Gani Utomo — Thu, 01 Jul 2010 12:35:37 -0400

For more serious work, I recommend using Backtrack. There you will find complete package for security. Not only wireless but also cable based network.

Basically Backtrack is a complete distro security and penetration testing. You can use it on almost any condition. Like learning it's capability in home network and then tested on public network, even in corporate network.

Answer by kainosnous

kainosnous — Thu, 01 Jul 2010 06:38:16 -0400

Kismet is a great tool. Also, you may want to look into Aircrack-ng. Usually, I use both of those and then use Wireshark packet sniffer to open the wireless card in monitor mode (it's mon0 on my system). People are often ignorant of what sort of things that they are broadcasting.

Aircrack-ng, while being good to capture packets, can also, as the name implies, help you crack encryption. This is good for instance if you are at a friend's house and they can't remember their WEP password to let you log in. However, once you see how easy that is, you might want to switch to WPA and use a strong password.

Answer by Chris 1

Chris 1 — Thu, 01 Jul 2010 05:13:28 -0400

Hi Chris

I would suggest that you look at something like kismet...it is really the best tool for wireless networks.

Cheers

Chris

Answer by Martin Filtenborg

Martin Filtenborg — Thu, 01 Jul 2010 04:33:09 -0400

Nessus.org provides a good toolsuite.