Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wi-Fi Network Monitoring Tools?

Posted by Cliff on from the watching-those-airborne-packets dept.

Brian the Wise asks: "For all of you with large and/or complex wireless networks out there, what tools (commercial or otherwise) do you use to keep an eye on the health and state of your network? I'm not only interested in the security/IDS side of things, but also bad packets, reflections, clients flip-flopping between APs, etc. I've looked at all the usual open source projects, and so far Kismet comes the closest to my needs, but the wireless drivers on Linux do too much sanitizing of packets so I never see the bad ones. I know the FreeBSD drivers show more, but some of the advanced stuff (ie extra info from the Cisco Aironet drivers) is not supported by tcpdump or ethereal. Is there anything I can do besides getting up close and personal with the Linux network stack and drivers?"

12 of 29 comments (clear)

  1. Is there anything I can do by Anonymous Coward · · Score: 2, Funny

    Is there anything I can do besides getting up close and personal with the Linux network stack and drivers?

    Maybe.

  2. Prism2 / Wlan-ng by Aliencow · · Score: 4, Interesting

    With my cheap linksys Prism2 card and the Wlan-ng (well that was a while ago, but I supposed the most recent versions are at least as good) I used to see a lot of bad packets in Kismet... What sucks is that there's no way any driver will report signal strength accurately...to do that maybe a radio scanner would be the best tool..

  3. I can see it already... by poofmeisterp · · Score: 2, Funny

    ...an SNMP-enabled wireless card, followed by every other brand within 6 months.

  4. Get one of these by bluewee · · Score: 5, Informative

    I say get one of these: http://www.proxim.com/products/wifi/client/abgcard /index.html This is a Scanner tool, I find it to be usually faster and better at finding access points / cards. http://www.wellenreiter.net/

    --
    [blue] - The Ministry of Information approved this message...
  5. Security by bluewee · · Score: 3, Informative
    http://airsnort.shmoo.com/ after looking at this page, I havent tried the software yet, but it seems that it would be quite easy to break a WEP secured system.

    What should I do to allow for secure wireless internet access?

    --
    [blue] - The Ministry of Information approved this message...
    1. Re:Security by x736e65616b · · Score: 2, Insightful

      Yeah, because people love explicitly setting up every tcp connection they use.

      One day someone will have to teach slashdot readers the meaning of the word "transparent" and why it's important.

      -j

  6. Re:Best Linux supported Wi-Fi card? by Anonymous Coward · · Score: 3, Informative

    Senao Card info (they appear to be good cards - and Linux support is good since they're Prism-based)

    This page lists cards by receive sensitivity. IIRC, the Demarc/Senao/Engenius cards at the top of that list are all Prism-based and have antenna ports.

  7. Just use Kismet by The+Tyro · · Score: 4, Interesting

    I keep an eye on my wireless subnet with a separate box running kismet... tells me everything I need to know.

    Heh... it also told me immediately the first time my neighbor fired up his brand-spanking-new access point. I went over to his house (where he was washing his car) and asked him if he'd gotten a new AP for christmas? (nod) a Linksys? (another nod) running on channel 6? (confused look and another nod)... I briefly explained wireless network surveillance/network sniffers, and gave him some basic tips on WEP, disabling SSID broadcasting, and MAC address filtering. He thinks I'm some kind of hacker now... got a feeling I'll be getting some "tech support" calls from their place...

    Works for me, and it's free... works well with the prism2-based cards. I bought a bunch of these: and they work great with the wlan drivers.

    Your mileage may vary, of course.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
  8. The obvious answer by Asmodeus · · Score: 3, Funny

    "For all of you with large and/or complex wireless networks out there, what tools (commercial or otherwise) do you use to keep an eye on the health and state of your network?"

    Its called a user ;-)

    Asmo

  9. Re:Best Linux supported Wi-Fi card? by dublin · · Score: 5, Insightful

    What is the best, high powered 100mw-200mw, high sensitivity receiver pcmcia/pccard adapter you can buy that works great with Linux? External antenna ports are a plus.

    I have looked at the Senao 200mw cards and am thinking about buying one, good or bad choice?

    I did a pretty thorough review of a bunch of (Globespan-Virata, nee Intersil) Prism chipset-based cards for my new startup just a few months ago, and the Senao is far and away the best, although the ubiquitous and very inexpensive Netgear MA401 was surprisingly good for the money, among lower-power cards. (I've heard some people say they don't like these, but I own several, purchased at different times, and all seem better than the average of other Prism-based cards. YMMV.)

    The thing that makes the Senao cards great, surprisingly, isn't its high-power transmitter though (other companies offer those, too), but rather the fact that Senao's engineers were sharp enough to realize that a better transmitter doesn't really do much good without a better reciever to go with it.

    The receiver is the weak spot in most Wi-Fi cards, and better performance here *really* pays off in the real world, which is why there are so many Senao fans among those building wireless setups that *need* to work.

    FWIW, I think external antennae are a PITA if you're moving around, none of the tiny coax connectors are really going to stand the large number of mating cycles required to remove and reinstall the antenna everytime you relocate your laptop. If you really have to have the exteranl (for instance, if you plan to use it in a fixed installation in the future), you can get the compact "vampire tooth" antennae to snap into the Senao's MMCX connector from Netgate.com. (No connection, other than as a happy customer and friendships with the owners from when they lived here in Austin.)

    These comments apply only to Senao's 802.11b Prism-based products. Their newer cards are based on chipsets from other vendors (Atheros Mercury for 802.11b/g, among others) , and I've heard those are not nearly so superior to their competition. (Not to mention you have to decide if Broadcom is right in thier claims that Atheros violates the spec., thus "poisoning the waterhole" by slowing other vendors' 802.11b radios in the vicinity to a crawl. I don't know if this is real or not yet, but anecdotal evidence seems to support it, although I don't use G myself...)

    --
    "The future's good and the present is nothing to sneeze at." - Roblimo's last ./ post
  10. Many products reviewed... by raga · · Score: 3, Informative

    ... here.

    cheers- raga

  11. WiFi Monitoring by plwweasel · · Score: 4, Informative

    there are really only 2 commercial vendors out there that do monitoring/management/configuration management of wireless networks. Airwave and WaveLink I have used both and would advise anyone to go with Airwave. Currently using them to management 1000+ Access Point network and working to extend that out to manage the other 5000 that are not being managed.