Slashdot Mirror
NetStumbler v0.4 Released
mindless4210 writes "A new version of the popular wireless network discovery tool NetStumbler was released today. Updates include support for more wireless cards, ip address reporting, new scripting features, and several bug fixes. This is the first new release since late August of 2002, over a year and a half ago. A new version of the handheld version, MiniStumbler, is also available for download."
NetStumbler v0.4.0 Release Notes
Marius Milner
Thank you for your interest in NetStumbler. It is provided to you as a convenience, at no cost and without warranty. If you don't like it, or if you feel that it doesn't quite do what you want, you are free to delete it from your system. By installing or using it, you agree to be bound by the terms of the License Agreement.
NetStumbler is "beggarware". This means that you do not have to pay for a license to use it. However if you use it and like it, please consider making a donation at http://www.stumbler.net/donate to support future development, web hosting and other costs that I incur as a result of making this software available to you. Please bear in mind that I do this as a hobby in my spare time, not as a full time job.
Commercial and Government users are strongly encouraged to donate. The suggested donation is US$50 per copy. You may donate by visiting the web site http://www.stumbler.net/donate. You can pay in a variety of ways and may send a Purchase Order if needed.
What is NetStumbler?
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
* Verify that your network is set up the way you intended.
* Find locations with poor coverage in your WLAN.
* Detect other networks that may be causing interference on your network.
* Detect unauthorized "rogue" access points in your workplace.
* Help aim directional antennas for long-haul WLAN links.
* Use it recreationally for WarDriving.
Requirements
General Requirements
The requirements for NetStumbler are somewhat complex and depend on hardware, firmware versions, driver versions and operating system. The best way to see if it works on your system is to try it.
Some configurations have been extensively tested and are known to work. These are detailed at http://www.stumbler.net/compat. If your configuration works but is not listed, or is listed but does not work, please follow the instructions on the web site.
The following are rules of thumb that you can follow in case you cannot reach the web site for some reason.
* This version of NetStumbler requires Windows 2000, Windows XP, or better.
* The Proxim models 8410-WD and 8420-WD are known to work. The 8410-WD has also been sold as the Dell TrueMobile 1150, Compaq WL110, Avaya Wireless 802.11b PC Card, and others.
* Most cards based on the Intersil Prism/Prism2 chip set also work.
* Most 802.11b, 802.11a and 802.11g wireless LAN adapters should work on Windows XP. Some may work on Windows 2000 too. Many of them report inaccurate Signal strength, and if using the "NDIS 5.1" card access method then Noise level will not be reported. This includes cards based on Atheros, Atmel, Broadcom, Cisco and Centrino chip sets.
* I cannot help you figure out what chip set is in any given card.
Firmware Requirements
If you have an old WaveLAN/IEEE card then please note that the WaveLAN firmware (version 4.X and below) does not work with NetStumbler. If your card has this version, you are advised to upgrade to the latest version available from Proxim's web site. This will also ensure compatibility with the 802.11b standard.
Other Requirements and Compatibility Issues
* Your card must be configured in such a way that it can be seen by the management software that came with the card.
* The Microsoft-provided Orinoco drivers that come with Windows 2000 do not work with NetStumbler. Please visit Windows Update or www.proxim.com and upgrade to the latest drivers.
* When NetStumbler is in "auto reconfigure" mode (the default), it will occasionally disconnect you from your network. This enables it to perform its scans accurately, and is not a bug.
* If you have the WLAN card configured to connect to a specific SSID, NetStumbler may not report any accees points other than tho
Kismet also recently announce a new version: Kismet-2004-04-R1.
Version 0.4.0 (April 21, 2004)
Fixed bug (introduced in 0.3.30) that caused "Reconfigure" to put ORiNOCO cards into a state where they would report no access points.
Support for Atheros, Atmel, Intersil Prism2 based wireless cards. Improved support for Cisco cards.
Allow use of Serial Earthmate GPS. (USB Earthmate should already work using NMEA and serial driver)
If you scroll all the way to the right of the graph view, it will auto-scroll new data.
Fixed bug (introduced in 0.3.30) in graph view: corrupted display when scrolling.
Fixed bug in graph view: improper scroll bar tracking with large data sets.
If "Reconfigure" is on, the Windows XP Wireless Zero Configuration service will be stopped when you start scanning. It is restarted when the application exits.
If you connect to a network that supports DHCP, the IP subnet is reported.
If the access point is discovered in the ARP table, its IP address is reported.
While you are scanning, the system will be prevented from going into standby unless power is critically low.
Large files load several times faster than before (though the really large ones still don't load fast enough).
A whole lot of new Scripting features.
There is the new release of iStumbler. Works pretty well.
http://www.istumbler.net/
No trees were harmed in the composition of this; however, numerous electrons were inconvenienced.
and had no idea that netstumbler is..
Q. What is Netstumbler?
A. NetStumbler is a Windows tool that allows you to discover 802.11b (and 802.11a, if using Windows XP) wireless LANs. It includes GPS integration and a simple, intuitive user interface.
Though primarily targeted at owners of wireless LANs, it has been the de facto tool for casual users such as "war drivers" since 2001.
NetStumbler 0.3 won the eWeek / PC Magazine i3 award for Innovation In Infrastructure, 2002.
I find it interesting that it isn't opensource.
Freshmeat.net can be reached at http://freshmeat.net/.
HTH
*twitch*
This is proof that open source works. We can all imagine what would happen if M$ released a product like this. Wireless is insecure enough without M$ INsecurity initiatives to make it worse.
Sorry, GNU/troll. This doesn't prove much of anything about open source.
Due to NDA restrictions on some of the underlying code, the author of Netstumbler can't publish the source code under GPL or any other license or without one. He has the right to publish the software as a complied binary, but we're never going to see the source of NetStumbler.
That means that instead of just listening to packets as they fly by, it actually sends out 802.11 frames to request info about any APs that will respond. So whereas you will get wireless nets that otherwise have no traffic at the moment, you won't get any that don't broadcast their SSID.
So to answer your question, yes, a NIDS tool could detect that you are sending out 802.11 frames at the rate of once a second. :)
But can your "regular" lan client track with a GPS and provide a comprehensive list over time?
That is the power of NS. A regular client just shows "I see this near me right now" You tell it to rescan and it updates the list, and loses all the old "finds"
NS logs them with a time and (if a GPS is avial) location you found the AP at.
-Grump
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.
for those that want passive mode (like kismet) there is Kismac. http://www.binaervarianz.de/projekte/programmieren /kismac/
Jisho - A Japanese English German Russian French Dictionary for the rest of us.
NetChaser is available for the Tungsten|C.
/me sits and waits quietly..
I haven't seen anything for Sony systems or the rare (forgot which brand) PalmOS handhelds with a CF slot.
Maybe there will be more when (if?) the SDIO 802.11 drivers get released for palms
I used to get high on life, but I developed a tolerance. Now I need something stronger.
you won't get any that don't broadcast their SSID.
umm....my $50 Netgear MR814v2 802.11b AP/router can disable beacons. Any AP should have this option.
With beacons off, it is invisible to Windows Zero Config and Netstumbler-like tools. Kismet and any other tool using RFMON mode (Airopeek is the only one on Win32 AFAIK) can still see it.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
The open source kismet is a powerful alternative to NetStumbler. For those of us who don't use Windows, this is nice ;) There is also airsnort, once again for the non-windows crowd.
Hi there
- color s/n graphs
- detection of weped networks
- detects the beacon interval for aps
- detects the maximum supported rate for aps (with prism2 cards in scan mode)
- reports if the ssid of a network is default
- export/import to wi-scan'esque log format
- support for prism2 cards (without wep detection)
- interactive display of ap statistics
- intuitive navigation hotkeys
- nmea gps support
- monitor mode support for prism2 cards
- /dev/speaker audio support for reporting detected aps and nodes
- realtime logging to file (for wi-scan'esque compatibility)
- detection of weped and adhoc networks
- detection of nodes on bss networks
- detects if a bss network uses shared or keyed authentication
- detects the maximum supported rate of aps and nodes
- detects the beacon interval for aps
- detects if bss nodes are set to connect to any network or a specified one
- partial detection of 40-bit or 104-bit encryption
Download at http://www.dachb0den.com/projects/dstumbler.html (or just install it from ports!)It will only show up if he's associated to the AP. I use Belkin AP's at work and they don't show up if I have the broadcast turned off and the card isn't set to use the SSID of the corresponding AP.
-Randy
He didn't have very heavy requirements for his internet access so I suggested just trying to use a wireless 802.11 card in his computer to see what open access points he can pick up.
Sure enough, there were about 6-7 open access points available at decent signal strength from his living room.
I suggested that as long as he doesn't do his banking & other information sensitive transactions, he should be okay "borrowing" someone elses connection.
As far as Netstumbler is concerned, I'm sure the area that he lives in yields 100s of hits. It won't take long to "stumble" onto a lot of ports.
Pocket Warrior
open source and GPL ta boot.
It is actually pretty easy to sniff a valid mac address and use your access point using that mac address.
The new version is still uncompatible, you can beat this by installing the very first set of drivers that came out with card. Happy war driving
Cheers,
Ian
Actually, Marius has stated before that one of the reasons the project can't go the GNU route is because there are elements in the software that are under NDA.
From the Feb. 1 Q&A in Marius' blog: "NetStumbler is not open source. Indeed it contains a lot of code that was developed under Non-Disclosure Agreements, and the source cannot be released to the general public - if I do so then several teams of lawyers will show up on my doorstep."
Personally, I'm thrilled that Atheros is now supported since stubling 802.11a with NDIS drivers leaves a lot to be desired.
// Agent Green (Ian / IU7 / KB1JQO)
// IEEE 802.3: All 10base Are Belong To Us
Very easy way around this. Use Kismet, capture one of the mac addys. Then what you want to do is wait til they leave. The next step is to change your Mac address with ifconfig hw . Easy enough. Walla you can now get on. FEEL SAFE NOW?
:-).
The thing is if someone wants to go through all the problems of a)breaking wep, b)changing their mac addy, c) hacking through Iptables on linux, I say let them. They obviously know of some really important data on my machine that I do not know about, maybe they can show it to me. If I were setting up a network for a client that security is an issue, I would not at all reccomend Wireless, but for home users including myself, it is convenient. I have WEP set up, the MAc address filtering set up and firewall on all my machines. More than enough, because no one would have the need to break in.
Anyway. I used to have a cool little program that gets loaded on a windows DHCP server that would load a virus to any other windows machine that would come on the network that didn't have the "antidote", cool idea, but my friend was pissed when he came over to my house to play some games on the LAN
Use cygwin to run kismet under windows: