Slashdot Mirror

← Back to Stories (view on slashdot.org)

Build an Open Source Network Sniffer

Posted by CmdrTaco on from the whats-that-smell-sniff-sniff dept.

An anonymous reader writes "This article reviews common issues of wireless security, and shows how to use open source software to suss out wireless networks, get information about them, and start recognizing common security problems. You will learn how build a lightweight wireless sniffer that runs on open source software and see how simple it is to interact with wireless networks."

4 of 99 comments (clear)

  1. Why not by Anonymous Coward · · Score: 1, Insightful

    just get a WPA-enabled wireless router?

  2. Better yet by Anonymous Coward · · Score: 1, Insightful

    WPA w/ a radius server running on that linux box.

  3. Simple hardware solution by pp · · Score: 4, Insightful

    Get a Linksys WRT54G (no need for GS even, you're just going to use it for sniffing), stick openwrt on it, put kismet_drone on it and off you go. Gives you your wlan traffic over good old Ethernet, and costs something like $65 nowadays.

    Or you can buy a $30-50 card for your PC which might or might not be able to do monitor mode depending on your drivers, and might or might not reliably go into monitor mode depending on the exact sequence of iwconfig/ifconfig/catting stuff into files in /proc you are doing and finally might or might not show you all the packets since the firmware hides them from you.

    Of course if you're running around with a laptop the Linksys option is a bit tricky since you need to feed power to it. For basic indoor problem-solving it's unbeatable. Unless someone comes up with a reliable source for prism2.5/3's.

    Still need to find a good 802.11a solution though.

  4. Wireless and Open Source, the sad story by Anonymous Coward · · Score: 1, Insightful
    Current status is pretty poor. Well, it isn't if you consider "open source" some stub code with a binary object file for Linux.

    Here, I would like to call everyone's attention so people get rid of the cloth in front of the eyes and see the real status: some do NOT provide info, like Conexant for their new generation prism54 (Intersil did for the first gen), Intel for their 2100 or 2200 chips or TI for the acx100. Others provide binary only drivers, like Atheros (dig in the OpenBSD source, they reverse engineered the atheros hw abstraction layer). If they do not want to help at all, fine, but do not say they are nice for PR reasons.

    For me "Open Source Network Sniffer" covers the full kernel and the apps used for the sniffing. Please, think twice before affirming something is open source (binary drivers are not, even if the stub code is open source) and also that the company is open source friendly (provide help to Linux, *BSD and similar coders, maybe even the driver, is). At this moment, the only few I know that still are pro open source drivers, or even provide support (if my investigation isn't wrong), are Realtek and Ralink (and Intersil, but it doesn't exist anymore).

    And for those that think binary is better than nothing... then why *BSD or Linux at all? If it starts with "but is wifi card" or "well, it is only the video card", I don't see why not apply that logic to the OS anyway, or all the apps too.

    Thanks for your attention.