Let's talk wireless assholes..

[verbal]

Someone had me order them a cantenna and a usb network adapter to try and increase their internet jacking capabilities.

The cantenna: http://www.cantenna.com/
The adapter: http://www.hawkingtech.com/products/pro ... ProdID=302


The problem I'm having is the wireless tool that comes with the Hawking adapter sucks. Netstumbler shows 15 networks and the Hawking tool shows only a few. Does anyone know of an alternate connectivity tool?

[Shlomart Ben Yisrael]

What's wrong with Netstumbler? It's pretty good.

For cracking, try aircrack-ng.

[ElTaco]

One of the best Live CDs for vulnerability testing, especially wireless is the Helix Live CD from http://www.e-fense.com/helix/. These guys are fairly knowledgeable in the field as they have extensive background in security/vulnerability testing and teach many courses on it, as well run a company that does it. Anyway, this has a lot of tools including 'Kismet' which is fairly awesome for doing some hacking/vulnerability scanning. Netstumbler is another as already mentioned that is for windows, which is nice.

There are a ton of other ones out there, that are similar or do very specific things, although I think Kismet and Netstumbler are a few of the ones that have been around a fairly long time. I would also say that you might want to do some research on the cards you use to actually sniff networks. For straight usage, it doesn't really matter what you have, but for wardriving, vulnerability scanning, I'd say you may actually want to go with some older cards from Cisco or an older Prism card as these cards have some nice hardware support for scanning networks. You can get an older Cisco 802.11b card and sniff B and G networks and one of the older Prism cards (PCMCIA) has an input for an external antenna, which is nifty. Of course some of these don't help for the 802.11A networks and may have limited support for the n networks.

As always, ebay can be your friend.
http://cgi.ebay.com/Cisco-Aironet-350-P ... 3:1|294:50

I think I did a long writeup once about this very topic, about 6 years ago now so I think that may have been back at one of the other boards but someone may still have it somewhere.

[verbal]

What's wrong with Netstumbler? It's pretty good.

For cracking, try aircrack-ng.

But I can't actually use Netstumbler to connect to a network..can I?

[Shlomart Ben Yisrael]

What's wrong with Netstumbler? It's pretty good.

For cracking, try aircrack-ng.

But I can't actually use Netstumbler to connect to a network..can I?

If the network is unsecured (probably showing as an unlocked icon) it's yours to rape.

If the network is WEP protected, simple packet sniffing will uncover their security sometimes in a matter of minutes.

If the network is WPA protected...well...a little harder...but try aircrack-ng.

[Dinsdale]

If the network is WEP protected, simple packet sniffing will uncover their security sometimes in a matter of minutes.

Can you elaborate on this? I'm familiar with the very basics of sniffing, but was curious if you had suggestions on procedures and tools and whatnot?


The particular use I might have for this is at another location, and my only access would be to an XP machine (which the software you linked to doesn't seem to like).

[Mrs. Vogel]

Packet-sniffing...please tell me more. I dont think Dan reads this forum.

://sob...

[Goober McTuber]

Packet-sniffing...please tell me more. I dont think Dan reads this forum.

://sob...

Let’s talk about your wireless asshole.

[ElTaco]

If the network is WEP protected, simple packet sniffing will uncover their security sometimes in a matter of minutes.

Can you elaborate on this? I'm familiar with the very basics of sniffing, but was curious if you had suggestions on procedures and tools and whatnot?


The particular use I might have for this is at another location, and my only access would be to an XP machine (which the software you linked to doesn't seem to like).

WEP has a simple problem. When you share the key to log on to the Access Point and also use the same key to encrypt the traffic, you can, given enough packets and information and a little time, derive the key. Now WEP can actually be very secure, you just can't use it with a Shared-Key setting and have to choose a long key. Problem is if you only use it to encrypt your traffic, you're traffic will be secure, but your network will not be...

So the Point is, with a software like Kismet and a good Wireless card, you can easy sniff packets going over the air and then run some simple cracking algorithm to find the Key or to decrypt the actual data being sent.

Again, I'd say your best tools are Kismet (linux) and Netstumbler (windows) but these are not your only options by any means. Aircrack-ng/ptw are fairly nifty and AirSnort is fairly well known (although AirSnort is no longer maintained). I've run into Cain & Abel a few times and WepCrack has been around for quite a while.

Once again I'll point out that if you are really going to sniff, it is beneficial to use some older cards from Cisco, like the one I mentioned in a previous post. Also, running some of these tools on Linux means less Windows security features to get in the way of easy scanning and hacking. There are a number of Live CDs with these tools on them.


Of course anyone who knows what they are doing will be using WPA with a good password or WPA-2 and/or using a Wireless AP and then a VPN tunnel to secure the data into the network.

[verbal]

Who here has used BackTrack? I understand that can bee booted from a usb?

[Dinsdale]

I've run into Cain & Abel

Seems to be the best sniffer freeware for Windows, as far as I can tell.


Even installed it on the other machine in question. Banging my head against the wall trying to figure out why it won't see my adapter, though... seems to be my only problem with it at present.