Spying the waves

Praedor Atrebates praedor at yahoo.com
Fri Dec 12 10:14:05 EST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 10 December 2003 01:21 pm, Julien Etienne wrote:
[...]

> Now that I got my wireless card working thanks to hostap, I wonder how I
> may spy on the wireless network. In fact I live in a very dense area, and I
> would like to make sure no one fools my wireless gateway. How can I listen
> to the packets and make sure only authorized persons are on my network ?

You can use ethereal (and still maintain usability of your system) or you can
setup a separate box and use Kismet or similar "wardriving"/sniffing tool.
Ethereal will only pull in your network traffic while Kismet and the like
(airsnort, etc) can/will pull in ALL local wireless traffic it detects -
though you can lock it to your freq/channel.

Using kismet and the like renders the system unusable on any of the wireless
networks it is detecting/logging as it places the card in monitor mode.
Ethereal merely places the device in promiscuous mode which still allows net
use.  You can also use snort (not airsnort) with rules to detect and warn you
of unauthorized traffic/activity.

praedor

- - --
"We've lost more youngsters killed in Iraq in less than a year than we lost
during the first three years of the Vietnam War. And people say there's no
Vietnam analogy?"
- - --Sen. Max Cleland, Vietnam Veteran, Purple Heart Recipient
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/2dsBaKr9sJYeTxgRAvpHAKCuJmGPxwOyF1O+ZxQM0UCGymMfjgCeIs3W
P5yyMiufXY/FypciK0n+6Bo=
=bJo9
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/2ds9aKr9sJYeTxgRAic8AKCWRTLIIQCsnRHIx64FrP6FDJBOJACfYxOP
Seew+gAyQnSpq+bykYtXUzc=
=rVJ4
-----END PGP SIGNATURE-----



More information about the HostAP mailing list