NetStumbler
NetStumbler (also known as Network Stumbler) is a free/”beggarware” tool for Windows that can detect WiFi/Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards.
NetStumbler is commonly used for:
- Recreational WarDriving
- Verifying network configurations
- Finding locations with poor coverage in one’s WLAN
- Detecting causes of wireless interference
- Detecting unauthorized (”rogue”) access points
- Aiming directional antennas for long-haul WLAN links
- GPS integration for mapping purposes
In addition to the freely downloadble software, NetStumbler has an online forum that contains thousands of archived posts and provides a way to get help with questions and share tips and tricks related to NetStumbler.
NetStumbler Limitations
Still, there are some limitations to NetStumbler that detract from its usefulness.
- The software doesn’t officially work on Windows Vista (or Mac).
- NetStumbler isn’t 100% passive. It uses Active Scanning and sends out a probe request about once a second, and reports the responses. Normally, this isn’t a big deal but this means in a 100% no wireless zone NetStumbler can be detected.
- NetStumbler does not detect wireless stations. Access points are detected by recording which ones respond to probe requests, which also means it can not detect wireless stations since they don’t respond to probe requests.
Alternatives to NetStumbler
MacStumbler
MacStumbler is a utility to display information about nearby 802.11b and 802.11g wireless access points. It is mainly designed to be a tool to help find access points while traveling, or to diagnose wireless network problems. Additionally, MacStumbler can be used for “wardriving”, which involves co-ordinating with a GPS unit while traveling around to help produce a map of all access points in a given area.
MacStumbler requires an Apple Airport Card and MacOS 10.1 or greater. MacStumbler doesn’t currently support any kind of PCMCIA or USB wireless device.
MacStumbler works like NetStumbler and relies on responses to probe requests to discover access points. This implementation also prevents MacStumbler from detecting wireless stations or hidden networks because they don’t respond to probe requests.
iStumbler
iStumbler is the leading wireless discovery tool for Mac OS X, providing plugins for finding AirPort networks, Bluetooth devices, and Bonjour services with your Mac.
KisMAC
KisMAC is an opensource and free stumbler/scanner application for Mac OS X. It has an advantage over MacStumbler/iStumbler/NetStumbler in that it uses monitor mode and passive scanning.
KisMAC supports several third party PCMCIA cards – Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB Prism2 is supported as well, and USB Ralink support is in development. All of the internal AirPort hardware is supported as well.
An awesome table comparing many of the tools mentioned in this post is available here
Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
One of the biggest advantages of Kismet over NetStumbler is the ability to look at wireless data frames to detect wireless devices. This allows Kismet to detect access points and wireless stations.
Windows Vista netsh
In Windows Vista the “netsh” command can be used to discover access points using the format below.
netsh wlan show networks mode=bssid
Vistumbler
Vistumbler is an AutoIt script that uses the netsh to get wireless information.
Inssider
Inssider uses Windows Native WiFi API to get wireless information.
DISA Wireless Discovery Device (Flying Squirrel)
Flying Squirrel is similar to Kismet/KisMac and is the US Department of Defense’s (DoD) wireless security tool. The tool is For Official Use Only (FOUO) so no screen shot. If you have access to DoD Information Assurance Tools you can use the link below to get more info.
http://iase.disa.mil/tools/index.html
0 comments:
Post a Comment