|
Wireless Security Tools
Wireless Security Training
Page
For
Wireless Antenna's Try
http://www.vbnets.com/products/hardware.php?cat=antenna
I found them to be an excellent company, great value for money on the
antennae's
|
BSD - Airtools
|
|
NetBSD, OpenBSD, and FreeBSD |
dachb0den labs |
http://www.dachb0den.com
/projects/bsd-airtools.html |
|
bsd-airtools is a package that
provides a complete toolset for wireless 802.11b auditing. Namely, it
currently contains a bsd-based wep cracking application, called dweputils
(as well as kernel patches for NetBSD, OpenBSD, and FreeBSD). It also
contains a curses based ap detection application similar to netstumbler
(dstumbler) that can be used to detect wireless access points and
connected nodes, view signal to noise graphs, and interactively scroll
through scanned ap's and view statistics for each. It also includes a
couple other tools to provide a complete toolset for making use of all 14
of the prism2 debug modes as well as do basic analysis of the
hardware-based link-layer protocols provided by prism2's monitor debug
mode. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
NetStumbler
|
|
OS -- Windows
802.11b
Cards -- ORiNOCO |
|
http://www.netstumbler.com/ |
|
NetStumbler is a Windows utility for
802.11b based wireless network auditing |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
Kismet
|
|
OS -- Linux, Zaurus (Linux), iPaq
802.11b
Cards -- loads |
|
http://www.kismetwireless.net/ |
|
Kismet is a 802.11b wireless network
sniffer. It is capable of sniffing using almost any wireless card
supported in Linux, including Prism2 based cards supported by the Wlan-NG
project (Linksys, Dlink, Rangelan, etc), cards which support standard
packet capture via libpcap (Cisco), and limited support for cards without
RF Monitor support. |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
Fake AP
|
|
OS -- Linux
802.11b
Cards -- Prism2/2.5/3 based |
|
http://www.blackalchemy.to/Projects/fakeap/fake-ap.html |
|
Black Alchemy's Fake AP
generates thousands of counterfeit 802.11b access points. Hide in plain
sight amongst Fake AP's cacophony of beacon frames. As
part of a honeypot or as an instrument of your site security plan,
Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and
other undesirables. |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
Wellenreiter
|
|
OS -- Linux
802.11b
Cards -- all 3 major card types are supported |
|
http://www.remote-exploit.org |
|
Wellenreiter is a GTK/Perl program
for auditing 802.11b wireless networks. It has an embedded statistics
engine for the common parameters provided by wireless drivers, enabling
you to view details about the consistency and signal strength of the
network. Its scanner window can be used to discover access-points,
networks, and ad-hoc cards. Records the network location with GPS support. |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
AirSnort
|
|
OS -- Linux
802.11b
Cards -- Orinoco, Prism2 (wlan-ng), Cisco Aironet |
|
http://airsnort.shmoo.com/ |
|
AirSnort is a wireless LAN (WLAN) tool
which recovers encryption keys. AirSnort operates by passively monitoring
transmissions, computing the encryption key when enough packets have been
gathered |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
WaveStumbler
|
|
OS -- Linux
802.11?
Cards -- Hermes based |
|
http://www.cqure.net/tools08.html |
|
WaveStumbler is console based 802.11
network mapper for Linux. It reports the basic AP stuff like
channel, WEP, ESSID, MAC etc. It has support for
Hermes based cards |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
Wireless Scanner
|
|
OS -- Windows 2000 only
802.11b
Cards -- Orinoco, Compaq WL110 |
Internet Security Systems, Inc.,
Atlanta, Georgia |
http://www.iss.net/products_services/enterprise_protection
/vulnerability_assessment/scanner_wireless.php |
|
Internet Security Systems'
Wireless Scanner™ application
provides automated detection and security analyses of mobile networks
utilizing 802.11b WLAN (Wi-Fi) access points and clients. This unique,
cost-effective mobile platform protects mobile extensions of traditional
networks by deploying a single device to roam unobtrusively across a site
and identify unauthorized and misconfigured devices. |
|
Commercial
|
Information
Updated:18 Aug 2002
|
|
Airosniff
|
|
|
ninsei research labs |
http://gravitino.net/~bind/code/airosniff/
link down |
|
Airosniff can be used to assist in the
identification of wireless networks by sniffing SSIDs. Airosniff, for the
Cisco Aironet card allows one to seek out wireless networks |
|
Commercial
|
Information
Updated:18 Aug 2002
|
|
AiroPeek
|
|
OS -- Windows
802.11b
Cards --
Various |
|
http://www.wildpackets.com/products/airopeek |
|
AiroPeek is a comprehensive packet
analyzer for IEEE 802.11b wireless LANs, supporting all higher level
network protocols such as TCP/IP, AppleTalk, NetBEUI and IPX. Affordable
and easy-to-use, AiroPeek contains all of the network troubleshooting
features familiar to users of our award-winning EtherPeek™. In addition,
AiroPeek quickly isolates security problems, fully decodes 802.11b WLAN
protocols, and analyzes wireless network performance with accurate
identification of signal strength, channel and data rates. |
|
Commercial
|
Information
Updated:18 Aug 2002
|
|
StumbVerter
|
|
OS -- Windows
N/A
Cards -- N/A |
Sonar Security |
http://www.sonar-security.com |
|
StumbVerter is a
standalone application which allows you to import
Network Stumbler's
summary files into Microsoft's
MapPoint 2002
maps. The logged WAPs will be shown with small icons, their colour
and shape relating to WEP mode and signal strength. As the AP icons are
created as MapPoint pushpins, the balloons contain other information, such
as MAC address, signal strength, mode, etc. This balloon can also be used
to write down useful information about the AP, notes, etc. |
|
Freeware
|
Information
Updated:18 Aug 2002
|
|
AP
Scanner
|
|
OS -- Macintosh
802.11?
Cards -- ? |
|
http://homepage.mac.com/typexi/Personal1.html |
|
AP Scanner is a
small Macintosh-only application that will detect all in-range open 802.11
wireless network access points. It will show you a pretty little graph and
show potential channel conflicts.
|
|
CharityWare?
|
Information
Updated:18 Aug 2002
|
|
Sniffer
Wireless
|
|
OS -- Windows
802.11b
Cards -- Symbol Technologies
Spectrum24® Model 4121, Cisco Systems Aironet 340 and 350, Agere Systems
ORiNOCO, Enterasys RoamAbout |
Networks Associates
Technology, Inc. |
http://www.sniffer.com/products/wireless/default.asp?A=5 |
|
Sniffer Wireless was designed
in accordance with the IEEE 802.11b interoperability standard. It includes
network monitoring, capturing, decoding, and filtering-all the standard
award-winning Sniffer Pro features you already know and appreciate.
Sniffer Wireless also provides the most comprehensive 802.11b solution to
the unique aspects of wireless networks. Sniffer Wireless LAN management
tool can spot security risks in real-time, identify network problems
efficiently and reduce network-operating costs. |
|
Commercial
|
Information
Updated:18 Aug 2002
|
|
WEPcrack
|
|
OS -- Linux
802.11
Cards -- Suspect Prism |
|
http://wepcrack.sourceforge.net/ |
|
WEPCrack is an open source tool for
breaking 802.11 WEP secret keys
The current tools are Perl based, and are composed of the following
scripts:
1 - WeakIVGen.pl - This script allows a simple emulation of IV/encrypted
output that one might observe with a WEP enable 802.11 Access Point. The
script generates IV combinations that can weaken the secret key used to
encrypt the WEP traffic
2 - prism-getIV.pl - This script relies on output from Prismdump [or from
Ethereal captures if libpcap has been patched for 802.11 monitor mode],
and looks for IVs that match the pattern known to weakned secret keys.
This script also captures the 1st byte of the encrypted output and places
it and the weak IVs in a logfile.
3 - WEPCrack.pl - This script uses data collected or generated by
WeakIVGen to attempt to determine the secret key. It will work with either
40bit or 128bit WEP.
Additionaly, there is a script prism-decode.pl that will decode most
802.11 frame types. This tool is intended to be used with prismdump, but
could also be used against Ethereal 802.11 saved captures. It might be
useful for capturing SSIDs, AP MAC addresses, or authentication data. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
Prism2
|
|
OS -- Linux
802.11
Cards -- Prism2 |
|
http://hostap.epitest.fi/ |
|
This is a Linux driver for wireless LAN
cards based on Intersil's Prism2/2.5/3 chipset. The driver supports a so
called Host AP mode, i.e., it takes care of IEEE 802.11 management
functions in the host computer and acts as an access point. This does not
require any special firmware for the wireless LAN card. In addition to
this, it has support for normal station operations in BSS and possible
also in IBSS. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
SSIDsniff
|
|
OS -- Linux
802.11
Cards -- Cisco Aironet and random prism2 |
|
http://www.bastard.net/~kos/wifi/ |
|
A nifty tool to use when looking to
discover access points and save captured traffic. Comes with a configure
script and supports Cisco Aironet and random prism2 based cards. Kudos to
AC for the USR card. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
MacStumbler
|
|
OS -- Mac
802.11
Cards -- airport |
|
http://homepage.mac.com/macstumbler/ |
|
MacStumbler is a small utility
to emulate the functionality of projects like netstumbler, bsd-airtools,
and kismet. It's meant purely for educational or auditing purposes
MacStumbler only works with airport wireless cards, it does not (yet) work
with any PCMCIA or USB wireless devices. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
WaveMon
|
|
OS -- Linux
802.11
Cards -- Lucent Orinoco type |
|
http://www.jm-music.de/projects.html |
|
wavemon is a ncurses-based
monitoring application for wireless network devices. It currently works
under Linux with devices that are supported by the wireless extensions by
Jean Tourrilhes (included in Kernel 2.4 and higher), e.g. the Lucent
Orinoco cards. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
PrismStumbler
|
|
OS -- Linux
802.11b
Cards -- Prism 2 - Wlan-ng |
|
http://prismstumbler.sourceforge.net/ |
|
Prismstumbler is a wireless
LAN (WLAN) which scans for beaconframes from accesspoints. Prismstumbler
operates by constantly switching channels an monitors any frames recived
on the currently selected channel. |
|
Freeware
|
Information Updated: 01 Sep 2002
|
|
AirTraf
|
|
OS -- Linux
802.11b
Cards -- Cisco Aironet, Prism2, |
|
http://airtraf.sourceforge.net/ |
|
AirTraf is a package with many
features. It is enabled to operate as a standard real-time data gathering
tool for solving location specific problems, as well as operating as a
long-term data gathering tool for your wireless networked organization. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
MogNet
|
|
OS -- Linux
802.11
Cards -- any "monitor mode" capable |
|
http://chocobospore.org/mognet/ |
|
Mognet is a free, open source wireless
ethernet sniffer/analyzer written in Java. Currently being rewritten in
C++
It was designed with handheld devices like the iPaq in mind, but will run
just as well on a desktop or laptop. |
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
AirMagnet
|
|
Handheld Appliance (iPaq 3850)
802.11, 802.1x
included |
|
http://www.airmagnet.com/products.htm |
|
The AirMagnet Handheld Analyzer
represents a new generation of wireless network administration and
diagnostic tools. Built from the ground up to help network professionals
administer and troubleshoot 802.11 and 802.1x standards-based WLANs, it
provides a robust set of tools to quickly eliminate connection problems,
maintain network performance levels, ensure a high level of network
security and to survey and deploy wireless network. |
|
Commercial
|
Information
Updated: 01 Sep 2002
|
|
Isomair
|
|
Appliance
802.11b, 802.11a, 802.11g
Cards -- included |
Isomair
|
http://www.isomair.com/products.html |
|
The Isomair Wireless Sentry is a hardware device
which is deployed strategically around your organisation to monitor
wireless traffic in your air-space. Isomair believe this is the most
cost-effective solution to identifying performance issues and security
issues combined. The Wireless Sentry devices have a long listening range
and can detect not only "official" wireless networks but the "unofficial"
or user installed "rogue" wireless networks which represent a huge
security risk. The Sentry units are solid state, robust, centrally managed
and very low cost allowing simple and rapid deployment and redeployment
within your organisation.
Isomair Wireless Sentry listens to your air-space continuously and
identifies security threats, performance problems and new devices coming
on-air automatically. Whats more, this integrates seamlessly with your
existing management systems providing continuing value right out of the
box. |
|
Commercial
|
Information
Updated: 02 Sep 2002
|
|
Air-Jack
|
|
OS -- Linux
802.11
Cards -- Prism2 |
|
http://802.11ninja.net/ |
n
Air-Jack
Custom
driver for PrismII (HFA384x) cards
MAC
address setting/spoofing
Send
custom (forged) management frames
AP
forgery/fake AP
|
|
Freeware
|
Information
Updated: 01 Sep 2002
|
|
AirDefense IDS
|
|
Appliance
802.11
Cards -- Included |
|
http://www.airdefense.net/products/airdefense_ids.shtm |
|
AirDefense IDS is an 802.11 wireless
LAN intrusion detection and security solution that identifies security
risks and attacks, provides real-time nework audits and monitors the
health of the wireless LAN.
AirDefense IDS:
Secures a wireless LAN by recognizing intruders and attacks as they
happen
Performs real-time network audits to inventory all hardware, tracks
all wireless LAN activity and monitors for policy compliance
Monitors the health of the network to identify hardware failures,
network interferences and performance degradation. |
|
Commercial
|
Information
Updated: 20 Feb 2003
|
|
witools
|
|
OS -- FreeBSD
802.11?
Cards -- |
|
http://www.wastelands.gen.nz/wireless/index.html |
|
witools
is a small collection of utilities to aid in the exploration of 802.11
wireless networks. It currently consists of:
wimonitor
-
Continually probes the wireless interface for network information,
logging any events of interest and reporting signal quality information
via an audio device (i.e. it functions as a WaveLAN gieger counter).
Extremely flexible configuration with the ability to automatically
change modes between (Base station / Ad-Hoc) and enabled and disable
encryption. Basically all you'll ever need for a days "War Driving"
- wiget
-
enables
you to extract the various configuration settings and informational
items from a wireless device, primarily designed for use in shell
scripts (for those who want to role their own wimonitor :).
|
|
Freeware
|
Information
Updated: 03 Sep 2002
|
|
Aerosol
|
|
OS -- Windows
802.11b
Cards -- Prism2 |
|
http://www.sec33.com/sniph/aerosol.php |
|
Aerosol is easy to use wardriving
software for PRISM2 Chipset Wireless cards on Windows. Its lightweight,
written in C |
|
Freeware
|
Information
Updated: 03 Sep 2002
|
|
WLAN Expert
|
|
OS -- Windows
802.11b
Cards -- Prism |
|
http://www.allaboutjake.com/network/linksys/wlanexpert.html |
|
WLAN Expert is a wireless
client utility designed to work with the PRISM chipset by Intersil. The
Linksys WPC11 is the only client card I've tested, although many
manufacturers use this silicon. Intersil counts Alcatel, Cisco, Compaq,
Nokia, Nortel, Samsung and Siemens among its OEMs. |
|
Freeware
|
Information
Updated: 03 Sep 2002
|
|
WaveScanner
|
|
OS -- Linux
802.11?
Cards -- Prism2 |
WaveSecurity, LLC |
http://www.wavesecurity.com/wavescanner.php |
|
WaveScanner enables you to easily
detect wireless networks within the company, spot rogue networks, assess
the security and generate professional reports with detailed solutions.
|
|
Commercial
|
Information
Updated: 03 Sep 2002
|
|
WaveSentinel
|
|
OS -- Linux, Windows
802.11?
Cards -- N/A |
WaveSecurity, LLC |
http://www.wavesecurity.com/wavesentinel.php |
|
WaveSentinel enables you to manage and
monitor Access Points of different types, giving you a general view of
your wireless LAN and reducing the time you spend its administration.
|
|
Commercial
|
Information
Updated: 03 Sep 2002
|
|
