Download (direct link):
If you use a Windows Mobile/PocketPC handheld with wireless capabilities, check out the portable companion to NetStumbler, MiniStumbler. Currently compatible only with PocketPC 2002, PocketPC 3.0, and HPC2000 (until the next version comes out, anyway), this program gives you most of the functionality of NetStumbler in a truly portable platform, which is great for doing site surveys of your home or office.
Other stumblers and sniffers
A ton of network monitoring programs are available for download on the Internet. We talk about NetStumbler in detail because it’s the most popular monitoring program and is the primary tool for Windows users, but it’s not the only solution. Here are a few other programs we think you might want to try.
Check our www.digitaldummies.com site for links to the latest versions of these programs and for new additions as they become available:
MacStumbler: Found at www.macstumbler.com, this Mac OS X utility is no longer being actively developed (which means that new versions are probably not on the way), but it remains a solid tool for detecting and monitoring 802.11b and g networks for Mac users. Although its name is similar to NetStumbler’s (and so is the functionality — MacStumbler is also an active scanner), the program is not written by, or based on the code of NetStumbler. Sometimes imitation is the sin-cerest form of flattery!
Kismet: This is probably the most powerful of all scanning programs — if you’ve got a Linux PC (which we’re not covering here), get Kismet (www.kismetwireless.net). Kismet is a passive scanning program that can find any and all wireless networks within range, and scan all of the traffic going across the network. The real power of Kismet (beyond the passive scanning) is that the program can be used along with programs like Snort (www.snort.org) to become part of a wireless IDS or Intrusion Detection System.
KisMAC: Because Mac OS X is a Unix-based OS, you can actually run a version of Kismet on Mac OS X computers (check out www.dopesquad. net/security/ for the drivers needed to do this), but only with the original 802.11b AirPort card — not with the current 802.11g AirPort Extreme cards. A similar application, built from the ground up for OS X, is KisMAC (kismac.binaervarianz.de). This program provides a passive scanning capability (like Kismet, which is its inspiration), and adds in support for AirPort Extreme cards and more — including functionality that can be used to “break” WEP encryption. Use it discreetly! Figure 6-9 shows KisMAC in action.
706 Part II: Boosting Performance on Your Wireless Network
Mac OS X users can be snoopy with KisMAC.
Freeware and open source tools such as NetStumbler, Kismet, KisMAC, and the like can be very powerful tools for monitoring and observing wireless LANs. If you’ve got a really big network to plan, build, and operate, however, you might want to consider investing in a system that goes beyond simple monitoring and offers some additional planning and security measures.
On the planning side of things, these programs allow you to enter the dimensions and characteristics of your building (or outdoor space) that you plan to cover — including details like building materials, room sizes and shapes, and so on — and they use some predictive software to recommend locations for AP installations.
Added to this predictive capability is a centralized monitoring software that works in conjunction with RF sensors (basically, “passive” access points that listen rather than transmit) to perform a supercharged version of the monitoring performed by your laptop using a NetStumbler-type program.
Some of these systems include
AirMagnet: Found at www.airmagnet.com, this system is advertised as a wireless intrusion prevention system — using sensors and a centralized server, AirMagnet monitors the airwaves for unauthorized users, rogue access points, and more. You can also find laptop and handheld PC versions of the AirMagnet software for performing site surveys.
AirTight Networks: The SpectraGuard system from AirTight Networks
(www.airtightnetworks.net) is another monitoring system that combines hardware sensors and centralized server software to monitor and protect the airwaves.
Chapter 6: Better Living Through Network Monitoring 107
^ Wireless Valley: A leader in wireless network design for cellular and other wireless networks, Wireless Valley (www.wirelessvalley.com) has recently released some planning and monitoring tools for wireless LANs called LANPlanner and RF Manager to provide both up-front planning and ongoing maintenance and monitoring capabilities for large wireless LANs.
All of these products are designed (and priced!) for larger networks. The sensors, for example, are too expensive for home or small office networks. This is about to change because sensor prices are coming down rapidly. In fact, companies like AirMagnet are beginning to make partnerships with access point vendors to include sensors right in the AP (at a considerably lower price than standalone sensors). We think this trend will continue and that dedicated monitoring hardware (and the software that makes it work) will be reduced to prices that consumers can afford.