Wi-Fi Network Monitoring Tools? 29
Brian the Wise asks: "For all of you with large and/or complex wireless networks out there, what tools (commercial or otherwise) do you use to keep an eye on the health and state of your network? I'm not only interested in the security/IDS side of things, but also bad packets, reflections, clients flip-flopping between APs, etc. I've looked at all the usual open source projects, and so far Kismet comes the closest to my needs, but the wireless drivers on Linux do too much sanitizing of packets so I never see the bad ones. I know the FreeBSD drivers show more, but some of the advanced stuff (ie extra info from the Cisco Aironet drivers) is not supported by tcpdump or ethereal. Is there anything I can do besides getting up close and personal with the Linux network stack and drivers?"
Is there anything I can do (Score:2, Funny)
Maybe.
Prism2 / Wlan-ng (Score:5, Interesting)
why do people use WEP ? why not IPsec i.e. IPv6 ? (Score:2)
so thats
win2k and winXP
linux
*nix
*BSD
MacOS X panther
the router could even understand mobileIP and then things would be sweet !
(same IP no matter where you roam)
tell me ?
regards
John Jones
I can see it already... (Score:3, Funny)
Best Linux supported Wi-Fi card? (Score:2)
I have looked at the Senao 200mw cards and am thinking about buying one, good or bad choice?
Re:Best Linux supported Wi-Fi card? (Score:3, Informative)
This page [freenetworks.org] lists cards by receive sensitivity. IIRC, the Demarc/Senao/Engenius cards at the top of that list are all Prism-based and have antenna ports.
Re:Best Linux supported Wi-Fi card? (Score:5, Insightful)
I have looked at the Senao 200mw cards and am thinking about buying one, good or bad choice?
I did a pretty thorough review of a bunch of (Globespan-Virata, nee Intersil) Prism chipset-based cards for my new startup just a few months ago, and the Senao is far and away the best, although the ubiquitous and very inexpensive Netgear MA401 was surprisingly good for the money, among lower-power cards. (I've heard some people say they don't like these, but I own several, purchased at different times, and all seem better than the average of other Prism-based cards. YMMV.)
The thing that makes the Senao cards great, surprisingly, isn't its high-power transmitter though (other companies offer those, too), but rather the fact that Senao's engineers were sharp enough to realize that a better transmitter doesn't really do much good without a better reciever to go with it.
The receiver is the weak spot in most Wi-Fi cards, and better performance here *really* pays off in the real world, which is why there are so many Senao fans among those building wireless setups that *need* to work.
FWIW, I think external antennae are a PITA if you're moving around, none of the tiny coax connectors are really going to stand the large number of mating cycles required to remove and reinstall the antenna everytime you relocate your laptop. If you really have to have the exteranl (for instance, if you plan to use it in a fixed installation in the future), you can get the compact "vampire tooth" antennae to snap into the Senao's MMCX connector from Netgate.com. (No connection, other than as a happy customer and friendships with the owners from when they lived here in Austin.)
These comments apply only to Senao's 802.11b Prism-based products. Their newer cards are based on chipsets from other vendors (Atheros Mercury for 802.11b/g, among others) , and I've heard those are not nearly so superior to their competition. (Not to mention you have to decide if Broadcom is right in thier claims that Atheros violates the spec., thus "poisoning the waterhole" by slowing other vendors' 802.11b radios in the vicinity to a crawl. I don't know if this is real or not yet, but anecdotal evidence seems to support it, although I don't use G myself...)
Get one of these (Score:5, Informative)
Security (Score:3, Informative)
What should I do to allow for secure wireless internet access?
Re:Security (Score:2)
802.11i should fix the majority of WEP's problems. The bad news is that most currently available access points will not be software upgradeable to the 802.11i standard.
Jason
Re:Security (Score:2)
Well, what I'd do (though I'm not in IT, and I can see the maintenance and usability hassles here) would be to tunnel SSH from the wireless client to a host just on the wired side of the wireless network. From there, unencrypted transmissions can go across the wire with whatever degree of security you've got on the wires.
Problems: Users may have trouble knowing the difference between a secure and an insecure connection; troublesome to updat
Re:Security (Score:2, Insightful)
One day someone will have to teach slashdot readers the meaning of the word "transparent" and why it's important.
-j
Re:Security (Score:2)
Just use Kismet (Score:5, Interesting)
Heh... it also told me immediately the first time my neighbor fired up his brand-spanking-new access point. I went over to his house (where he was washing his car) and asked him if he'd gotten a new AP for christmas? (nod) a Linksys? (another nod) running on channel 6? (confused look and another nod)... I briefly explained wireless network surveillance/network sniffers, and gave him some basic tips on WEP, disabling SSID broadcasting, and MAC address filtering. He thinks I'm some kind of hacker now... got a feeling I'll be getting some "tech support" calls from their place...
Works for me, and it's free... works well with the prism2-based cards. I bought a bunch of these: [netgear.com]and they work great with the wlan drivers.
Your mileage may vary, of course.
Re:Just use Kismet (Score:1)
in my opinion, he's being a good neighbor by sharing the details of next-doors wlan setup. if his neighbor gets hacked, its only a short time until his net would be next in line for attention
Re:Just use Kismet (Score:1, Funny)
i keep waiting for my neighbors to do the same thing
The obvious answer (Score:4, Funny)
Its called a user
Asmo
AirDefense (Score:1, Informative)
It ain't cheap, however.
It also does so much reporting that you need to go in an turn some of the alarms off because it's usually too sensitive.
If you're trying to do it on the cheap, I suggest Kismet with WRT54G remote sensors. It's not the best solution in the world, but you can build a heck of
Cisco Aironet (Score:1)
Many products reviewed... (Score:3, Informative)
cheers- raga
WiFi Monitoring (Score:4, Informative)
WiFi Geolocation (Score:1)
Well, you can buy lots of cool products that will thell you exactly where all your wireless clients are!
plus there are lots more that do other sorts of monitoring but without the geolocation angle. But I didn't just hand in a marketing assignment about them.
i find ... (Score:1)