上校
- 注册时间
- 2003-6-2
- 金币
- 14049 个
- 威望
- 1 个
- 荣誉
- 0 个
尚未签到
|
发表于 2003-9-3 09:24
Laptop or PDA, Wireless NIC, Software, a way to get around and GPS. Here are a few examples:
• Pocket PC 2002 (Operating System)
• Compaq iPaq Model 3765 (Handheld Device)
• Lucent WaveLan PCMCIA card (Orinoco gold) (NIC)
• Compaq Single slot PCMCIA adapter sleeve
• Sniffer program "Mini-Stumbler" (Software)
Laptop Set-up Dual boot:
• Windows 2K (Operating System)
• Panasonic C-48 (Handheld)
• Orinoco Sliver PCMCIA card (NIC)
• Netstumbler (Software)
• Garmin eTrex GPS
• Linux RedHat 7.3 (Operating System)
• Kismet 2.4 or most current development (Software)
• AirSnort (Software)
• PCMCIA reworked for RFMON mode for Aironet 350
• Orinoco Sliver PCMCIA card (NIC)
• Garmin eTrex GPS
Using what you already have is the obvious choice when setting a new system up for use. Orinoco’s gold and silver NICs (Network Interface Cards) seems to be extremely popular among War Driving wireless systems. Also, you only need a GPS system is if you wish to keep track of the networks you find.
----------------------------------------------------------------------------------
tools:
AirJack for Linux
When AirJack is used correctly it will let the user take over a connection to a wireless LAN. First you DOS (Denial of Service) the access point by bombarding it with forged packets causing it to crash. Then when the access point comes back to life it automatically starts looking for a new access point. When the access point searches for another access point it will recognize you as one, making you the middleman between the two access points giving you access to the network.
http://802.11ninja.net/
AiroPeek for Windows 98, ME, 2000, XP
“AiroPeek is a comprehensive packet analyzer for IEEE 802.11b wireless LAN, supporting all higher-level network protocols such as TCP/IP, AppleTalk, NetBEUI and IPX. AiroPeek contains the entire network troubleshooting features familiar to EtherPeek. In addition, AiroPeek quickly isolates security problems, fully decodes 802.11b wireless local area networks (WLAN) protocols, and analyzes wireless network performance with accurate identification of signal strength, channel and data rates.”
http://www.wildpackets.com/products/airopeek
AirSnort for Linux
AirSnort is primarily for cracking WEP (Wired Equivalency Privacy), not discovering wireless networks. AirSnort is a tool provided by The Shmoo Group (www.shmoo.com). If you use AirSnort on a network that is not yours, you are certainly breaking the law. “AirSnort is a WLAN tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.” AirSnort can guess your encryption key in microseconds.
http://airsnort.shmoo.com/
AirTraf for Linux
“AirTraf is a package with many features. On a basic level, it performs packet capture/decode in the 802.11b wireless level. It gathers and organizes packets captured over the air based on the type of traffic (management, control, data), according to the dynamically detected access points (in case there are multiple in a given area), and performs bandwidth calculation as well as signal strength information on a per wireless node basis. It determines the SSID of access points, the channel it is operating under, the number of wireless nodes connected to the access point of interest, the overall load on the access point, as well as the bandwidth utilized by all connected wireless nodes. And as of AirTraf-0.3-1beta, AirTraf is database-aware, meaning that multiple sniffers can be polled via a central polling server periodically to gather up2date information, and saving the information for long-term load analysis over periods of days, weeks, months, and even years. The other feature of AirTraf includes tracking of access related activity generated in the area, it tracks all probe/authentication/association requests made to a given access point, and by observing access point's reaction, make a judgment as to the nature of activity, and determine whether the activity is hostile or friendly. (Currently fairly unstable, and being worked on)”
http://airtraf.sourceforge.net/index.php
BSD-AirTools for FreeBSD 4.4, OpenBSD 2.9/3.0, NetBSD 1.5.1+
“BSD-AirTools is a package that provides a complete toolset for wireless 802.11b auditing. Namely, it currently contains a BSD-based WEP cracking application, called Dweputils (as well as kernel patches for NetBSD, OpenBSD, and FreeBSD). It also contains a curses based access point detection application similar to Netstumbler (Dstumbler) that can be used to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned AP's and view statistics for each. It also includes a couple other tools to provide a complete toolset for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2's monitor debug mode.”
http://www.dachb0den.com/projects/bsd-airtools.html
Kismit for Linux
Kismet is an 802.11b sniffer capable of sniffing using almost any wireless card supported in Linux.
http://www.kismetwireless.net
Mognet for Linux
Mognet open source wireless ethernet sniffer/analyzer. It is licensed under the GNU General Public License. It was designed for PDAs (Personal Digital Assistant), but will run just as well on everything else running Linux.
http://chocobospore.org/projects/mognet/
Netstumbler for Windows 2000, 9X, ME, XP, Pocket PC
Netstumbler has a user friendly GUI and is the most popular wireless discovery tool out there. Netstumbler uses your wireless network card to detect WLANs. It will return the SSIDs (Service Set Identifier), channel and signal strength. Netstumbler will determine if the WLAN is using WEP or not.
http://www.netstumbler.com
PrismStumbler for Linux
PrismStumbler scans for beacon frames from access points. PrismStumbler monitors any frames received on the currently selected channel as it switches through them one by one.
http://prismstumbler.sourceforge.net/
SSID Sniff for Linux
SSID Sniff is a tool use when looking to discover access points and save the captured traffic like a sniffer. It comes with a configure script and supports Cisco’s Aironet and prism2 based cards.
http://www.bastard.net/~kos/wifi/
Stumbverter for Windows 2000, 9X, ME, XP
Stumbverter is used to import Netstumbler’s summary files into Microsoft’s MapPoint 2002. “The logged WAPs (wireless access points) will be shown with small icons, their color and shape relating to WEP mode and signal strength.” You can also add information to each mapped icon.
http://www.sonar-security.com/
THC-RUT for Linux
“THC (The Hackers Choice) RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into WLAN access points. It offers APR (Address Resolution Protocol) request on IP (Internet Protocol) ranges and identifies the vendor of the NIC, spoofed DHCP (Dynamic Host Configuration Protocol), BOOTP (Bootstrap Protocol) and RARP (Reverse Address Resolution Protocol) requests, ICMP (Internet Control Messaging Protocol) address mask request and router discovery techniques.” Because this is a brute force network discovery tool it used first when a new network is discovered.
http://www.thehackerschoice.com
THC-WarDrive -for Linux
“THC-WarDrive is a tool for mapping your city for wavelan networks with a GPS device while you are driving a car or walking through the streets. It is effective and flexible, a "must-download" for all wavelan nerds.”
http://www.thehackerschoice.com
WarLinux
WarLinux is a distribution specifically for War Drivers. It main intended use was for the auditing and evaluation of wireless network installations.
https://sourceforge.net/projects/warlinux/
Wavemon for Linux
“wavemon is a ncurses-based monitoring application for wireless network devices. It currently works under Linux with the Lucent Orinoco cards.”
http://www.jm-music.de/projects.html
WaveStumbler for Linux
“WaveStumbler is console based 802.11 network mapper for Linux.” WaveStumbler is used for gathering basic information from the access point like channel, WEP, ESSID (Extended Service Set Identifier), MAC etc. While still and like most Linux tools always in development it tends to be stable.
http://www.cqure.net/tools08.html
WEPCrack for Linux
WEPCrack is a tool used for breaking 802.11 WEP secret keys. “This tool is an implementation of the attack described by Fluhrer, Mantin, and Shamir in the paper "Weaknesses in the Key Scheduling Algorithm of RC4".” WEPCrack was the first available open source code that demonstrated the breaking of secret keys.
http://wepcrack.sourceforge.net/
WSA for Linux on an iPaq
“WSA (Wireless Security Auditor) is an IBM research prototype of an 802.11 wireless LAN security auditor, running Linux on an iPAQ PDA.” WSA automated the security audit process of wireless network, to help network administrators find and remove any vulnerability before someone tries to use the vulnerability to gain access to the network.
http://researchweb.watson.ibm.com/gsal/wsa/ |
|
IP卡
狗仔卡
