Wednesday, February 27, 2013

Sniffing Wireless in Linux: How it works?

  • Sniffing Wireless in Windows
  • Sniffing Wireless in Linux
  • Sniffing through Multiple Interfaces
  • Monitor Vs. Promiscuous Mode(Coming Soon)
  • Automate Sniffing Process (Coming Soon)

    • Wireshark:

    The one and most used sniffer in linux world is wireshark. It works perfectly in linux given the OS support and driver support. Most of the NIC's are supported, all the list of NIC cards and drivers can be found at http://linuxwireless.org/en/users/Drivers.

    Its recommended to install the package for your kernel from compat-wireless or compat-drivers

     It supports all kinds of wireless meta data formats.

    Kismet:

    It has a sleek UI basically aimed at user level testing and site-survey. But not a good tool for doing a full pledge protocol testing.

    It used the vendor's driver to sniff packets. It uses PPI based reporting.

    How to Configure NIC in Promiscuous Mode?

    ifconfig <interface> down

    iwconfig <interface> mode monitor
    iwconfig <interface> channel <channel no>
                   (or)
    iw dev <interface> set channel <chanel no> <HT20/HT40+/HT40->

    ifconfig <interface> up

    How to Revert NIC to AP/STA Mode?


    ifconfig <interface> down
    iwconfig <interface> mode managed
    ifconfig <interface> up

    Posted by at

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)