I'm interested in learning more about security and I'd really like to run tests against my network here at home to see just what is accessible by modern software. What readily available packages are out there that I can run against my network to see what's being exposed, quite likely without my knowledge?
asked 01 Jul '10, 04:05
Kismet is a great tool. Also, you may want to look into Aircrack-ng. Usually, I use both of those and then use Wireshark packet sniffer to open the wireless card in monitor mode (it's mon0 on my system). People are often ignorant of what sort of things that they are broadcasting.
Aircrack-ng, while being good to capture packets, can also, as the name implies, help you crack encryption. This is good for instance if you are at a friend's house and they can't remember their WEP password to let you log in. However, once you see how easy that is, you might want to switch to WPA and use a strong password.
answered 01 Jul '10, 06:38
I would like to mention that all of the answers so far are very good tools, as I use them all myself and they are great. A few caveats I'd like to mention though....
1) You need a wifi card that can go into Promiscuous Mode to use aircrack-ng. I suggest an Atheros with the 512 or 512A chipset. There is a list available of compatible cards, but remember that wireless on Linux can be flakey at times, so don't rule that out of aircrack-ng doesn't work right away. Remember, ndiswrapper can be your friend.
2) The greatest weakness of security can also be it's greatest strength, and that is the end-user. Security is not a piece of software, hardware or a setting... it is a mindset. It is a way of thinking, being, and acting 24/7/365. All the network security in the World is useless if people can be social engineered or if physical security is ignored. If your network is secure, but someone steals your hard drive.... well, you get the idea.
I know your post is for tools to use to diagnose your network security, but to simply list the tools, and even how to configure and use them is only giving you PART of the answer. Your goal is beyond what tools to use, your real question and real goal is: "How do I properly assess and secure my network?"
If you have Adobe flash installed, that's a risk. If you have a . in your PATH, that is a security risk. If you login as root, that's a risk.
3) Wireless is not really able to be secured compared to wired. Nothing is 100% secure, so it's a matter of layers/depth of security.
For more serious work, I recommend using Backtrack. There you will find complete package for security. Not only wireless but also cable based network.
Basically Backtrack is a complete distro security and penetration testing. You can use it on almost any condition. Like learning it's capability in home network and then tested on public network, even in corporate network.
answered 01 Jul '10, 12:35
Nessus.org provides a good toolsuite.
answered 01 Jul '10, 04:33
I would suggest that you look at something like kismet...it is really the best tool for wireless networks.
answered 01 Jul '10, 05:13