OK, bit of a pet peeve of mine at play so i’m just gonna ask.
What are the actual screenshots like and why does the thing in the artical image look so danged fake?
Probably because it is a stock photo with a screenshot of the program superimposed on it.
No I mean the screenshot itself looks fake. Not ‘oh this is a screencap photoshopped in.’ it doesn’t look like a real interface. It looks like something off of CSI: Lala Land.
“We’ve tracked his IP, 309.1.2043.2, to these WiFi routers. When you connect the dots, it looks kinda like the criminal is trying to tell us something like ‘I see you,’ but perhaps something less subtle. Mobilize the Optimizer!”
Holy shit, further evidence (as if any was necessary) that Apple people will buy anything.
Seriously, you’re running a full-on ad as a blog post? Seriously?
Where have you been for the last 5 years?
(It does help pay the bills.)
Wifi analysis tools are actually a fairly big thing; but it is…unusual… to see one that isn’t either (A)Powerful; but wedded closely to a frighteningly expensive and vendor specific AP control system, (B)Horrendously arcane; but capable of impressive things(including all the fun exploits that aren’t supposed to be possible) if run with certain well-supported chipsets and a suitably modified kernel, or ©An improvement over the 'little list of AP names and signal strength ‘bars’; but not much else.
In this case, I’m leaning toward ©.
Any examples of the (B) class, please?
That’s closer to the © class, sadly.
How do you figure that
Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
It can do PCAPs, injection, WEP cracking, and be extended for other useful stuff. I was calling it “arcane” mostly because it hasn’t been updated for a while.
Oh, dear lord, the horrendously arcane ones…
/remembers networking lectures and develops facial tic.
Today, Virgil will lead the class through the 7 circles of the OSI model…(there are 8th and 9th circles as well; for spammers and implementers of DRM systems, respectively; but that stuff isn’t fit for decent people)
It can also do spectrum analysis(with suitable hardware) and support networks of ‘slave’ nodes that report data to the mothership. That capability, in particular, is where a lot of the elegant power of the expensive-vendor-product ones comes from: you have to buy all the APs from them, and all the APs are slaved to a master controller($$$$); but each AP can survey its environment and send the results back to HQ for real time identification of congested areas, ill-covered areas, ‘rogue’ APs not associated with the system, user activity, and so on. Assuming you buy the right licenses, you can even plug in maps of your campus and have everything all pretty displayed and so on. Very cute. I vaguely recall that some of them even juggle dual-band capable clients between 2.4 and 5Ghz, on APs that support both, in response to congestion.
Unless I’ve missed it(in which case I’d be very interested to know) nobody has put together that sort of elegant frontend for Kismet, with pretty mapping and color codes and stalker-eye-view of the little user MAC addresses wandering around like tiny ants before the power of the IT department; but with reporting from slave nodes, you are set for most of the data you would require.
I’ve got some weird situations with my house (3 floors and 2 wifis) where I’m still missing out on some coverage. Anything like this for Linux? Or Windows? (I don’t have a Mac)
They’re becoming noticeably more obtrusive, it seems.
Kismet, LinSSID, Vistumbler, or inSSIDer are worth a look. Unfortunately, unless you have quite the luck with NICs, about all they’ll be likely to tell you is whether your dead zones are silent or a storm of SSIDs. Unless the problem is silence, in which case you need more APs, you may need a spectrum analyzer to go noise hunting. Tools can help you quantify the problem; but once you know that it exists the answer will either be more APs or the eldritch darkness of RF signal propagation. Good luck.
If you happen to know anything about your house’s construction(any plaster-on-wire mesh walls? metal joists, etc?) you may also be able to discern ‘shadows’; but RF is pretty much a black art.
RTL-SDR dongle with a cheap Chinese downconverter, then RTLSDR Scanner. Scanning the band takes its sweet time, but it is bearable.