|< Day Day Up >|
RF Signal Strength Monitoring Tools
These tools are not sniffers or graphical network mappers that show all wireless networks in sight, but because they do discover WLANs (at least at the level of RF signal being present), we briefly review them in this section. Although a wardriver might not be interested in measuring the signal strength or SNR, for wireless site surveying this task is essential and having a tool to automate this task can save a lot of time.
These utilities implement two basic methods to monitor signal and noise strength on the 802.11 channel: watch -n1 -d 'cat <file>' and parsing an appropriate directory in /proc (e.g., /proc/net/wireless) or greping ARPHRD_IEEE80211_PRISM frame headers when using Prism chipset cards. Please note that the latter method appears to be used by both Airfart and WifiScanner and many higher-end tools such as Kismet that also report signal strength on the sniffed channels.
As already mentioned, the main use of signal strength monitoring tools is site surveying, the importance of which can never be underestimated in a wireless security audit and proper wireless network design and deployment. Although signal strength detecting tools can indicate the presence of RF interference or jamming (high level of noise and low SNR where in accordance with your RF calculations the SNR or signal strength must be much higher), they are by no means a substitute for a proper RF frequency analyzer.
RF signal monitoring tools come as separate utilities or plug-ins for various window managers. Our favorite signal strength monitoring tool is wavemon (see Figure 5-15), which has a nice signal strength level histogram (F2), lists all discovered access points (F3), and is relatively configurable (F7).
Figure 5.15. Wavemon wireless signal monitoring utility.
By default it supports Prism cards and linux-wlan-ng, but that is simply because of the preset wlanX interface; change the interface on ethX and so on to make it work with other chipset card drivers. Another useful tool is wlanmeter, which can monitor signal, noise, and link levels on all available wireless interfaces (three interfaces at the same time). Yet another useful tool is Wireless Power Meter for Linux (wpm), which uses Linux Wireless Extensions and will run on any terminal capable of displaying ANSI color (the Linux console, ETerm, Gnome Term, XTerm, Color RXVT). Alternatively, there is xnetworkstrength (surprisingly, it uses X), Cisco ACU for Aironet cards (recommended), and a variety of wireless link monitoring applets such as wmwave for Windowmaker or gwireless_applet for Gnome and the famous wireless plug-in for gkrellm. Wireless Network Meter for QT on Embeddix makes a good addition to Kismet + kismet-qte on your Sharp Zaurus, enhancing the use of this brilliant handheld as a wireless site survey tool. On the Windows side we recommend AirMagnet (not to be confused with the Java Mognet 802.11b/g sniffer) on an iPAQ. AirMagnet software is bound to the card that comes as part of the AirMagnet package; this card has proprietary firmware modifications that allow AirMagnet to detect and graphically display 802.11b/g channel overlapping. AirMagnet is a great (although somewhat expensive) all-around wireless security evaluation tool that is "fluffy" and easy-to-use. Of course, both AiroPeek and NAI Sniffer Wireless can also monitor network signal strength, among other features presented by these powerful commercial tools. For site surveying tasks, you can get PDA versions of both sniffers written for the Windows CE platform.
|< Day Day Up >|