|< Day Day Up >|
Access Point Management Utilities
Although access point manufacturers usually provide necessary configuration utilities, or, most likely, the access point will have an easy-to-use configuration interface accessible via a casual Web browser, there are some utilities that can come in handy while auditing access point security.
Our favorite set of such tools is Wireless Access Point Utilities for UNIX (ap-utils) by Roman Festchook, which allows both configuration and monitoring of access points from a UNIX machine via the SNMP protocol. Ap-utils support most Atmel chipset-based access points with ATMEL Private MIB. No Wires Needed APs (IEEE 802.11 MIB and NWN DOT11EXT MIB) are also supported. The list of access points supported by ap-utils is included in the utilities README file and is quite extensive, including common access points produced by Linksys, Netgear, and D-Link. All you need to do is to launch ap-config, enter the IP address of an access point, and know (or guess) the appropriate SNMP community. Ap-config allows you to undertake a huge range of activities, ranging from searching for connected access points to enabling or disabling antennas in addition to the following:
It can save you a lot of time spent with snmpget, snmpset, and Co (besides, Net-SNMP utilities do not provide friendly ncurses-based interfaces). Apart from ap-config, ap-utils include ap-mrtg and ap-trapd. Ap-mrtg gets statistics from ATMEL-based access points and returns the output in the Multi Router Traffic Grapher (MRTG) format. Ap-mrtg can get and show Ethernet statistics in bytes, WLAN statistics in packets, and the number of associated hosts and link quality and signal strength statistics from AP in a client mode. Although these parameters are not directly security related, they can be helpful in determining the general WLAN health and baselining WLAN traffic, which helps in detecting anomalies on your network, DoS attacks, or bandwidth theft. Ap-mrtg includes the following options:
arhontus:~# ap-mrtg -h Usage: ap-mrtg -i ip -c community -t type [-b bssid] [-v] [-h] [-r] Get stats from AP and return it in MRTG parsable format: -i ip - AP ip address -c community - SNMP community string -t type - statistics type <w>ireless, <e>thernet, associated <s>tations or <l>ink quality in client mode -b bssid - mac address of the AP to which get link quality, only if type=l -v - report MRTG about problems connecting to AP -r - reset AP when getting LinkQuality stats -h - print this help screen
Ap-trapd is a daemon to receive, parse, and log SNMP trap messages from access points. It interfaces with syslog (logging level 0) and can log the following common SNMP traps:
Some of these traps provide security-relevant information, for example, Trap Setting IP Address with Ping and Trap Disassociation. Ap-trapd can be run with ap-trapd [ -i device ] [-u user ] options that allow you to specify the device to listen for traps (Linux only) and set an unprivileged user for ap-trapd to run as (the default is "nobody").
Apart from ap-utils, there are several other useful access-point-specific configuration and monitoring utilities. For example, SNR is a Perl tool that collects, stores, and shows SNR changes for Lucent access points using SNMP. You'll need librrds-perl, libunix-syslog-perl, libappconfig-perl, and libsnmp-perl libraries to install and run SNR. For tweaking with Apple AirPort access points there is a Python Airconf utility, which was tested under different flavors of UNIX with Python 2.2, but should also work with Python 2.x on MacOS 9, and Microsoft Windows. To install Airconf, do:
arhontus:~# install -c -m 755 -d airport_aclupdate /usr/local/bin arhontus:~# install -c -m 600 -d airport.acl /usr/local/etc arhontus:~# install -c -m 600 -d airport.bases /usr/local/etc arhontus:~# python setup.py install arhontus:~# rehash
The major feature of Airconf is configuring the access control lists on several Apple AirPort Base Stations at once. Airconf can also be used for specific detection of the Apple AirPort Base Stations (white and graphite) using the python airport_detect.py <broadcast> command as well as reading, printing, and remotely changing their configuration (only graphite). Another tool you might want to use for controlling and monitoring Apple AirPort access points is airctl. Before using it, check that the correct address and port number for your AP are placed in the airctl preprocessor directive.
|< Day Day Up >|