There are many helpfull software utilities to help with HSMM. I have found a good network "sniffer" in Wireshark. Wireshark is free and will run on Windows or Linux. When you run this software, you choose which network interface on your computer to use and then it will display and log every packet that is transmitted or recieved on your network interface. This is a great program to learn about what happens on a network. It will also help to debug problems on your network. This software is a good thing to have in your HSMM toolbox. Try it out.
http://www.wireshark.org/
Just want to point out that most wifi drivers are crippled on Windows. If you have native drivers for Linux you can get more information if you run Wireshark on Linux rather than Windows. Windows drivers don't typically include promiscuous mode nor monitor mode.
ReplyDeleteI actually have a copy of ubuntu running off of a 8gb usb flash drive on my netbook. It's a persistent install so I can install things to it and they stay there even if I shut it off. So thanks to that I have Kismet and Wireshark that I can run whenever.
I really wanted to move my copy of Windows XP to a SD card but when I did, it got even more unbearably slow so it gets my internal 4gb drive and I just use the usb flash for linux. Maybe one day I'll move it to a SD card.
Thanks for the information. I have been running it on my Vista Laptop and have had no problems yet. I will try it on my ubuntu computer and check it out.
ReplyDelete