HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 43 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Wirelessarrow Tools for Wifi sniffing
EH-Net
May 21, 2013, 02:43:08 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Tools for Wifi sniffing  (Read 10351 times)
0 Members and 1 Guest are viewing this topic.
m0rg4n
Newbie
*
Offline Offline

Posts: 7


View Profile
« on: June 21, 2010, 02:01:52 PM »
Ok... I am having some issues with commview for wifi 6.3 and I am in need of a new (free/cheap) tool for wifi packet sniffing. I have a strong preference for GUI since my boss has no idea and wants to be able to see what's going on. Anyone have any suggestions?

Further, if anyone could explain to me why commview is freking out and telling me that I'm in compatibility mode (when I'm not) it would be helpful. Thanks!
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #1 on: June 21, 2010, 03:13:55 PM »
Have you tried Wireshark?
Logged
~~~~~~~~~~~~~~
Ketchup
UNIX
Hero Member
*****
Offline Offline

Posts: 1234


View Profile
« Reply #2 on: June 21, 2010, 03:29:02 PM »
I'd also recommend Wireshark. You might find this list useful as well.
Logged
m0rg4n
Newbie
*
Offline Offline

Posts: 7


View Profile
« Reply #3 on: June 21, 2010, 05:24:12 PM »
I have wireshark but don't have the necessary hardware for wireless monitoring with that program.
Logged
chrisj
Hero Member
*****
Offline Offline

Posts: 1163


View Profile WWW
« Reply #4 on: June 21, 2010, 10:06:33 PM »
Quote from: m0rg4n on June 21, 2010, 05:24:12 PM
I have wireshark but don't have the necessary hardware for wireless monitoring with that program.

shouldn't any wireless card work? I know sometimes there are hoops to jump through. How are you testing without a card with commview?
Logged
OSWP, Sec+
m0rg4n
Newbie
*
Offline Offline

Posts: 7


View Profile
« Reply #5 on: June 22, 2010, 08:55:22 AM »
It's strange, I know, but Wireshark uses a tool called airpcap...which costs anywhere from $200+ but commview for wifi simply shuts off your net connection and just starts listening. Which is why I enjoyed the program for the very short period that I had it running.

I was thinking there might be something in the registry that screwed up but to be honest I don't trust myself in there. Perhaps someone could give Commview for Wifi a shot and see if it works for them. You can find it on www.tamos.com and they have different variations but the one I find most useful if Commview for Wifi since most of us use wireshark for ethernet capturing.

I would love to just get the program working again. Sad
Logged
m0rg4n
Newbie
*
Offline Offline

Posts: 7


View Profile
« Reply #6 on: June 22, 2010, 08:57:57 AM »
if anyone knows how to listen to a wifi network from the outside with wireshark, that info would be mucho helpful as well.  Cheesy
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #7 on: June 22, 2010, 09:35:26 AM »
Can you switch to Linux?   Ubuntu is very easy to get going and should let you sniff any traffic you want in Wireshark?   

Also, Windows should only give you an issue with monitor mode.   You should still be able to sniff after association in promiscuous mode, but that may not be enough for you.
Logged
~~~~~~~~~~~~~~
Ketchup
m0rg4n
Newbie
*
Offline Offline

Posts: 7


View Profile
« Reply #8 on: June 22, 2010, 12:50:31 PM »
Thanks for the advice. I'm an information management officer in the military and my job at the moment is to play red-hat and show these guys how easy it is to break certain encryption. After contacting the techies at Tamosoft, I have resolved the issue with that program, works fine now. Anyone interested in wifi packet capture, trust me, this program, while expensive, is probably one of the best and most user friendly ones out there.
Now I just have to aquire the fundage to get the full version.  Undecided sometimes piracy isn't the crime...sometimes the crime is charging $1000 for a single-purpose computer program and damn-near forcing people to pirate the software. What a shame. Thanks again!
Logged
Phaile
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #9 on: July 22, 2010, 11:36:46 AM »
Not sure if this will help, but in my course/co-op at my college we strictly use Wireshark and the wireless sniffing works. We had to install winpcap which is a free download and I have not had any issues sniffing on the network, either hardwired in or on wireless.  You can grab winpcap here: http://www.winpcap.org/install/default.htm

Again, not sure if it will solve your problem as I am still in the process of learning.
Logged
chrisj
Hero Member
*****
Offline Offline

Posts: 1163


View Profile WWW
« Reply #10 on: July 22, 2010, 01:10:46 PM »
going back to Ketchup's idea of Linux... Aircrack Suite?
Logged
OSWP, Sec+
secureseven
Jr. Member
**
Offline Offline

Posts: 79



View Profile
« Reply #11 on: July 22, 2010, 02:01:56 PM »
I agree with the others. I don't think I've ever had problems with wireshark in windows or linux. And as chrisj said, you can use aircrack-ng suite and most likely netstumbler to capture packets.
Logged
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
jimbob
Guest
« Reply #12 on: July 22, 2010, 02:49:54 PM »
Quote from: m0rg4n on June 22, 2010, 08:55:22 AM
It's strange, I know, but Wireshark uses a tool called airpcap...which costs anywhere from $200+

libpcap is free and so is WireShark. It will run on both windows and Linux, and probably some other operating systems. Kismet is really great for monitoring and sniffing wireless networks, you might want to check that out.

Jimbob
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.066 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.