Windows XP WLAN sniffer

Do you know/recommend a bug free Windows XP WLAN sniffer?

Thanks in advanced.
epmoAsked:
Who is Participating?
 
ChatableConnect With a Mentor Commented:
First thing, this is not a hacking site, so if you're looking for wardriving tools, please look elsewhere. Even if you had the correct software - most WLAN cards cannot be used for sniffing at all, only a few chipsets can.

However, if you'd only like to view your own packets, you can use Ethereal from:
http://www.ethereal.com
Make sure that the checkbox "capture in promiscious mode" in the capture options is NOT selected or you won't be able to see any packets.
0
 
bigjimbo813Commented:
cain and able is another good utility.

Use these with care, because packetsniffing on a network without permission can get you in a lot of trouble
0
 
bigjimbo813Commented:
sorry...heres the link

http://www.oxid.it/cain.html
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
epmoAuthor Commented:
Great thanks will give it a try. I'm connecting to a public wireless network and want to see if i'm vulnerable to packet sniffing where my passwords/bank info/etc can be stolen.
0
 
epmoAuthor Commented:
according to cain and abel looks like https can be craked/analized.

is there a way to protect yourself? Thanks.
0
 
ChatableCommented:
Allright, here's the story with WLANs:
If you use a public network (meaning that security is disabled) - it means that data is not encrypted and anyone with the correct hardware and software (the software part usually includes Linux... sorry dude) can capture everything. Obviously any info you send can be stolen. This is true for every public WLAN network.
If your network use WEP, you shouldn't feel safe either because it uses weak encryption. Due to flaws in the algorithm even the 128-bit version can be broken in a few hours, so my recommendation is that you don't do anything on a WEP network that you wouldn't do on a public network.
The only way to properly protect a WLAN network is to use WPA (or WPA-PSK). It uses way stronger encryption, and no vulnerablities have been found in it to date.

However (and this is a big but) - even on a public, unencrypted WLAN network you ARE secure if the website you access uses SSL. If your data is captured, only the IP headers will be revealed because the data has been encrypted by your browser. The down side is (of course) that it only works with SSL sites but I doubt whether there is any bank that does not use it.
Bottom line - Check that you have a modern browser (Firefox 1.0+ or IE 5.5+) and that the little yellow lock is there and if it is then you are secure.
0
 
epmoAuthor Commented:
Great. cool explanation. so in conclusion as long as there is https YES you are secure. Eventhough they say:  The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms.
0
 
ChatableCommented:
Well there are some metadata fields in SSL that go unencrypted and can be analyzed by sniffers but they contain only the initial handshake and the close-connection message (nothing too sensitive). In addition some sniffers (like ssldump or the latest version of Ethereal) can decrypt SSL sessions but only if you're in possesion of the server's private key - meaning you have control over the web server hosting the secure web site. If someone managed to hack into a bank's website then you are in serious problems, regardless of SSL ;)
0
 
masnrockConnect With a Mentor Commented:
Since you're using a PUBLIC wireless network, my best recommendation would be an encrypted proxy OR connect to a VPN. The traffic as it overs over the air will at least be encrypted. Otherwise, get access to a secure wireless network. As far as site visiting goes over an unsecure link, yeah, you want sites that use SSL.

Amendent to the WPA-PSK comments: There are at least 2 known vulnerabilities. The first one is that it is open to DoS attacks. The Michael algorithm, which checks the integrity of packets, etc, disables an access point or router for 60 seconds when 2 invalid packets are detected within a minute. Second, it is possible to crack passphrases shorter than 20 characters in length with only 4 packets (the 4 way handshake).  Read this article: http://wifinetnews.com/archives/002452.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.