[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2963
  • Last Modified:

Windows XP WLAN sniffer

Do you know/recommend a bug free Windows XP WLAN sniffer?

Thanks in advanced.
0
epmo
Asked:
epmo
  • 3
  • 3
  • 2
  • +1
2 Solutions
 
ChatableCommented:
First thing, this is not a hacking site, so if you're looking for wardriving tools, please look elsewhere. Even if you had the correct software - most WLAN cards cannot be used for sniffing at all, only a few chipsets can.

However, if you'd only like to view your own packets, you can use Ethereal from:
http://www.ethereal.com
Make sure that the checkbox "capture in promiscious mode" in the capture options is NOT selected or you won't be able to see any packets.
0
 
bigjimbo813Commented:
cain and able is another good utility.

Use these with care, because packetsniffing on a network without permission can get you in a lot of trouble
0
 
bigjimbo813Commented:
sorry...heres the link

http://www.oxid.it/cain.html
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
epmoAuthor Commented:
Great thanks will give it a try. I'm connecting to a public wireless network and want to see if i'm vulnerable to packet sniffing where my passwords/bank info/etc can be stolen.
0
 
epmoAuthor Commented:
according to cain and abel looks like https can be craked/analized.

is there a way to protect yourself? Thanks.
0
 
ChatableCommented:
Allright, here's the story with WLANs:
If you use a public network (meaning that security is disabled) - it means that data is not encrypted and anyone with the correct hardware and software (the software part usually includes Linux... sorry dude) can capture everything. Obviously any info you send can be stolen. This is true for every public WLAN network.
If your network use WEP, you shouldn't feel safe either because it uses weak encryption. Due to flaws in the algorithm even the 128-bit version can be broken in a few hours, so my recommendation is that you don't do anything on a WEP network that you wouldn't do on a public network.
The only way to properly protect a WLAN network is to use WPA (or WPA-PSK). It uses way stronger encryption, and no vulnerablities have been found in it to date.

However (and this is a big but) - even on a public, unencrypted WLAN network you ARE secure if the website you access uses SSL. If your data is captured, only the IP headers will be revealed because the data has been encrypted by your browser. The down side is (of course) that it only works with SSL sites but I doubt whether there is any bank that does not use it.
Bottom line - Check that you have a modern browser (Firefox 1.0+ or IE 5.5+) and that the little yellow lock is there and if it is then you are secure.
0
 
epmoAuthor Commented:
Great. cool explanation. so in conclusion as long as there is https YES you are secure. Eventhough they say:  The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms.
0
 
ChatableCommented:
Well there are some metadata fields in SSL that go unencrypted and can be analyzed by sniffers but they contain only the initial handshake and the close-connection message (nothing too sensitive). In addition some sniffers (like ssldump or the latest version of Ethereal) can decrypt SSL sessions but only if you're in possesion of the server's private key - meaning you have control over the web server hosting the secure web site. If someone managed to hack into a bank's website then you are in serious problems, regardless of SSL ;)
0
 
masnrockCommented:
Since you're using a PUBLIC wireless network, my best recommendation would be an encrypted proxy OR connect to a VPN. The traffic as it overs over the air will at least be encrypted. Otherwise, get access to a secure wireless network. As far as site visiting goes over an unsecure link, yeah, you want sites that use SSL.

Amendent to the WPA-PSK comments: There are at least 2 known vulnerabilities. The first one is that it is open to DoS attacks. The Michael algorithm, which checks the integrity of packets, etc, disables an access point or router for 60 seconds when 2 invalid packets are detected within a minute. Second, it is possible to crack passphrases shorter than 20 characters in length with only 4 packets (the 4 way handshake).  Read this article: http://wifinetnews.com/archives/002452.html
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now