Wireless is a hot topic. Unfortunately lots of wireless LANs have been put in without any consideration of security. If you have a wireless or are considering, read the whitepapers and check for yourself using a commercial or shareware analyzer. If there is a site that should be listed here or if a link goes dead, please let me know.
- Books
- Building Wireless Community Networks, 2nd Edition
- 802.11 Security
- Wireless Hacks
- Wireless Security: Models, Threats, and Solutions
- 802.11 Wireless Networks: The Definitive Guide (O’Reilly Networking)
- Hack Proofing Your Wireless Network
- Wireless Communications: Principles and Practice (2nd Edition)
- Wireless LANs (2nd Edition)
- Wireless Lan Standards and Applications
- Wireless and Mobile Network Architectures
- IEEE 802.11 Handbook: A Designer’s Companion
- Essential Guide to Wireless Communications Applications (2nd Edition)
- 802.11 Demystified: Wi-Fi Made Easy
- Building Wireless Community Networks, 2nd Edition
- Whitepapers / Tech docs / FAQ
- Accessing wireless security with AiroPeek
- Ars Technica: Wireless Security Blackpaper
- Bluetooth Basics
- Building a Cisco Wireless LAN – Chapter 8: Cisco Wireless Security
- Choosing between 802.11a and 802.11b
- FAQ Wireless LAN Security by Christopher W. Klaus of Internet Security Systems (ISS)
- Firewall : Wireless Firewall Gateway White Paper
- ISS Wireless LAN Security : 802.11b and corporate networks
- Linux Wireless LAN Howto
- Microsoft Solution for Securing Wireless LANs
Networking Handbook 802.11 (Wi-Fi) – Chapter 9: Wireless LANs in the Enterprise
NIST : Wireless network security – 802.11, Bluetooth, and Handheld Devices
- Securing The Maginot Line Of Wireless LANs
- Security of 802.11 Wireless Networks for Automated Data Collection
- WEB Wired Equivalency Protocol
- Accessing wireless security with AiroPeek
- Tools / Utilities
- Aerosol : Wireless Tool for Windows
- AirDefense : WLAN Intrusion Protection & Management System
commercial
- AirMagnet Handheld Analyzer
- AiroPeek : commercial packet analyzer for IEEE 802.11b wireless LANs
Windows comprehensive packet analyzer for IEEE 802.11b wireless LANs, supporting all higher level network protocols such as TCP/IP, AppleTalk, NetBEUI and IPX.
- AirSnort : collect encryption keys
Linux tool that passively monitors transmissions, computing the encryption key when enough packets have been gathered
- AirTraf: wireless 802.11b network analyzer
Linux
- AP Scanner : Mac 802.11 scanner
Macintosh-only application that will detect all in-range open 802.11 wireless network access points.
- bsd-airtools : complete toolset for wireless 802.11b auditing
contains a bsd-based wep cracking application, dweputils; kernel patches for NetBSD, OpenBSD, and FreeBSD; a curses based ap detection application similar to netstumbler (dstumbler) to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned ap’s and view statistics for each; other tools to provide a complete toolset for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2’s monitor debug mode.
- Fake AP : hide in plain sight
Black Alchemy’s Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP’s cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL. Linux compatible.
- Grasshopper : commercial handheld
wireless receiver for sweeping and optimizing Local Area Networks
- Isomair : wireless lan security package
commercial
- ISS’ Wireless Scanner : commercial wireless penetration tool
- Kismet : Linux 802.11b wireless network sniffer
capable of sniffing using almost any wireless card supported in Linux, including Prism2 based cards supported by the Wlan-NG project (Linksys, Dlink, Rangelan, etc), cards which support standard packet capture via libpcap (Cisco), and limited support for cards without RF Monitor support.
- MacStumbler : Wireless scanning tool for the Apple Airport
only works with airport wireless cards
- Mognet: open source wireless ethernet sniffer/analyzer written in Java
- NetStumbler : Windows utility for 802.11b based wireless network auditing
- Prism2 : Linux AP driver for Intersil Prism2/2.5/3
- Prism2dump : part of BSD-Airtools package
puts Prism2Card into promiscuous mode
- PrismStumbler : scans for beaconframes from accesspoints
operates by constantly switching channels an monitors any frames recived on the currently selected channel C & perl
- Sniffer Wireless : commercial wireless sniffer
- ssidsniff : discover access points and save captured traffic
comes with a configure script and supports Cisco Aironet and random prism2 based cards.
- StumbVerter : NetStumbler support tool
standalone application which allows you to import Network Stumbler’s summary files into Microsoft’s MapPoint 2002 maps.
- wavemon : ncurses-based monitoring application for wireless network
Linux
- WaveRunner : Linux-powered HP iPAQ Pocket PC that verifies 802.11b deployments
detects rogue access points and clients
- WaveStumbler : 802.11 network mapper for Linux
- WEPCrack: perl utility that cracks 802.11 WEP encryption keys using weakness of RC4 key scheduling.
- Wellenreiter : wireless penetration tool ( gtkperl )
Linux
- witools : small collection of utilities to aid in the exploration of 802.11 wireless networks
FreeBSD compatible
- Aerosol : Wireless Tool for Windows