Netstumbler (Part 2)

Part-1 of Netstumbler explains the operations of Netstumbler along with the AP configurations details. This part of the video will concentrate more on the analysis capabilities of the Netstumbler. Netstumbler applies some simple filters to give consolidated information about the APs like APs operating on same channels, the SSID usage pattern, the encryption settings etc. If at a particular location the throughput numbers are not satisfactory, then with the help of Netstumbler you can hind the signal strength of the AP to which the client is associated. Also you can find out if there are any other APs with the same SSID operating in the surrounding (honeypot AP). Also if there are large number of APs operating on the same channel or surrounding channels in case 802.11b/g the throughput will come down drastically. All these statistics can be derived from the Netstumbler.

Enable Javascript or Download Flash Playe if you see this!

Network stumbler (NetStumbler) is a wireless LAN detection tool especially written for Windows operating system. It can detect IEEE 802.11b, 802.11g and 802.11a networks. (commonly known as WiFi) Netstumbler is a popular war driving tool. (Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a laptop or PDA like tools.). Netstumbler can be also used for,

• Finding network configuration of the APs
• Finding signal strength of the APs
• Finding network congestion and interference (based on SSIDs, Channel etc.)
• Finding possible rogue access points
• Wardriving

While setting up wireless network, it’s very difficult to find poor areas of coverage, with the help of Netstrumble you can find out those areas. Also you can find the possible un-authorized access points based on signal strength. To perform such operations, you have to walk around your office with the laptop with Netstumbler. From the variations recorded in signal strength you can guess the presence of un-authorized/ Rogue APs in your premises.

Links

1. Download NetStumbler

2. Netstumbler forums

3. Netstumbler official website

4. Alternatives to Netstumbler (Videos for these tools… coming soon)

Amit Vartak, 27 is working in wired and wireless security fields since last 3-4 years. His current area of interest includes IEEE 802.11 (Wi-Fi) suite of protocols, vulnerabilities in these protocols and countermeasure for those vulnerabilities. Working on cutting edge tools and technology always keeps him busy. He has contributed from concept level to final prototyping for the presentations in Defcon 2007 (The Emperor Has No Cloak - WEP Cloaking Exposed) and Toorcon 2007 (Caffe latte attack). He holds 2 patents with USPTO (current status: Patent Pending) and a few papers in IEEE journals on wireless protocol vulnerabilities. Prior to this, he was working on MEMS (Micro Electro Mechanical Systems) and has published a few papers in SPIE and ICMAT. (Yeah… kindda orthogonal fields… but technology really doesn’t limit the talent :) He did his masters in Electrical Engineering from one of the premier institutes in India, Indian Institute of Technology, Bombay (IIT-Bombay) and his under graduation, from University of Mumbai in Electronics and Telecommunication Engineering. He is currently working with AirTight Networks Inc. as a team lead in technology group since last 3 years.You can get in touch with him at amitcv[at]gmail[dot]com