March 2006 - Wireless Tools for Windows and Linux
With the increased interest in Linux in recent years, many computer users today ask themselves, “What hardware should I purchase that I can use with Windows and Linux?” and “Which operating system will best suit my purposes?” Sometimes, determining hardware compatibility with different operating systems can be difficult, especially for wireless products. For those unfamiliar with Linux, making such a decision can be a daunting task that is further complicated by the large number of companies selling wireless cards. Fortunately, there are far fewer companies producing chipsets for use in these wireless cards, thus simplifying the process some because the drivers are based on chipset, not card manufacturer. Currently, the most common chipsets are Atheros, Cisco, Orinocco, Intersil Prism and Intel.
Providing a list of chipsets based on the card manufacturer is nearly impossible because most manufacturers do not provide this information openly and sometimes change chipsets for a wireless card mid-model. The best way to determine which chipset a card uses is to search the Internet.
Of course, due to the number of Windows machines in use around the world, all of these cards have drivers available for Windows XP and often Windows 2000. Simply install the latest drivers from the manufacturer and you should be ready to go. The Windows drivers have a few problems when compared with the Linux drivers, most importantly is that most, if not all, of the Windows wireless drivers do not support all available features, such as promiscuous mode, which limits the functionality on Windows. These limitations have lead to a smaller number of wireless utilities being available for Windows. Of the wireless utilities available for Windows, perhaps the most useful is a program called NetStumbler, which can be found at http://www.netstumbler.com.
NetStumbler is a program that actively searches for wireless access points within range. In order to find the access points, NetStumbler relies upon the Service Set Identifier (SSID) being broadcast from the access point. NetStumbler accomplishes this by actively probing for access points. Unfortunately, this method also makes the program more prone to being overwhelmed by fake access points set to deter those searching for APs in the area. In addition, if an access point has broadcast disabled, then the access point is virtually invisible to NetStumbler. NetStumbler will also work with some models of Global Positioning Systems (GPS) to associate coordinates with your location when the access point was detected. All of the information that NetStumbler gathers can then be saved in a log file for future use. To work with these log files, a wide range of utilities have been created, many of which have links on the NetStumbler site.
Chipset Driver name Web site Notes
Not fully open source; the HAL is only available Atheros MadWifi http://www.madwifi.org as a binary file. Some cards support 802.11a, b and g.
Latest version requires a fairly new kernel Orinoco orinoco http://www.nongnu.org/orinoco/ version.
http://www.cisco.com/pcgi-Cisco aironet Provided by Cisco but no official support. bin/tablebuild.pl/aironet-utils-linux
Does not use standard Linux tools for Linux-wlan-ng http://www.linux-wlan.com/linux-wlan/ configuring wireless cards; requires its own utilities, available from the same site. Prism Also provides software to allow Linux to Hostap http://hostap.epitest.fi/ function as a wireless access point. Uses standard Linux wireless tools.
ipw2100 http://ipw2100.sourceforge.net/ Intel ipw2200 http://ipw2200.sourceforge.net/
DriverLoader http://www.linuxant.com/driverloader/ Both of these are used with Windows drivers, Others but functionality is limited to that with NdisWrapper http://ndiswrapper.sourceforge.net/ Windows. For Linux, configuring the wireless card is a bit more complicated than on Windows. First, you must determine the chipset of the card. To assist in determining the chipset, a slightly outdated list of cards and chipsets can be found at http://www.linux-wlan.org/docs/wlan_adapters.html.gz. Otherwise, a search with any of the search engines should provide some useful information.
Once the chipset is determined, the next step is to download and install the drivers. Although many wireless cards are supported in the most recent kernels (2.6.x), separate drivers provide better features and are more easily updated as newer versions become available. For those cards with multiple choices of drivers in the table below, you should choose a driver based the functionality required. The following table provides some information regarding the available choices. Although this table is not an exhaustive list of drivers, it does provide some suggestions to get started.
Details on how to install each of these drivers can be found at the Web sites listed, with additional information found by searching the Internet. One of the best resources for such information is http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/. This Web site provides useful information along with a number of links to other sites. Once the driver is installed, a wide range of tools are available for working with wireless cards on Linux.
One way to avoid the trouble of configuring wireless cards under Linux is to use a Live-CD distribution of Linux that comes preconfigured with the necessary drivers and software. Many such distributions exist, but some of the more popular versions are Knoppix-STD (http://www.knoppix-std.org/) and Auditor (http://www.remote-exploit.org/index.php/Auditor_main), both of which are Live-CD distributions based on Knoppix with a focus on security related programs, including wireless tools.
As compared with Windows, a wide range of choices exists for searching for access points under Linux. Of these tools, one of the most popular choices is Kismet. As with NetStumbler on Windows, Kismet can detect wireless access points with SSID broadcast enabled and can also provide coordinates of your location when the access point was found if used in conjunction with supported GPS devices. However, this is where the similarities end and the real differences between the Linux and Windows programs come through.
Unlike NetStumbler, Kismet can detect access points that do not broadcast the SSID. When Kismet finds such an AP, it will show that is has found an AP but will not show the SSID. As the program continues to listen to the wireless traffic, if it detects a client attempting to connect, Kismet will associate this connection attempt with the AP found and provide the SSID for that AP. Another difference between NetStumbler and Kismet is how Kismet detects access points. Kismet passively listens for wireless traffic and identifies access points in the area. Kismet also does not work with all wireless cards. Under Linux, most common cards are supported, but under other OSs, such as *BSD and Mac OS X, the list of supported cards is fairly limited. Finally, Kismet offers the ability to lock the card on a specific channel so that other tools, such as Ethereal, can sniff traffic on the wireless card.
Once an access point is found, most programs will show the channel the AP was found on and whether or not the AP uses encryption to keep unauthorized users from accessing the data being transmitted. For those access points configured to use Wired Equivalent Privacy (WEP) as the encryption technique, tools are available for both Linux and Windows that will allow the WEP key to be cracked, given enough traffic. Two such tools are airsnort (http://airsnort.shmoo.com/) and aircrack (The main site for this program is http://www.cr0.net:8040/code/network/, but it is currently down. Other download sites are http://www.wirelessdefence.org/Contents/AircrackMain.htm or http://linux.softpedia.com/get/Security/aircrack-7158.shtml.). More details about each of these products can be found at the appropriate Web site. As with the drivers, the Linux versions of these tools provide additional functionality over the Windows versions, but either can be used for basic cracking of WEP keys. Additionally, use of these programs under Windows requires installation of some specialized drivers in order to provide the necessary functionality. Currently, these drivers are only available for a few wireless chipsets. Details of the requirements can be found with the appropriate program. Despite these differences, using a wireless card on both Windows and Linux can prove useful in many ways. Although configuring wireless cards on Linux is much more complicated than on Windows, the additional functionality under Linux makes it worth the trouble. If nothing else, merely being able to configure wireless networking under Linux successfully can provide a boost of confidence for those new to the Linux operating system. Steve Fletcher Steve Fletcher has more than nine years of experience as a consultant in Illinois.