All new Wi-Fi CERTIFIED products support WPA2 (AES-CCMP) security, but that's not enough to harden a WLAN against attack. Breaches can still be caused by policy, configuration, and coding mistakes, overly-friendly clients, or unauthorized APs. Continuous surveillance and periodic assessments are important to spot (and then patch!) these and other WLAN vulnerabilities.
You can't conduct a thorough assessment with just one tool, no matter how great the tool. A well-stocked pentest kit includes many tools – some simple, some sophisticated; some free, some not. Ultimately, the "best" toolkit depends on network size, risk tolerance, budget, and personal preference. Commercial tools can save time and effort, but they aren't for everyone. So here we list our favorite free (open source or beggar-ware) wireless security test tools.10) Android WiFi Analyzer: The first step in any Wi-Fi assessment is to explore your surroundings for surprises on the 2.4 and 5 GHz bands. Free WLAN discovery tools exist for nearly every OS, from the infamous Win32 NetStumbler to Meraki's Java Cloud Stumbler. Our current fave is the Android WiFi Analyzer. With this handy tool, we can record SSIDs and APs, graph real-time channel usage and signal strength, and even locate selected APs – using nothing more than the smartphone in our pocket.
9) Heatmapper: Figuring out where APs are located so that you can identify their owner and threat level can be tedious. Ekahau's free Heatmapper (Win32) is a convenient way to map APs in a small area. Just import a floorplan (or use the default grid) and perform a slow walk-about, pausing to click on your location. After a few minutes (max 15), let Heatmapper plot RF footprints for every AP it heard--often with pretty good accuracy.
Read this full article at eSecurity Planet
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!