Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Passive wireless scanning software for Windows

  1. #1
    Junior Member
    Join Date
    Jul 2006
    Posts
    6

    Passive wireless scanning software for Windows

    While reading a book on wireless, i learnt windows supports Active scanning perdominantly. Are there tools that will work on passive mode on wireless cards that comes with Intel mother boards?

    So far i heard, it was only about active scanners for Windows enviornment like NetStumbler, Vistumbler.

    I will appreciate your guidance,.

  2. #2
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    There is at least one passive scanner available but it only works with one specific wireless card - not Intel.
    Cain's Passive Scan feature requires the AirPcap adapter and drivers from CACE Technologies.

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    you need to have a card that is "promiscuous"...the s/w isn't the issue.
    Every now and then, one of you won't annoy me.

  4. #4
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    Intel cards for wired Ethernet connections have promiscuous mode. Wireless cards do not. It is a function of the drivers for the hardware, not the chip set itself. So it is software that is the issue.

  5. #5
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    he lies
    Every now and then, one of you won't annoy me.

  6. #6
    HYBR|D
    Guest
    Quote Originally Posted by bludgeon View Post
    he lies
    404 Details not found.

  7. #7
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    Quote Originally Posted by HYBR|D View Post
    404 Details not found.
    I lol'd, well played sir.
    Every now and then, one of you won't annoy me.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    @ anban.r please check out page 13 of this document:

    http://www.intel.com/network/connect...in_tool_wp.pdf

    As I understand it, the question is: "can you get an RF monitoring driver for your particular WiFi card/adapter".

    Sure, you need a card that is "promiscuous" but basically they potentially all are, provided you have a special driver that supports it.................the regular drivers don't.

    Technically that does make it a software issue, but, as many cards don't have the appropriate software the distinction is somewhat academic, as the make and model of card just won't do the job.

    Personally I blame Intel................ it's just like their scabby 915 chipset............if you have the 915M it has the software to support a native 16:9 aspect ratio whilst the software for their desktop boards won't
    Last edited by nihil; July 24th, 2011 at 12:15 AM.

  9. #9
    Junior Member
    Join Date
    Aug 2011
    Posts
    1

    Passive Scanning with KisMAC

    KisMAC is a passive network scanner. Rather than send out active probe requests, it instructs the wireless card to tune to a channel, listen for a short time, then tune to the next channel, listen for a while, and so on. In this way, it is possible to not only detect networks without announcing your presence, but also find networks that don't respond to probe requests—namely, "closed" networks (APs that have beaconing disabled). But that's not all. Passive monitors have access to every frame that the radio can hear while tuned to a particular channel. This means that you can not only detect access points, but also the wireless clients of those APs.

    The standard AirPort driver doesn't provide the facility for passive monitoring, so KisMAC uses the open source Viha AirPort driver (www.dopesquad.net/security). It swaps the Viha driver for your existing AirPort driver when the program starts, and automatically reinstalls the standard driver on exit. To accomplish this driver switcheroo, you have to provide your administrative password when you start KisMAC. Note that while KisMAC is running, your regular wireless connection is unavailable. KisMAC also supplies drivers for Orinoco/Avaya/Proxim cards, as well as Prism II-based wireless cards.

    KisMAC's main screen provides much of the same information as MacStumbler or iStumbler. But double-clicking any available network shows a wealth of new information (see Figure 1).
    http://oreilly.com/images/hacks/wire...gs/wh_0320.gif
    One interesting side effect of passive scanning is that channel detection isn't 100 percent reliable. Since 802.11b channels overlap, it is sometimes difficult for a passive scanner to know for certain which channel an access point is tuned to, and it can be one off from time to time. The AP in Figure 2 is actually set to channel 3, although it is reported as channel 2.

    KisMAC allows you to specify which channels you would like to scan on. This can help if you are trying to find access points that are using the same channel as your own. See Figure 2
    http://oreilly.com/images/hacks/wire...gs/wh_0321.gif
    KisMAC has a slew of nifty features, including GPS support, raw frame injection (for Prism II and Orinoco cards), and even a real-time relative traffic graph (Figure 3). If it detects a WEP network, it can use a number of advanced techniques to try to guess the password. And yes, it can even read discovered ESSIDs aloud.
    http://oreilly.com/images/hacks/wire...gs/wh_0322.gif
    Perhaps the most powerful feature of all is KisMAC's ability to log raw 802.11 frames to a standard pcap dump. Check the "Keep Everything" or the "Data Only" option in preferences to save a dump file that can be read by tools such as Ethereal [Hack #39].

    KisMAC is probably the most advanced wireless network monitor available for OS X, although it is still quite beta. I keep MacStumbler and iStumbler handy, as they both are slightly more stable and can operate without removing the AirPort driver. If you are simply looking for available networks, then KisMAC is probably overkill. But sometimes you need as much detail as you can get to troubleshoot difficult network problems, and when you do, KisMAC can be the right tool for the job.
    Last edited by HYBR|D; August 5th, 2011 at 06:30 AM. Reason: Removed an incorrect url

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi, Alexa, and welcome to AO.

    Yes, unfortunately I am afraid that you have just highlighted the OP's problem. There is stuff for MAC and *nix, but not so much for Windows. Unless you have the right make and model of wireless card and the drivers to support it.

    From the original post:

    i learnt windows supports Active scanning perdominantly. Are there tools that will work on passive mode on wireless cards that comes with Intel mother boards?

Similar Threads

  1. SQL Tutorial
    By ch4r in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 18th, 2005, 08:20 AM
  2. Security Scanning Software - Free
    By jbclarkman in forum Newbie Security Questions
    Replies: 14
    Last Post: December 9th, 2004, 03:34 AM
  3. Installing wireless nic in linux with ndiswrapper ...
    By Shrekkie in forum Other Tutorials Forum
    Replies: 1
    Last Post: September 2nd, 2004, 09:11 AM
  4. Top 10 tips to stop wireless hackers/crackers
    By s0nIc in forum Network Security Discussions
    Replies: 16
    Last Post: March 19th, 2002, 10:44 PM
  5. Reasons why softwares are insecure...
    By s0nIc in forum Non-Security Archives
    Replies: 4
    Last Post: February 3rd, 2002, 04:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •