Exporting NetStumbler Data

Previous page
Table of content
Next page

  < Day Day Up > 


After you’ve returned from your WarDrive, you will have some data. Depending on your area, and the number of WLANs there, you may have a lot of data! If you are inclined to perform any kind of analysis, you may want to use the data in other programs such as spreadsheets or databases. To help you do this, NetStumbler includes the capability to export the collected data in three formats: Summary, Text, and Wi-Scan. However, MiniStumbler does not include an export function. To extract text data from a file compiled by MiniStumbler, the file must first be opened in MiniStumbler.

The export functions are located in the File menu under File | Export | Summary, File | Export | Text, and File | Export | wi-scan. All three are very similar in that they export the information as text files. They differ only in the amount of information that they export. Using the original NetStumbler file used in Chapter 2, we’ll see how the information is exported

As the name implies, Summary exports a single line summary of each WLAN detected in a Tab delimited format. Most of the column headings are the same or similar to the graphical NetStumbler display. Here is the top of a Summary file, and the one line from the first detected AP:

# $Creator: Network Stumbler Version 0.4.0 # $Format:  wi-scan summary with extensions # Latitude  Longitude  ( SSID )  Type  ( BSSID )  Time (GMT)  [ SNR Sig  Noise ]         # ( Name )  Flags  Channelbits  BcnIntvl  DataRate # $DateGMT: 2003-12-03 N 44.3702500  W 73.2314583  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  14:59:51 (GMT)          [ 28 81 53  # ( )  0005  00000040  100  110

The Text file format exports the same information, but gives all readings recorded for a particular AP. In this example, the Text file has reported six lines of data for the same AP that was seen in the Summary example.

# $Creator: Network Stumbler Version 0.4.0 # $Format: wi-scan with extensions # Latitude  Longitude  ( SSID )  Type  ( BSSID )  Time (GMT)  [ SNR Sig Noise ]   # ( Name )    Flags   Channelbits    BcnIntvl    DataRate # $DateGMT: 2003-12-03 N 44.3718317  W 73.2304633  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  14:59:51 (GMT)         [ 7 59 52 ]  # ( )  0005  00000040  100  110 N 44.3718317   W 73.2304633  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  14:59:51 (GMT)         [ 7 59 52 ]  # ( )  0005  00000040  100  110 N 44.3717967   W 73.2303550  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  14:59:58 (GMT)         [ 7 59 52 ]  # ( )  0005   00000040   100   110 N 44.3717800  W 73.2304183  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  15:00:00 (GMT)         [ 0 53 53 ]  # ( )  0005  00000040   100   110 N 44.3717800  W 73.2304183  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  15:00:00 (GMT)         [ 6 59 53 ]  # ( )  0005  00000040  100  110 N 44.3717750  W 73.2304417  ( linksys )  BBS  ( 00:0c:41:41:2b:b6 )  15:00:28 (GMT)         [ 7 58 51 ]  # ( )  0005  00000040  100  110

Finally, the wi-scan file format exports the multiple readings for each AP, but has fewer columns. This format is compatible with the data from several other WLAN scanning programs. In this example, you can see the same six data lines as in the Text example. However, the Number, Name, Flags, Channel Bits, Beacon Interval and Data Rate columns are not included. 

# $Creator: Network Stumbler Version 0.4.0 # $Format: wi-scan # Latitude   Longitude   ( SSID )   Type   ( BSSID )    Time (GMT)   [ SNR Sig Noise ] # $DateGMT: 2003-12-03 N 44.2230990   W 73.1382780   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   14:59:51       (GMT)   [ 7 59 52 ] N 44.2230990   W 73.1382780   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   14:59:51       (GMT)   [ 7 59 52 ] N 44.2230780   W 73.1382130   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   14:59:58       (GMT)   [ 7 59 52 ] N 44.2230680   W 73.1382510   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   15:00:00       (GMT)   [ 0 53 53 ] N 44.2230680   W 73.1382510   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   15:00:00       (GMT)   [ 6 59 53 ] N 44.2230650   W 73.1382650   ( linksys )   BBS   ( 00:0c:41:41:2b:b6 )   15:00:28       (GMT)   [ 7 58 51 ]

Using the Exported Data

If you plan on using the Summary, Text, or Wi-Scan text exports for any kind of analysis or mapping, there are several things you need to know about them. First, the text output always shows the Signal Strength data as a positive number. To determine the correct dBm reading, you must subtract 149 from the reading in the text file. This is due to the manner in which the card drivers internally record the numbers.

The second piece of information you need to know is the way that the data is encoded in the Flags and Channelbits columns. As previously noted, the Flag column contains the 802.11 capability information in hexadecimal (base 16). This is also true of the Channelbits field. To determine what data has been recorded in these two fields, you may need to perform some hexadecimal arithmetic. If you don’t understand how to do addition or subtraction in hexadecimal, then you should consider reading up on the subjects. It is not particularly difficult, but it is more complicated than we have space for here.

To determine the values contained in the Flags field, you need to perform the hexadecimal operation AND. For example, you scan an AP; the Flags are shown as 0011. Using AND against 0011 for all the possible values, only 1 and 10 would return TRUE (or 1).

  • 0001 3/4

  • 0002

  • 0004

  • 0008

  • 0010 3/4

  • 0020

  • 0040

  • 0080

  • 0400

Since 0001 indicates Extended Service Set (ESS) or Infrastructure mode, and 0010 indicates privacy or encryption, you therefore can conclude that you have detected a wireless network that is infrastructure-based (it uses an access point) and which has encryption turned on.

A flag of 0035 would be computed as:

  • 0001 3/4

  • 0002

  • 0004 3/4

  • 0008

  • 0010 3/4

  • 0020 3/4

  • 0040

  • 0080

  • 0400

Base on this, you can determine that the WLAN is running in Infrastructure mode, the AP is CF-Pollable, it is using a Short Preamble, and encryption is turned on, as 0001 indicates ESS mode, 0004 designates that the network uses the Contention-Free (CF) Pollable protocol, 0010 shows that encryption is enabled, and 0020 indicates that the WLAN is using the Short Preamble.

The 802.11b channel numbers and corresponding Channelbits hexadecimal codes are shown in Table 3.2.

Table 3.2: Channels and the Channel Bits

Channel

Channel Bits

1

0002

2

0004

3

0008

4

0010

5

0020

6

0040

7

0080

8

0100

9

0200

10

0400

11

0800

12

1000

13

2000

14

4000

Again, these are encoded as hexadecimal numbers. If multiple channels are encountered, then hex arithmetic will have to be performed to determine the channels from the Channelbits columns.


  < Day Day Up > 


Previous page
Table of content
Next page
WarDriving(c) Drive, Detect, Defend(c) A Guide to Wireless Security
Special Edition Using Macromedia Studio 8
ISBN: N/A
EAN: 2147483647
Year: 2006
Pages: 125
Authors: Sean Nicholson
BUY ON AMAZON
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Sap Bw: a Step By Step Guide for Bw 2.0
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy