| ||
Wellenreiter is a user -friendly tool that offers simple, straightforward wireless packet capture. It comes in two flavors: a Perl-based script that supports Linux and a C++ version that supports the wider Unix population as well as some handheld devices. Consequently, Wellenreiter is good for quickly putting together simple, unsophisticated wireless auditing tools.
If you have used a Perl script, you've probably come across the problem of installing certain modules required by the script. The Wellenreiter Perl script is no exception. It requires the Net::Pcap module, which is readily available from http://www.cpan.org. The interface requires the GIMP Toolkit (GTK) module, but that is most likely already present on most systems.
Tip | If you have trouble installing the Net::Pcap module on a Linux distribution, verify that you have the perl- devel -*.rpm installed. The module requires certain headers to compile correctly. |
Once you have installed the necessary Perl modules, you are ready to use Wellenreiter. It will automatically handle the configuration and monitoring mode for most Cisco-, Lucent-, and Prism2-based cards. Therefore, all you need to do is execute the script with root privileges.
# perl Wellenreiter.pl
The interface is simple (see Figure 17-4). The left pane lists channels monitored by your card and the right pane displays the SSIDs discovered .
By default, Wellenreiter saves a binary packet capture to the user's home directory. Look for *.dump files with a timestamp in the name . These are in pcap format (remember Net::Pcap?) and can be viewed with tcpdump or Ethereal. You can also read data from a GPS device, but if you're interested in mobile wireless discovery, kismet might be better suited to your needs.
| ||