Wi-Foo Logo
 

Construction and defense tools
DISCLAIMER

Here are the tools useful for building secure wireless networks based on Linux and BSD operating systems. These tools include Linux wireless drivers apart from the Orinoco, Prism and Aironet modules that come with the current kernels and are likely to be enabled in the distro kernels by default. They also include drivers with AP functionality that come very handy for both attack (rogue AP) and defense (secure AP/wIDS centres and sensors/active defence appliances construction). Of course, we include wireless-specific security applications for wireless authentication, VPNs and IDS deployment on UNIX-like OS'es. These should be complimented with appropriate higher layer security tools such as OpenSWAN, Snort, Ethereal, Ettercap etc., that can be found elsewhere. Good luck with your wireless experiments - proper defence is just as interesting as attack and gives you a great opportunity to demonstrate your skills openly while contributing to your local (or global) wireless community!

If you think we have missed on something that should be included in that list please e-mail authors at wifoo@arhont.com

Linux wireless drivers - not included in kernel. You will need these unless you use Cisco Aironet or Prism drivers coming with a Linux kernel.
ACX100 not mirrored  
Atmel AT76C503/505A not mirrored  
Atmel AT76C5XXx not mirrored  
Airo-linux not mirrored  
Intel PRO/Wireless 2100 not mirrored  
LinuxAnt not mirrored  
MadWiFi not mirrored  
NdisWrapper not mirrored  
Realtek chipset not mirrored  
Socket CF card arm packages not mirrored  
Spectrum24 RFMON patched not mirrored  
Vt_ar5k not mirrored  
Wlan-ng not mirrored  
     
Linux wireless drivers with AP func. - DIY access points for both attack and defense. Beat the high-end AP manufacturers with a flexible and advanced AP of your own special design.
802.11g Prism GT/Duette/Indigo not mirrored  
BeWitched not mirrored  
Cqure AP Local mirror v 2.5.0
HermesAP Local mirror v 0.2
HostAP not mirrored  
NB! access point functionality support is inbuilt on all major BSD systems.
WiFiBSD not mirrored v 0.11
     
Miscellaneous - variety of software specifically designed and seleceted to fend off some of the attacks we describe and trace the attackers. Should be used in concert with the standard-implemented wireless security safeguards and/or higher layer countermeasure tools such as FreeSWAN and iptables.
AirIDS Local mirror v 0.3.0b
FakeAP (as honeypot) Local mirror v 0.3.2
Garuda Local mirror v 0.2.1
Hotspot Defense Kit (MAC)
Local mirror v 0.2
Hotspot Defense Kit (winxp) Local mirror v 0.2
ISAKMPD-WLSec Local mirror v 20031216
Kismet (as IDS) Local mirror v 2005-08-R1
Maidwts.pl Local mirror v
NoCat Local mirror v 0.82
Snort-wireless Local mirror v 2.4.3-alpha4
TinyPEAP not mirrored  
Wavesec not mirrored  
Wepless Local mirror v 0.2
WiCap Local mirror v 0.2
wIDS Local mirror v 1.4.3
Widz Local mirror v
Xsupplicant Local mirror v 1.2.3