Advertisment

Network Management in the Air

author-image
PCQ Bureau
New Update

Deploying an enterprise class wireless network requires considerable

planning. Even more difficult is maintaining it after deployment. There are many

reasons for this. One is security, because you can't really control how far the

signal of your wireless network will go. Another is speed, which can vary

considerably from time to time depending upon how many users are connected to

it. A third issue is that wireless networks are shared. As a result, as more

users are added onto it, the throughput also reduces considerably.

Advertisment

Therefore, while deploying APs, we have to be careful about the number of

users per AP. Plus, we have to be careful about the positions of their antennae

as well.

The good news is that there are plenty of tools available for managing

wireless networks. We will take a look at some of these in this article, and

will also tell you which issues are they capable of resolving.

Let's start with tools to help you plan and deploy a wireless network.

Advertisment
Once you scan

your network with LANSurveyor, it creates a map with all devices and links

Planning and Deploying



While deploying APs, one of the key things to do is to locate black spots.

For this, a number of spectrum analyzers are available. A spectrum analyzer is

essentially a software coupled with a specialized RF receiver, which can connect

to a laptop either via a PCMCIA or USB port. Once installed, it can check for

the type and approximate location of other RF devices such as Bluetooth,

cordless phones, RF cameras, and even WiFi Jammers that are nearer to your AP.

AirMagnet's Spectrum Analyzer



We tried out this easy to deploy app in our labs. All you have to do for

using this is to install it and plug in the AirMagnet CardBus antenna, which

comes with the package. Run this app, and it will start receiving RF signals and

matching patterns of the captured devices. On the left side of the main

interface window it will list all devices found, and will then categorize them

by their types.

Advertisment

You will be able to see real time noise levels generated by those devices and

also the approximate center of noise. You can view the results in spectrum,

device and channel formats.

The most useful view option would be channel, using which you can see which

device is interfering with which channel and affecting which AP. You can order

this application from  www.airmagnet.com /products/ spectrum_analyzer/.

You can

simulate all your APs on the blueprint of the network that you have created

using AirMagnet Surveyor
Advertisment

AirMagnet Surveyor



The next app which we are going to use for planning the placement of APs

within the building is AirMagnet Surveyor. You can get it from http://www.airmagnet.

com/products/survey/. You can even request for a fully functional demo from the

same website (though it will be valid for one day).

Installing this application is again simple. Just take the Setup file and run

it. This will open the Setup wizard; a few clicks on the 'Next' button and you

are through with the installation. After that, you would be asked to select the

exact WLAN card model, which is there in your laptop. Interestingly, it works

with most of the recent Intel, Cisco and even Centrino cards as well.

Once the card is selected, run the app and provide the blueprint of the

building where you want to place the APs. Provide the blueprint, mention its

size and start the wizard. After importing the blueprint, this wizard will

provide you with a window in which you can place and simulate all your APs.

Select the AP for which you want to create the live survey map, and go near the

actual AP, so that this software can measure the actual strength of the device.

Advertisment

Now, click on the 'Play' button on the right. You will see the animated

'walking man' icon. Place the icon at the exact position in the blueprint where

the actual AP is present or where you are likely to deploy it, by clicking on

the location. Once you do so, the AP will be placed and you will be able to see

its range in the blueprint.

The range of an AP is calculated on the basis of actual performance judged by

the software and is pretty much accurate.

You can now deploy all APs on the blueprint first to see the simulation of

coverage which you will get after actually deploying them in the building. In

this simulated environment it becomes very easy for an administrator to get the

best possible placements.

Advertisment
You can

monitor all access points on your network using Kismet. As shown, it even

alerts you if any suspicious client is found connected to any of the access

points

Securing and Monitoring



To secure a wireless network, one should regularly perform its penetration

testing. We discuss below a few tools meant for this specific purpose.

Airsnort



This is a free tool meant for checking your WEP strength. It is available

for both Windows and Linux. It monitors as well as captures encrypted data that

is being transmitted over the wireless network and then recovers the WEP key. It

needs approximately 5 — 10 million packets for decrypting the key.

Advertisment

This same tool can be used for checking the strength of your WEP keys and

also for calculating the number of days that a standard machine will take to

break the WEP key that you are using. If this tool has calculated approximately

five days will be taken by anyone to break your WEP key, then you can use the

'auto changing WEP key' option and set it to three days or less to make sure

that your WEP key gets renewed even before someone is able to crack it.

Installing Airsnort in Linux is simple. Just run the command below and you

are through with installation.

# yum install airsnort

Execute Airsnort by writing 'kismet' on the terminal or navigate to

Application > Internet and then click on 'Airsnort' item (on a Linux system).

This will open the 'Airsnort' application window.

By default, this tool will scan for wireless networks on all channels. If you

want to scan a specific channel, then select the 'channel' radio button provided

on the application window, and specify the channel number.

Now, select the network device from the drop-down list that this tool should

use; it can be 'eht1' or 'eth0' depending upon your hardware configuration.

Specify the driver type: Host AP/Orinoco, wlan-ng and others, this is to tell

Airsnort that how it can place your card in the monitoring mode.

Airsnort uses probabilistic approach to crack the 40 and 128 bit passkey.

When it acquires approximately 10 weak packets from a particular access point,

then it tries for the crack. The 'crack breadth' option specifies the number of

attempts it should try on a group of weak packets that are captured. By default

it is 3 for cracking 40 bit passkey and 2 for 128 bit passkey, though you can

define the number of attempts within a range of 1-20. Going for maximum number

of attempts is recommended as probability of cracking a passkey increases. Using

this tool you can save data in two different formats.

The first is 'pcap' dump file format; you must initiate this option before

you start capturing data, it saves all the data that is being captured. For

this, click on 'Log to file' item found under the File menu. The second option

is the crackfile format, which saves minimum amount of data that Airsnort

captures during the access point discovery along with the data found in the weak

packets.

A good wireless IDS and Kismet are other important tools which are required

in any wireless network. We'l discuss about them in the following paras.

This wireless

network protocol analyzer collects all TCP packets and organizes them as a

conversation, which could further be viewed in ASCII, EBCDIC or hex formats

Kismet



Kismet is one of the most popular wireless network monitoring tools, and

provides you with features like a sniffer, network detector and an Intrusion

detection system.

It works with all those network cards that support monitoring mode and can

sniff a, b, and g traffic. This tool can sniff into any wireless network. It

starts monitoring the network without sending any information packet to the

access point or to the client (connected to that AP) so that they can log in,

and hence is completely promiscuous in nature.

Unlike other tools, this tool is divided into three parts: kismet server,

kismet client and GPSMAP. Kismet server captures data, logs, and takes care of

the GPS data. Its client version provides you with the front-end part that

connects to the server and displays the statistics of the network. The GPSMAP is

the most interesting feature; you can plot your APs or an image on a map by

using this feature. For this, it reads the GPS data from an external GPS device

and network XML data files.

Installing Kismet is simple, but using it is a bit complex. For installing

it, write the following command on the Linux terminal.

# yum install kismet

After installation, open the configuration file 'kismet.conf', which resides

in the '/etc/kismet/' folder. Find the statement 'source = none,none,addme' in

the code and change it to 'source=orinoco,eth1,root'. The first parameter

defines the source type, which could be Orinoco, Prism or Cisco based. The

second parameter defines the interface card, which should be used for capturing

packets, and the third parameter defines the name of the user. Save the file and

then exit. To start Kismet, write the following command on the terminal.

# kismet

Once Kismet is ready you can view all of the access points of your network.

You can even figure out if any fake APs are there in your network. For further

configurations, press the 'H' key, it will show all the options that are

available. You can change the ones that you want or require.

Channel

highlighted in red is the most congested one. It indicates that one should

reduce the load on that channel, so as to enhance the overall performance

Wireshark



This is another favorite data capturing tool for network administration,

formerly known as Ethereal. Now, we have a special version of Wireshark-Wireshark

WiFi. It is a GUI based wireless network protocol analyzer used for network

troubleshooting and analysis. It is free and available for all platforms: Linux,

UNIX, Mac and Windows.

This tool captures packet data from your wireless network and lets you browse

or analyze the captured packets. The unique feature that makes this tool stand

out from the crowd is that it can



collect all TCP packets and organizes them as a conversation. Further you can
view these conversations in ASCII, EBCDIC or hex format. Apart from these you

can apply a filter on almost all fields, which could be done using other tools

too, but you don't get as many options as you get from this one.

The best and easiest way to find Wireshark for a wireless network is to

search it in the Backtrack CD. When you start this tool, it does not start

capturing data at once. For capturing data click on the 'show the capture

options,' which you can find on the toolbar. After that choose the wireless

interface card that will be used by Wireshark WiFi for capturing the packets.

Once you have selected the interface, then simply click on the 'Start'

button, and this tool starts capturing packets such as TCP, UDP, ICMP, ARP, IPX

and many more. Once you have sufficient captured packets, then it's time to stop

the capturing process, for this click on the 'Stop' button. Now, Wireshark WiFi

will display the information about each packet i.e. source of the packet,

destination of the packet, which protocol was used and some miscellaneous

information about the packet.

With this information you can find out if some hacker is broadcasting too

many packets for blocking your WiFi device. Then you can analyze and figure out

the source from where this data is getting generated, and hence could prevent

the attack.

WirelessMon



This tool monitors several WiFi access points located across your

enterprise, and helps in testing whether these access points are working

properly or not. It also checks the strength of the wireless network and keeps a

check on the security of the access points. For keeping a track of the network

activity, it generates logs, which could be further saved as a file and used for

reference in future. One of the interesting features of this tool is the GPS

system.

To use this feature, you have to upload the blueprint or an image that

resembles your building architecture. Then travel to the location where the

access point is located, and then set the point on the map by clicking on the

Set P1 or Set P2 option.

This tool works on any standard Windows machine, and requires a wireless

adapter that supports NDIS_802.11. The user must be logged in through the

administrator account for using this tool. You can get this tool from the

PCQProfessional CD of this month.

Just follow the on screen instructions for installation. Once you are through

with installation, then go to the start > Programs > WirelessMon option and

launch the application. A window displaying all the necessary information about

the nearby access points such as the SSID, Mac address, strength in dBm unit,

authentication type , frequency, channel, and GPS signal will pop up.

Net Stumbler



This tool detects all the wireless APs which follow 802.11 a/b/g standards

and gathers information about them. This tool can be installed on any system

having Windows 98 or above.

You pick up any scrape laptop, which supports monitor mode and has a WiFi

adapter, and this tool will automatically start scanning of all the access

points, even those running on different channels and groups them accordingly.

This grouping helps you in identifying which all channels are overcrowded, and

hence need re-configuration etc.

For installation, double click on the 'Net Stumbler' icon and follow the

onscreen instructions. For launching this application, select the start >

programs > Net stumbler option. Scanning of the wireless access points must

begin automatically,but if it doesn't happen then click on the 'play' button

provided in the tool bar to start the scanning.

Anindya Roy, Rakesh Sharma, Vijay Chauhan

Advertisment