Amassing Your War Chest on The Hacking Wireless (1/3)
In This Chapter
1. Choosing your platform: PDAs versus laptops
2. Choosing your software
3. Using software emulators
4. Choosing transceivers, antennae, and GPS
5. Signal jamming
Acyberwar is being waged. Your perimeter is under siege. What makes
the attack especially insidious is that you cannot see your enemy. This
isn’t hand-to-hand combat. Your enemy could be 2 miles from your office and
still access your network and data. Your access point is your first line of
defense in this war. It behooves you, then, to prepare for battle.
One way to prepare for any war is to participate in war games. Real war
games allow you to test your equipment, tactics, and operations. In this case,
war games allow you to test your wireless networks under normal conditions.
Like the Reservist going off to war, you also must receive adequate training
on the latest weapons and tactics. Although the rest of the book focuses on
tactics, this chapter focuses on equipment. You need practice with the tools
the crackers use for real.
You need some hardware and software, but you have choices about what
type of hardware and software you use. This chapter serves as your armory.
If you favor the Windows platform, we have some tools for you. Should you
favor Linux, you will find some tools as well. We don’t leave Apple enthusiasts
out; we have something for you, too.
Choosing Your Hardware
What’s your poison? Laptop or personal digital assistant? The two primary
hardware platforms for wireless hacking are
- Personal digital assistant (PDA) or personal electronic device (PED)
- Portable or laptop
Each platform has its pros and cons. First, a PDA is readily portable so you
can easily carry it from place to place. However, you won’t find as many tools
for the PDA as you will for other platforms — depending on the operating
system you run on your handheld device. If you run the Zaurus operating
system, for example, you have more choices for software than you do if you
choose the Pocket PC operating system.
One thing is safe to say: You don’t want to run wireless-hacking tools on a
desktop. You may want to store NetStumbler files on the desktop, but the
desktop is not really portable. The key thing to think about when choosing
your hardware is portability. When performing hacking tests, you must be
able to walk around your office building or campus, so a desktop is probably
not the best choice. However, we know of people who use mini-towers in
their cars for wardriving (discussed later in this chapter), but we don’t recommend
it!
The personal digital assistant
Because of its portability, a PDA is the perfect platform for wardriving — but
not for tasks requiring processing power. You want to get a PDA that uses
either the ARM, MIPS, or SH3 processor. We recommend the Hewlett-Packard
iPAQ (ARM processor), the Hewlett-Packard Jornada (SH3 processor), or the
Casio MIPS for wardriving. These are handy devices since someone was kind
enough to develop network discovery software for these platforms.
ARM’s processor technology has been licensed by more than 100 parties, so
you should easily find a solution you like. It’s so easy, in fact, that you would
better spend your time choosing the right operating system for your needs. We
tell you more about operating systems in the software section of this chapter.
The portable or laptop
PDAs are great, but, typically, ethical hackers use laptops. Laptops have
dropped dramatically in price the last few years, so they have become more
accessible. You don’t need a lot of processing power, but, to paraphrase Tim
Allen, more power is better. You can use almost any operating system, including
Windows 98, although you will find you get better results when using a
newer and supported operating system. In addition to the laptop, you need
the following components to get maximum results from your ethical hacking:
- Hacking software
- A wireless network interface card (NIC) that can be inserted into your laptop — preferably one with an external antenna jack
- External antenna (directional or omnidirectional) with the proper pigtail cable to connect your external antenna to your wireless NIC
- Portable global positioning system (GPS)
- DC power cable or DC to AC power inverter to power your laptop from your car’s 12-volt DC cigarette lighter plug socket. These are widely available from RadioShack, Kmart, Staples, CompUSA, or Wal-Mart stores.
The next few sections discuss these components in greater detail.
Hacking Software
To do your job properly, you need a selection of freeware and commercial
software. Fortunately, a glut of freeware programs is available, so you don’t
need a champagne budget; a beer budget should suffice. In fact, if you are
prepared to run more than one operating system, you can get by using only
freeware tools. You need the following software to do all the hacking exercises
in this book:
- Partitioning or emulation software
- Signal strength–testing software
- Packet analyzer
- Wardriving software
- Password crackers
- Packet injectors
Using software emulators
In a perfect world, all the tools available would work on the same operating
system. But in the real world, that’s not the case. Many great tools operate on
operating systems that are incompatible with each other. Very few of us, of
course, are conversant with multiple operating systems. Also, few of us have
the money to support duplicate hardware and software. So, how can you use
all these tools? You need to find a solution that allows you to run more than
one operating system on the same machine.
To solve this problem, people often build dual-boot or multi-boot workstations.
You can use a product like Symantec’s PartitionMagic (www.symantec.com/
partitionmagic) to set up partitions for the various operating systems. For
more information about setting up and using PartitionMagic, among other
things, check out Kate Chase’s Norton All-in-One Desk Reference For Dummies
(Wiley). After you set up your partitions, you install the operating systems on
the various partitions.
When everything’s installed, you can select the operating system you want to
use when you boot the system. Say you’re using NetStumbler on Windows XP
and you decide to use WEPcrack — which is available only on Linux — on the
access points you just identified with NetStumbler. You shut down Windows
XP, reboot your system, and select the Red Hat Linux operating system. When
you want to use Windows XP again, you must do the reverse. This isn’t a bad
solution, but flipping back and forth a lot eats up valuable time. And managing
your partitions and trying to make the operating systems coexist on the
same hardware can be challenging.
Enter software emulators. Software emulators allow you to emulate a guest
operating system by running it on top of a host operating system. You can
run Linux emulation on a Windows host, and vice versa. To emulate Windows
or DOS on a Linux host, you can choose one of the following Windows-based
emulators:
- Bochs (http://bochs.sourceforge.net)
- DOSEMU (www.dosemu.org)
- Plex86 (http://savannah.nongnu.org/projects/plex86)
- VMware (www.vmware.com)
- WINE (www.winehq.com)
- Win4Lin (www.netraverse.com)
Alternatively, you can emulate Linux on a Windows host. To do this, choose
one of the following Linux-based emulators:
- Cygwin (http://cygwin.com)
- VMware (www.vmware.com)
Mac lovers can already run most of the UNIX tools under the Mac OS. To
emulate the Windows environment, you can run an emulator like Microsoft
Virtual PC (www.microsoft.com/mac/products/virtualpc/virtualpc.
aspx?pid=virtualpc).
To get you going, the next two sections discuss Cygwin and VMware, two
excellent examples of emulation software.
Setting up Cygwin
Do you use Windows but have software that only runs on Linux? If so, Cygwin
is your answer. Cygwin is a contraction of Cygnus + Windows. It provides a
UNIX-like environment consisting of a Windows dynamically linked library
(cygwin1.dll). Cygwin is a subsystem that runs on Windows and intercepts
and translates UNIX commands. This is transparent to the user. With Cygwin,
you can have the experience of running xterm and executing ls commands
without ever leaving your safe Windows environment.
First, download Cygwin by going to http://cygwin.com. Installing Cygwin is
easy when you follow these steps:
1. On the home page, click the Install or Update Now! (Using setup.exe) link about halfway down the page.
You see a File Download – Security Warning window.
3. Click Run to download Cygwin.
You see the message
4. Click Run to run setup.exe.
You see the Cygwin Setup window
Security warning.
4. Click Next.
5. Select Install from Internet and click Next.
This is the installation type. If you have a CD-ROM with Cygwin, select
Install from Local Directory instead.
The Choose Installation Directory dialog box appears, as shown in this picture
6. Choose the installation directory options based on your needs and setup and then click Next.
After installation, this is the Cygwin root directory. Leave the default or
click Browse to select another location. You can decide whether to make
Cygwin available to all users or just to you. In addition, you can decide
whether you want DOS or UNIX file types.
7. Select a location in which to store the installation files. Then click Next.
Unless you have a compelling reason for not doing it, use the default. If
you must put the installation files somewhere else, click Browse and
select the location.
8. Select the type of Internet connection you have. Click Next.
We suggest that when you aren’t sure what to select here, use the
default. If you’re doing this from your home office, then Direct
Connection should work. If you’re at work, you might have a proxy
server. If you have a proxy server, it’s perhaps best to talk to your
system administrator.
9. Select a download site from the scroll box. Click Next.
You may have to try a few download sites before you find one that works
for you. Peter tried several times to find a site. Either it would not start
the download and required him to select a new site or it got halfway
through the download and quit. You must persevere. Cygwin is worth it.
The Select Packages window appears, as shown in this picture
10. Select the packages you want to install. Click Next.
If you want them all, click Default beside the word All under Category.
The word Default appears next to many categories. Clicking this word
more than once produces a range of results: Click it once, and it changes
to Install. Click again, and it’s Reinstall. Click it again, and it’s Uninstall.
Click one last time, and you are back at Default. We suggest you select
Install. Installing everything takes up approximately 1 gigabyte. If you
don’t have the available space, select only those categories you think
you will need.
If you choose to install everything, it can take a long time. Obviously,
how long depends on the bandwidth of your connection to the Internet.
It also depends on the speed of your processor. But trust us, when you
install everything, it takes time, so prepare yourself for a long wait.
Should you choose not to install a package at this time, you can always
do so at a later time. Rerun the setup.exe program and install those
programs you now want.
While Cygwin installs, the progress window shown in the picture tracks
your progress as it downloads the various components.
When the setup is complete, you see the window shown in this picture
11. If you want to create desktop or Start menu icons, select (or deselect) the appropriate options. Click Finish.
That’s it. You are now the proud owner of Cygwin.
Cygwin presents you with a command prompt. This is a bash shell. The Cygwin
user is the same as the Windows user. If you want to see what Cygwin has
mounted for you, in addition to the contents of the c:/cygwin directory you
created, type df at the prompt. The c:/cygwin directory is the root directory.
You have the opportunity to try some of the UNIX tools in later chapters. But
just to get started, type uname –a at the prompt. Try an ls -al command.
Ever cursed Windows because you couldn’t easily find out what processes
are executing? Well, you just have to execute the ps –aWl command. (You
might want to pipe (>) the output to a file.) If you’re not familiar with UNIX
commands, then you need to get a good UNIX book. Why not start with UNIX
For Dummies, 5th Edition, by John Levine and Margaret Levine Young (Wiley)?
Cygwin has a couple of drawbacks:
- You have to use the UNIX version it gives you.
- You cannot run other operating systems.
That’s a pretty short list considering that Cygwin is free (it is distributed under
the GNU Public License). However, should you feel flush, you can move up to
VMware.
Taken from:
Hacking Wireless Networks For Dummies®
Published by
Wiley Publishing, Inc.
111 River Street
Hoboken, NJ 07030-5774
www.wiley.com