Wireless Networking

Wireless networking news, publications and reviews

• Techdirt Wireless, Ziff Davis Wireless Supersite, WirelessWeek.com, Engadget Wireless, and Daily Wireless
• Glenn Fleishman's Wi-Fi Networking News, Alan Reiter's Wireless Muse and Steve Stroh's Broadband Wireless Internet Access
• Esme Vos' MuniWireless and LocustWorld cover public wireless projects
• EVDOinfo.com, EVDO Blog by EVDOinfo.com, EVDO Maps, EVDO Forums, and EVDO Tips and Tweaks
• The O'Reilly Wireless DevCenter on wireless application development
• More news from Spread Spectrum Scene Online, ITtoolbox Wireless, Wireless Ecademy, ISP-Planet - Fixed Wireless, and Wi-Fi Planet
• SmallNetBuilder has information and hardware reviews for building small wired and wireless networks

Public wireless hotspot lists

• JiWire, WiFinder, The Wi-Fi FreeSpot directory, Wi-FiHotSpotList, NodeDB, and AnchorFree provide lists of community and commercial hotspots.
• Geektools Hotspots and Geektools Geektels (geek friendly hotels).

Community and research wireless networking projects

• Freenetworks.org, Cliff Skolnick's Wireless Community Network List and Community Wireless list community wireless networks in the US and around the world.
• Community network projects in the San Francisco Bay Area include Bay Area Wireless User Group (BAWUG), Bay Area Research Wireless Network (BARWN), and SBAY Wireless Network is the South Bay/Silicon Valley Wireless Project.
• Wikipedia's entry on wireless community network has a good list of projects in the US and internationally.
• NoCatNet is working to build community supported wireless networks in Sonoma County, CA among other projects.
• Seattle Wireless is a community wireless network in Seattle, Washington.
• Champaign-Urbana Community Wireless Network (CUWiN) is a community wireless project which distributes bootable CDROMs for nodes that include automatic mesh networking.
• Old Colorado City Communications Wireless has the latest projects from Dave Hughes. Prototype Testing and Evaluation of Wireless Instrumentation for Ecological Research at Remote Field Locations by Wireless National Science Foundation .
• HPWREN, the High Performance Wireless Research and Education Network team is creating, demonstrating, and evaluating a non-commercial, prototype, high-performance, wide-area, wireless network in San Diego county.
• The Rice Monarch Project develops protocols for adaptive mobile and wireless networking.
• Wireless Communications Alliance (WCA) is a Northern California non-profit which provides forums for education, networking, and economic development.
• Consume the Net is a community wireless network in London.
• Rooftops in the MIT/Cambridge, MA area.
• In Australia, wireless communities include the Canberra Wireless Network as well as E3 for communities around Perth.
• New Zealand wireless network covers centers in the north island including Auckland, Hamilton and Wellington.

Tools for detecting, monitoring and penetrating WiFi networks

• Kismet "is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic." It will work on most Linux/Unix platforms, and has limited support for Mac OS X.
• Net Stumbler is the original wireless LAN scanning utility for Windows. Ministumbler will work with HPC2000, PocketPC 3.0, PocketPC 2002 and Windows Mobile 2003.
• Wireshark (formerly Etherial) is a network protocol analyzer for wired and wireless networks that supports a very large number of protocols. The software can be used for realtime or offline analysis. It's free, open source, and is available for most platforms including most modern Unix/Linux platforms, Mac OS X, and Microsoft Windows.
• WiFiFoFum is a wifi scanner designed for PDAs running PocketPC 2003 and Windows Mobile 2005.
• Aircrack "is a set of tools for auditing wireless networks. It consists of: airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files)." It runs under Linux, Windows, and Zaurus as well as Mac OS X under MacPorts.
• Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name, Hotspotter will act as an access point to allow the client to authenticate and associate.
• Wellenreiter "is a wireless network discovery and auditing tool. Prism2, Lucent, and Cisco based cards are supported. It can discover networks (BSS/IBSS), and detects ESSID broadcasting or non-broadcasting networks and their WEP capabilities and the manufacturer automatically. DHCP and ARP traffic are decoded and displayed to give you further information about the networks. An ethereal/tcpdump-compatible dumpfile and an Application savefile will be automatically created." There are two versions for Linux, a GTK/Perl version and a newer C++ version with a QT front end for desktop and a Opie front end for Linux handhelds like the Zaurus.
• WepLab "is a tool designed to teach how WEP works, what different vulnerabilities has, and how they can be used in practice to break a WEP protected wireless network. So far, WepLab more than a WEP Key Cracker, is a WEP Security Analyzer designed from an educational point of view." "Weplab works under any flavor of Linux for i386 and PPC, Mac OS X and Windows NT/2000/XP."
• bsd-airtools is a package that provides a complete toolset for wireless 802.11b auditing. It contains a WEP cracking application, a netstumbler clone and a few tools for Prism2 debug modes. Most of the utilities only fully work with a Prism2 chipset based card. The project is not being actively developed.
• Prismstumbler is a wireless LAN (WLAN) which scans for beacon frames from access points. Prismstumbler operates by constantly switching channels an monitors any frames received on the currently selected channel. Prism stumbler uses AirSnort.
• WEPCrack is a tool for breaking 802.11 WEP keys. WEPCrack is written in Perl. The project is not being actively developed.
• Fake AP creates thousands of fake access points and beacon frames. It can be used to hide from detection or create honeypots.
• KWiFiManager can configure and monitor wireless LAN cards under Linux and KDE.
• Wavemon is a ncurses-based monitoring application for wireless network devices. It currently works under Linux with devices that are supported by the wireless extensions by Jean Tourrilhes (included in Kernel 2.4 and higher), e.g. the Lucent Orinoco cards.
• GNOME Wireless Applet is a wireless link quality monitor panel applet for GNOME. It reads the link quality out of /proc/net/wireless and reports quality by altering color.
• NoCatAuth and NoCatSplash are captive portal packages offering centralized authentication code for sharing internet services.
• Radio Mobile for windows is a free tool to predict the performance of a radio system.
• KarlNet's KarlBridge software is used by both AirPort and Orinoco access points. They also provide a configuration tool which will work on a number of access points based on their software.

Wireless documentation and HOWTOs

• Wireless LAN resources for Linux and Linux Wireless LAN Howto from Jean Tourrilhes.
• The book Wireless Networking for the Developing World: a practical guide to planning and building low-cost telecommunications infrastructure has been released under a Creative Commons Share Alike license and is available as a PDF as well as print and has an associated wiki.
• Linux Wireless Access Point HOWTO from Simon Anderson includes details on using HostAP mode, NoCat, etc.
• Installing and Configuring HostAP from Jason Boxman describes WEP, Wireless Distribution System (WDS), uploading new firmware, etc.
• TuxMobile Linux and Wireless LANs lists applications to make wireless networking under Linux easier.
• Free Antennas provides inexpensive easy instructions on constructing parabolic reflector antennas. Also a FAQ.
• Prism II Access Point Mini-Howto explains how to configure "PRISMII" chipset PCMCIA cards as IEEE 802.11b access points for Linux.
• Using IEEE 802.11 WaveLAN under NetBSD documentation for wireless networking under NetBSD.
• Linux Advanced Routing & Traffic Control HOWTO and PF: The OpenBSD Packet Filter including ALTQ has also been imported into FreeBSD. Prioritizing empty TCP ACKs with pf and ALTQ can be very useful on highly congested networks.
• Wireless LAN Security - 802.11 and Wardriving Resources

Router firmware replacements and building wireless routers

• LinksysInfo, WRTrouters and the Wikipedia WRT54G entry contain a wealth of information about the Linksys WRT54G series wireless routers as well as other models.
• Popular alternate firmware distributions for the WRT54G include OpenWRT, DD-WRT, HyperWRT Thibor, Ewrt is primarily geared for hotspot usage and Batbox is a ramdisk based distribution that does not make permanent changes to the device.
• Sveasoft combines the GPLed WRT54G firmware with some proprietary patches to produce a commercial version of the firmware replacement. Unofficial releases of the firmware can be found at TheIndividual's Sveasoft WRT54G Firmwares.
• Hacking Your Linux-Based Wireless Router article from ExtremeTech.
• A number of mobile routers allow users to share a cellular modem PC Card connection. These include Junxion Box which works with work with GPRS, EDGE and EVDO over either Ethernet or Wifi. The Kyocera KR1 Mobile Router (also sold as D-Link DI-725) works with EVDO and USB handsets. The Linksys WRT54G3G supports 3G/UMTS connections via a PCMCIA/Cardbus interface.
• StompBox has instructions for building your own mobile 3G/WiFi router.
• Soekris router project has instructions for building a general purpose wireless router with IPSec.

Wireless drivers and distributions

• Open1x is an open source implementation of IEEE 802.1x called Xsupplicant which is an 802.1X/WPA/WPA2/IEEE802.11i/EAP/TLS client for many Unix and Linux distributions.
• Host AP driver for Intersil Prism2/2.5/3 and WPA Supplicant is a Linux driver supporting Host AP mode, BSS, ISBSS, WAP and WPA with RSN (WPA2). It takes care of IEEE 802.11 management functions in the host computer and acts as an access point.
• Linux WPA Supplicant wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for IEEE 802.1X, WPA, WPA2, and IEEE 802.11i in the near future.
• The Linux ORiNOCO Driver included in the kernel since 2.4.3 and in David Hinds' pcmcia-cs package since 3.1.30 supports a large number of wireless NICs based on the Prism 2 chipset.
• Wireless LAN Project (linux-wlan project) has drivers for cards using the Intersil PRISM chipset in their 802.11 implementation. The Linux WLAN project FAQ has more technical details. The Linux WLAN mailing list archive.
• Wireless Tools for Linux from Jean_Tourrilhes.
• Linux PCMCIA Information Page is the home to David Hinds' pcmcia-cs package. Here is the complete list of supported cards.
• All recent BSDs releases include drivers for common wireless cards. For people running older releases: FreeBSD WaveLAN drivers, and ORiNOCO WaveLAN Wireless on FreeBSD.

Mac OS X and Airport wireless tools

• KisMAC (KisMAC NG) is a wireless discovery tool for Mac OS X that has passive scanning modes, support for WEP attacks, and scanning combined with GPS devices. KisMAC supports PCMCIA cards with Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB devices with Intersil Prism2, Ralink rt2570 and rt73, and Realtek rtl8187 chipsets have more limited support. It's free and open source.
• Kismet is a wireless discovery tool that has limited support for Mac OS X. Kismet is available for Macports and Fink.
• Wireshark (formerly Etherial) is a network protocol analyzer that has support for Mac OS X. It's free and open source. Binaries as wells as ports for Macports and Fink are available.
• iStumbler is a Mac OS X wireless discovery tool similar to NetStumbler that will find AirPort networks, Bluetooth devices, Bonjour services, and GPS locations. It's free. Beta support for Snow Leopard is forthcoming.
• ChangeMAC is a utility to let you change/spoof your hardware Ethernet MAC or Airport MAC address. It will only change the primary Ethernet interface and will not work with Mac Pro Airport interface. It's free and open source. It works with Snow Leopard.
• SpoofMac is a utility to spoof AirPort, AirPort Extreme, and Ethernet MAC addresses. SpoofMac was shareware, but is no longer available, you can find mirrors online.
• MacDaddy allows you to spoof hardware ethernet as well as AirPort ethernet addresses. MacDaddy was free, but is no longer available, you can find mirrors online.
• Wireshark (formerly Etherial) is a network protocol analyzer for wired and wireless networks that supports a very large number of protocols. The software can be used for realtime or offline analysis. It's free, open source, and is available for most platforms including most modern Unix/Linux platforms, Mac OS X, and Microsoft Windows.
• Cocoa Packet Analyzer is a network sniffer/protocol analyzer for Mac OS X. It supports PCAP files and supports third-party protocol extensions. It's free, a native OS X application, and has 64 bit support under Snow Leopard.
• Ralink chipsets are used in an increasing number of WiFi adaptors. In addition to Windows and Linux, Ralink also makes Mac OS X Wifi Drivers. Here is a large list of Ralink chipsets based wireless devices

Mobile phone and Bluetooth tools

• Linux Phone Standards (LiPS) Forum is a consortium whose goal is to define a standardized Linux software platform.
• LiMo Foundation is working to define a Linux-based software platform for mobile devices.
• gnokii is a set of tools and a user space driver for use with mobile phones under Linux, Unix, and Windows. The tools can manipulate PIM data, SMS and provide modem drivers.
• BlueZ is the official Linux Bluetooth protocol stack which is now included in the Linux 2.4 and Linux 2.6 kernel series. It is derived from the Axis Linux Bluetooth driver.
• Trifinite provides a number of Bluetooth utilities. Blooover is a Bluetooth Cellphone auditing tool that should run on any phone J2ME MIDP 2.0 VM implementing the JSR-82 API with Bluetooth. BT Audit will scan a Bluetooth device for open ports and potentially vulnerable applications. Blueprint allows fingerprinting of Bluetooth devices to determine manufacturer and model. BTClass will cloak the device class of a Bluetooth enabled Palm device. A PocketPC/Windows CE version is in development.
• Redfang searches for non-discoverable Bluetooth devices by brute-forcing the device's Bluetooth address.
• btscanner "is a tool designed specifically to extract as much information as possible from a Bluetooth device without the requirement to pair. A detailed information screen extracts HCI and SDP information, and maintains an open connection to monitor the RSSI and link quality."
• Bluesniff is a proof of concept Bluetooth device scanning tool. It was written in Perl on Linux.

Infrared and IRDA

• Linux-IrDA web pages (Infrared Data Association) is an industry standard for infrared wireless communication.
• Werner Heuser's Linux Infrared HOWTO and Infrared Devices working with Linux and Software for Mobile UniX Users and much more at TuxMobile Linux On Mobile Computers
• IrNET for Linux-IrDA is a protocol to carry TCP/IP traffic between two IrDA peers.

Wireless LAN standards organizations

• IEEE P802.11, The Working Group for Wireless LANs
• The IEEE 802.16 Working Group on Broadband Wireless Access Standards
• The Unofficial 802.11 Security Web Page including the 802.1x and WEP v2.0 specifications.
• Wi-Fi Alliance is a nonprofit organization formed in 1999 to certify and promote the growth of wireless Local Area Networks based on the IEEE 802.11.