|
|
|
|
What it does:
AirTraf is a package with many features. On a basic level, it peforms packet capture/decode in the 802.11b wireless level. It gathers and organizes packets captured over the air based on the type of traffic (management, control, data), according the the dynamically detected access points (in case there are multiple in a given area), and performs bandwdith calculation as well as signal strength information on a per wireless node basis.
It determines the SSID of access points, the channel it is operating under, the number of wireless nodes connected to the access point of interest, the overall load on the access point, as well as the bandwidth utilized by all connected wireless nodes. And as of AirTraf-0.3-1beta, AirTraf is database-aware, meaning that multiple sniffers can be polled via a central polling server periodically to gather up2date information, and saving the information for long-term load analysis over periods of days, weeks, months, and even years.
The other feature of AirTraf includes tracking of access related activity generated in the area, it tracks all probe/authentication/association requests made to a given access point, and by observing access point's reaction, make a judgement as to the nature of activity, and determine whether the activity is hostile or friendly. (currently fairly unstable, and being worked on)
There are also plans to include higher level protocol parsing, meaning data can be organized by the type of tcp services being utilized over the wireless network, being able to see how the wireless network is being utilized, and some reliability statistics that will reflect the performance of higher protocols over the unstable wireless medium.
What it does not do:
AirTraf is for use by "network administrators" to identify network problems, and to ease the administrative headache that will likely be associated with deployment of wireless service for their organization. It is not a tool designed to facilitate exploitation of wireless networks, nor was it ever designed to promote malicious activity. Although there are potentials for abuse, if you choose to employ AirTraf in any twisted schemes other than its intended use, you will be solely responsible for your actions, and you should remember that in the likely case that you'll be caught by your own tool of crime, traspessing on other people's network will likely earn you dire consequences. And I'll personally assist in prosecuting such offenses.
Platforms:
AirTraf currently runs on Linux, supporting the latest kernel, in x86 architecture. There currently are no plans for porting to other O/S or to other architectures (since I have no access to others), so if you're interested in seeing AirTraf work with other architectures, please volunteer yourself to the task, and I'll give you all the help you might need. One thing to note however, if there ever happen to be a port of AirTraf to operate in Windows, I'll be forced to charge people to use them, probably not much, but still charge them, since that's the price they must pay for being an advocate of closed-source proprietary vendor.
Supported cards:
-NEW- prism2-compatible cards are NOW supported! This support is enabled via prism2 (host-ap) driver. Sorry, wlan-ng drivers are not yet supported.
Tested Cards:
- Cisco Systems Aironet 340 series
- Linksys WPC11
Untested (but should work) Cards:
- Cisco Systems Aironet 350 series
- Compaq WL100 & WL200
- D-Link DWL-650
- Symbol Spectrum24
- Intel® PRO/Wireless 2011
- 3Com AirConnect
- ZcomaX XI-300
Unsupported Cards:
- Lucent ORiNOCO PC Card (Silver/Gold)
It does not seem likely that lucent (hermes) chipset cards will be supported anytime soon, since I have no experience working with those cards, and I'm not sure how to put the cards into promiscuous mode, but if you have experience with them, then let me know how its done, and I'll test AirTraf with them and make sure they work properly.
How to help:
Currently AirTraf is just getting started, and we could definitely use help in lot of areas. If you would like to help develop AirTraf further, via development, testing, etc., please contact the project administrator. If you have been inspired beyond reason, or have benefited tremendously by using AirTraf, and are looking for some way to contribute, then consider personally sponsoring the project via sending the project administrator a nice "good work" note, along with any material goods that can be afforded (preferably technical), or monetary if you really can't think of anything better to send. :) But seriously, just drop in a note about what you think about AirTraf (good, bad, neutral), and some suggestions for improvement, and it will help me drastically in improving AirTraf.
|
|
|
|
|
|
Make sure you visit our Screenshots section to see AirTraf in action.
More >>
Go to AirTraf's main project page on sourcforge.net
Go >>
Hosted By:
|
|
|
|
 |
|
