April 6, 2011, 9:24 a.m.
posted by newmy
Wellenreiter is a user-friendly tool that offers simple, straightforward wireless packet capture. It comes in two flavors: a Perl-based script that supports Linux and a C++ version that supports the wider Unix population as well as some handheld devices. Consequently, Wellenreiter is good for quickly putting together simple, unsophisticated wireless auditing tools.
If you have used a Perl script, you've probably come across the problem of installing certain modules required by the script. The Wellenreiter Perl script is no exception. It requires the Net::Pcap module, which is readily available from http://www.cpan.org. The interface requires the GIMP Toolkit (GTK) module, but that is most likely already present on most systems.
If you have trouble installing the Net::Pcap module on a Linux distribution, verify that you have the perl-devel-*.rpm installed. The module requires certain headers to compile correctly.
Once you have installed the necessary Perl modules, you are ready to use Wellenreiter. It will automatically handle the configuration and monitoring mode for most Cisco-, Lucent-, and Prism2-based cards. Therefore, all you need to do is execute the script with root privileges.
# perl Wellenreiter.pl
The interface is simple (see Figure). The left pane lists channels monitored by your card and the right pane displays the SSIDs discovered.
By default, Wellenreiter saves a binary packet capture to the user's home directory. Look for *.dump files with a timestamp in the name. These are in pcap format (remember Net::Pcap?) and can be viewed with tcpdump or Ethereal. You can also read data from a GPS device, but if you're interested in mobile wireless discovery, kismet might be better suited to your needs.