Meraki have produced a browser based sniffer
<http://meraki.com/tools/stumbler/>
Frequently Asked Questions
Q: What is the WiFi Stumbler?
A: The WiFi Stumbler is a browser-based wireless scanner tool that
detects 802.11 wireless networks and displays useful information about
the networks in an easily searchable, intuitive web interface. WiFi
Stumbler can be used to optimize wireless network coverage, troubleshoot
performance issues, detect rogue APs and perform basic pre-deployment
site surveys.
Q: Can I use WiFI Stumbler when I am not connected to the Internet?
A: If your browser supports offline mode (currently only Firefox),
then it can load WiFi Stumbler from its offline cache. This means that
WiFi Stumbler will work in these browsers even when you are not
connected to the Internet, as long as your wireless card is enabled.
Simply visit the Stumbler page using Firefox once you are connected to
the Internet. The site will ask for permission to use offline storage.
Grant this permission, bookmark the page and you can revisit whenever
you need to use WiFi Stumbler.
Q: How does the WiFi Stumbler work?
A: WiFi Stumbler captures data about nearby wireless networks from
your computer's wireless card and displays it as a web page. It can
even work when you are not connected to the Internet if your browser
supports offline mode (currently Firefox only).
Q: Why is Stumbler a web-based tool instead of standalone,
downloadable software?
A: By running in a browser, there is no need to download software to
your computer. This makes it very easy to load and use since no
software installation is required. It also can run on either a PC or
Mac, unlike most downloadable software applications. In addition, as we
will be continually adding new features to Stumbler, you will
automatically get the latest version of the tool each time you reload
the page.
Q: The WiFi Stumbler doesn't load on my computer/in my browser. Why not?
A: WiFi Stumbler requires Java support and does not currently support
Linux. If your browser does not support Java or you are running Linux
and you try to load WiFi Stumbler, you will receive an error message in
your browser window. Currently, Google Chrome for Mac does not support
Java so it will not run WiFi Stumbler. WiFi Stumbler is also currently
a beta stage tool; if you encounter other problems getting Stumbler to
load, please let us know using the Make a Wish box at the bottom of the
page.
On Fri, 12 Feb 2010 10:55:58 +0000, Bob <bob@invalid.invalid> wrote in
<icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:
>Meraki have produced a browser based sniffer
><http://meraki.com/tools/stumbler/>
Nice.
<nitpick> It's "Wi-Fi", not "WiFi". </nitpick>
--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
On 12/02/2010 15:41, John Navas wrote:
> On Fri, 12 Feb 2010 10:55:58 +0000, Bob<bob@invalid.invalid> wrote in
> <icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:
>
>> Meraki have produced a browser based sniffer
>> <http://meraki.com/tools/stumbler/>
>
> Nice.
>
> <nitpick> It's "Wi-Fi", not "WiFi".</nitpick>
>
nitpick
"Meraki WiFi Stumbler"
On Fri, 12 Feb 2010 15:49:11 +0000, Bob <bob@invalid.invalid> wrote in
<3u6dnQKk-Prq5ejWnZ2dnUVZ8i5i4p2d@bt.com>:
>On 12/02/2010 15:41, John Navas wrote:
>> On Fri, 12 Feb 2010 10:55:58 +0000, Bob<bob@invalid.invalid> wrote in
>> <icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com>:
>>
>>> Meraki have produced a browser based sniffer
>>> <http://meraki.com/tools/stumbler/>
>>
>> Nice.
>>
>> <nitpick> It's "Wi-Fi", not "WiFi".</nitpick>
>>
>nitpick
>"Meraki WiFi Stumbler"
So what? It's misuse of a term of art.
--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
On Fri, 12 Feb 2010 16:23:00 +0000, Bob <bob@invalid.invalid> wrote in
<LJ6dndEYN_n5HejWnZ2dnUVZ8uadnZ2d@bt.com>:
>On 12/02/2010 16:15, John Navas wrote:
>
>> So what? It's misuse of a term of art.
>>
>Twaddle
>In no way does it engage my senses or emotions.
Your problem, not mine.
--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
Bob <bob@invalid.invalid> wrote in
news:icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com:
> Meraki have produced a browser based sniffer
> <http://meraki.com/tools/stumbler/>
>
> Frequently Asked Questions
>
> Q: What is the WiFi Stumbler?
>
> A: The WiFi Stumbler is a browser-based wireless scanner tool
that
> detects 802.11 wireless networks and displays useful information
about
> the networks in an easily searchable, intuitive web interface.
WiFi
> Stumbler can be used to optimize wireless network coverage,
> troubleshoot performance issues, detect rogue APs and perform
basic
> pre-deployment site surveys.
>
> Q: Can I use WiFI Stumbler when I am not connected to the
Internet?
>
> A: If your browser supports offline mode (currently only
Firefox),
> then it can load WiFi Stumbler from its offline cache. This means
that
> WiFi Stumbler will work in these browsers even when you are not
> connected to the Internet, as long as your wireless card is
enabled.
> Simply visit the Stumbler page using Firefox once you are
connected to
> the Internet. The site will ask for permission to use offline
storage.
> Grant this permission, bookmark the page and you can revisit
whenever
> you need to use WiFi Stumbler.
>
> Q: How does the WiFi Stumbler work?
>
> A: WiFi Stumbler captures data about nearby wireless networks
from
> your computer's wireless card and displays it as a web page. It
can
> even work when you are not connected to the Internet if your
browser
> supports offline mode (currently Firefox only).
>
> Q: Why is Stumbler a web-based tool instead of standalone,
> downloadable software?
>
> A: By running in a browser, there is no need to download
software to
> your computer. This makes it very easy to load and use since no
> software installation is required. It also can run on either a PC
or
> Mac, unlike most downloadable software applications. In addition,
as
> we will be continually adding new features to Stumbler, you will
> automatically get the latest version of the tool each time you
reload
> the page.
>
> Q: The WiFi Stumbler doesn't load on my computer/in my browser.
Why
> not?
>
> A: WiFi Stumbler requires Java support and does not currently
> support
> Linux. If your browser does not support Java or you are running
Linux
> and you try to load WiFi Stumbler, you will receive an error
message
> in your browser window. Currently, Google Chrome for Mac does not
> support Java so it will not run WiFi Stumbler. WiFi Stumbler is
also
> currently a beta stage tool; if you encounter other problems
getting
> Stumbler to load, please let us know using the Make a Wish box at
the
> bottom of the page.
>
Seems to me using this would risk privacy invasion on the part of
those "sniffing" your data. Certainly could not use with anything
that might contain a transmitted password or other personal data.
Guess I really do not understand just what the usefulness of this
would be other than trying to hack unauthorized connections. Maybe
to troubleshoot local networks.
On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
<fufu@Use-Author-Supplied-Address.invalid> wrote in
<45de8120d348be70e7b3afbc11340c70@tioat.net>:
>Bob <bob@invalid.invalid> wrote in
>news:icednYGIfrEjrujWnZ2dnUVZ8sOdnZ2d@bt.com:
>Seems to me using this would risk privacy invasion on the part of
>those "sniffing" your data. Certainly could not use with anything
>that might contain a transmitted password or other personal data.
>Guess I really do not understand just what the usefulness of this
>would be other than trying to hack unauthorized connections. Maybe
>to troubleshoot local networks.
There's no privacy issue. It's a Site Survey tool. See
<http://wireless.navas.us/wiki/Wi-Fi_How_To#Why_and_How_to_do_a_Site_Survey>
--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
<fufu@Use-Author-Supplied-Address.invalid> wrote:
>Seems to me using this would risk privacy invasion on the part of
>those "sniffing" your data.
Sniffing is much like looking in a phone directory for someones
address. Just because you know where they live, doesn't magically
give you access to what's inside their house. It's the same with
wireless. The MAC addresses are all send in the clear and not
encrypted. That's like your address and is generally considered
public information. What's not available are the constents of the
encrypted data packets, which contain all kinds of interesting
information that might result in a privacy leak. As long as the
encryption is functional and unbroken, there's no privacy invasion
possible.
>Certainly could not use with anything
>that might contain a transmitted password or other personal data.
Actually, I've found two wireless lans that also used the SSID as
their WPA password. I found one and explained to the semi-intoxicated
owner what was happening. He claimed he understood, but it's still
unchanged about 6 months later. Oh well.
>Guess I really do not understand just what the usefulness of this
>would be other than trying to hack unauthorized connections. Maybe
>to troubleshoot local networks.
1. Check of interference on specific channels. There are only 3
non-overlapping channels (1, 8, 11). The trick is to find a channel
that's NOT being used for your LAN. If not, start thinking about
5.7Ghz. 802.11a.
2. Track down the source of Wi-Fi interference.
3. Identify users of junk wireless routers and try to sell them
something better. I've tried this a few times with mixed results.
4. Collect traffic statistics (error rate, retransmissions, etc).
5. Find the dingbat with the new MIMO router that's hogging the
entire 2.4GHz band with a 40Mhz wide HD video feed so that he doesn't
have to run an HDMI or ethernet cable 10 ft across his living room.
I've already given away one ethernet cable to get one of these off the
air.
6. Identify potential municipal Wi-Fi or mesh network nodes for
internet access.
7. Find the idiot with the 1 watt power amplifier trying to drill
through 5 brick walls to his router.
8. Whatever else I forgot.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
> On Fri, 12 Feb 2010 19:33:38 +0000 (UTC), fufu
> <fufu@Use-Author-Supplied-Address.invalid> wrote:
>
> > Seems to me using this would risk privacy invasion on the part of
> > those "sniffing" your data.
>
> Sniffing is much like looking in a phone directory for someones
> address. Just because you know where they live, doesn't magically
> give you access to what's inside their house. It's the same with
> wireless. The MAC addresses are all send in the clear and not
> encrypted. That's like your address and is generally considered
> public information. What's not available are the constents of the
> encrypted data packets, which contain all kinds of interesting
> information that might result in a privacy leak. As long as the
> encryption is functional and unbroken, there's no privacy invasion
> possible.
>
> > Certainly could not use with anything
> > that might contain a transmitted password or other personal data.
>
> Actually, I've found two wireless lans that also used the SSID as
> their WPA password. I found one and explained to the semi-intoxicated
> owner what was happening. He claimed he understood, but it's still
> unchanged about 6 months later. Oh well.
>
> > Guess I really do not understand just what the usefulness of this
> > would be other than trying to hack unauthorized connections. Maybe
> > to troubleshoot local networks.
>
> 1. Check of interference on specific channels. There are only 3
> non-overlapping channels (1, 8, 11). The trick is to find a channel
> that's NOT being used for your LAN. If not, start thinking about
> 5.7Ghz. 802.11a.
> 2. Track down the source of Wi-Fi interference.
> 3. Identify users of junk wireless routers and try to sell them
> something better. I've tried this a few times with mixed results.
> 4. Collect traffic statistics (error rate, retransmissions, etc).
> 5. Find the dingbat with the new MIMO router that's hogging the
> entire 2.4GHz band with a 40Mhz wide HD video feed so that he doesn't
> have to run an HDMI or ethernet cable 10 ft across his living room.
> I've already given away one ethernet cable to get one of these off the
> air.
> 6. Identify potential municipal Wi-Fi or mesh network nodes for
> internet access.
> 7. Find the idiot with the 1 watt power amplifier trying to drill
> through 5 brick walls to his router.
> 8. Whatever else I forgot.
This java script really only displays the same information as the wifi
adapter does when set to scan - it's a bit of a con really - and
certainly no more of a privacy issue than the basic adapter software.
In article <4b7607d6$1@dnews.tpgi.com.au>,
"me here" <gloaming_agnet@hotmail.com> wrote:
> This java script really only displays the same information as the wifi
> adapter does when set to scan - it's a bit of a con really -
Yes and no. It's using my Airport Extreme for scanning, obviously, and
it displays my wireless info, and my next door neighbour's. But Airport
by itself only shows _my_ network _unless_ the Meraki applet is running.
Next door is weak -- maybe Airport has a threshold of some kind.
Hmm. The guy's still on WEP. I should hack it. Although his password is
probably his wife's name ...
--
Very old woody beets will never cook tender.
-- Fannie Farmer
On Sat, 13 Feb 2010, in the Usenet newsgroup alt.internet.wireless, in article
<4b76a8fb$0$14675$c3e8da3@news.astraweb.com>, Warren Oates wrote:
>Hmm. The guy's still on WEP. I should hack it. Although his password
>is probably his wife's name ...
Did he _really_ pick something so secret and unusual? Wow - most
users choose one of the 86 passwords the 'deloader' worm (CERT Advisory
CA-2003-08) was looking for in March 2003:
[NULL] 0 000000 00000000 007 1 110 111 111111 11111111 12
121212 123 123123 1234 12345 123456 1234567 12345678 123456789
1234qwer 123abc 123asd 123qwe 2002 2003 2600 54321 654321
88888888 Admin Internet Login Password a aaa abc abc123 abcd
admin admin123 administrator alpha asdf computer database
enable foobar god godblessyou home ihavenopass login love
mypass mypass123 mypc mypc123 oracle owner pass passwd password
pat patrick pc pw pw123 pwd qwer root secret server sex super
sybase temp temp123 test test123 win xp xxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx yxcv zxcv
That first one ( [NULL] ) really means none (hit the enter key). I
wonder how many idiots have chosen one of these because they think
that no one could _possibly_ guess such a secret/complex set of letters
and/or numbers. Of course, that assumes the password was changed from
the factory default.
>Did he _really_ pick something so secret and unusual? Wow - most
>users choose one of the 86 passwords the 'deloader' worm (CERT Advisory
>CA-2003-08) was looking for in March 2003:
>
> [NULL] 0 000000 00000000 007 1 110 111 111111 11111111 12
> 121212 123 123123 1234 12345 123456 1234567 12345678 123456789
(etc...)
Most of those listed will not work with WEP. Assuming an ASCII key
(not a Hex key), it has to be exactly either 5 or 10 characters long,
which corresponds to 64 or 128bit WEP encryption.
My favorite throw away WEP/WPA password is "changethis". Note that
it's exactly 10 characters so that it will work with both WEP and WPA.
On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024@tioat.net>:
>Since I am connecting from am unencrypted public AP, I won't be using their
>sniffer ;-). I used TOR when I need to keep my data transfers private, so I
>guess I might try it with TOR.
What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.
--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>
On Sat, 13 Feb 2010, in the Usenet newsgroup alt.internet.wireless, in article
<qvlen51om4m26kig9pd4006ed7430khape@4ax.com>, Jeff Liebermann wrote:
[CERT Advisory CA-2003-08 ``passwords'']
>Most of those listed will not work with WEP. Assuming an ASCII key
>(not a Hex key), it has to be exactly either 5 or 10 characters long,
>which corresponds to 64 or 128bit WEP encryption.
"tqF+eE204n" is given to them on a piece of paper - along with the
output of 'whatis passwd' as a hint. The password is changed (probably
to one of those listed in CA-2003-08) when they discover how hard it
is to type that mess consistently - certainly not later than when they
loose the paper the second time.
Subject: Re: WiFi Stumbler
From: John Navas <spamfilter1@navasgroup.com>
Newsgroups: alt.internet.wireless
On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024@tioat.net>:
>Since I am connecting from am unencrypted public AP, I won't be
using their
>sniffer ;-). I used TOR when I need to keep my data transfers
private, so I
>guess I might try it with TOR.
What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28...ity_network%29
#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.
Explain to me what harm you'd be able to do on an end to end
encrypted tor connection, as I use with any sensitive data exchange?
Unless NSA or similar breaks encrypted data streams, as they
probably can if they work at it, all you will get is garbage.
And since I am not a terrorist, I don't have to worry much about
NSA.
On Mon, 15 Feb 2010 01:41:24 +0000 (UTC), p
<p@Use-Author-Supplied-Address.invalid> wrote:
>Explain to me what harm you'd be able to do on an end to end
>encrypted tor connection, as I use with any sensitive data exchange?
I was under the impression that TOR was an anonymizer, not an end to
end encryption tunnel as in a VPN. The data sent between the TOR exit
proxy server and the destination is not encrypted.
<http://en.wikipedia.org/wiki/Tor_(anonymity_network)>
Tor cannot and does not attempt to protect against monitoring
of traffic at the boundaries of the Tor network, i.e., the
traffic entering and exiting the network.
TOR is great security if you don't want anyone to know where your
packets are coming from, but not very useful if you're worried about
someone sniffing your "sensitive data".
I don't have an answer to what harm you might do using TOR.
Inflamatory political messages, stalking ex-spouses, spam, hate mail,
impersonating someone, online hacking, disagreeing with me, and other
internet activities where hiding your identity would be required,
seems like a good start.
John Navas <spamfilter1@navasgroup.com> wrote in
news:5nnen5hpab00ggpiisuuspe4ldoahp1qfg@navasgroup .com:
> On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
> <p@Use-Author-Supplied-Address.invalid> wrote in
> <f517c01ae1c0db874b6851396a06f024@tioat.net>:
>
>>Since I am connecting from am unencrypted public AP, I won't be
using
>>their sniffer ;-). I used TOR when I need to keep my data
transfers
>>private, so I guess I might try it with TOR.
>
> What makes you think Tor is actually real protection? Faith?
> <http://en.wikipedia.org/wiki/Tor_%28...ity_network%29
#Weaknesses>
> And those are just the _known_ weaknesses.
> I'm reminded of WEP. And TKIP. And on and on.
>
(Don't know what happened to my newserver, but hiccups occur
occasionally.)
There is nothing that you can get when using TOR if the connection
is SSL because it is encrypted end to end. The only people who
possible can read data (other than garbage encryption) is people
like the NSA and since I am not a terrorist, I have little to fear
from them.
Jeff Liebermann <jeffl@cruzio.com> wrote in
news:1r9hn51f3i444hdt60ls6bd2mqs5i3ica7@4ax.com:
> On Mon, 15 Feb 2010 01:41:24 +0000 (UTC), p
> <p@Use-Author-Supplied-Address.invalid> wrote:
>
>>Explain to me what harm you'd be able to do on an end to end
>>encrypted tor connection, as I use with any sensitive data
exchange?
>
> I was under the impression that TOR was an anonymizer, not an end
to
> end encryption tunnel as in a VPN. The data sent between the TOR
exit
> proxy server and the destination is not encrypted.
> <http://en.wikipedia.org/wiki/Tor_(anonymity_network)>
> Tor cannot and does not attempt to protect against monitoring
> of traffic at the boundaries of the Tor network, i.e., the
> traffic entering and exiting the network.
>
> TOR is great security if you don't want anyone to know where your
> packets are coming from, but not very useful if you're worried
about
> someone sniffing your "sensitive data".
>
> I don't have an answer to what harm you might do using TOR.
> Inflamatory political messages, stalking ex-spouses, spam, hate
mail,
> impersonating someone, online hacking, disagreeing with me, and
other
> internet activities where hiding your identity would be required,
> seems like a good start.
>
It's end to end if you use SSL--->torentrynode----onionrouted--->
torexitnode--->host (ssl decrypted by host)
unless some gov agency breaks the ecryption algorithm for tor and
for ssl, your data is safe, in so far as it is possible to ever be
safe on the net.
In article <1r9hn51f3i444hdt60ls6bd2mqs5i3ica7@4ax.com>,
Jeff Liebermann <jeffl@cruzio.com> wrote:
>
> TOR is great security if you don't want anyone to know where your
> packets are coming from, but not very useful if you're worried about
> someone sniffing your "sensitive data".
One problem with TOR is that if you have Java enabled, your real IP is
visible. This isn't TOR's fault -- it encrypts data, it doesn't alter it.
WiFi Stumbler 
Linear Mode
