FC5 Wireless Auditing Laptop: HOWTO
NOTE:
Fedora Core 6 build HOWTO
is also available.
Q. Why create your own
Linux Wireless Audit build?
A. We find it
more flexible to have our own Fedora Core/RedHat based
Wireless Auditing build; one that we can maintain with the latest tools and
utilities. It also great fun setting everything up and configuring it the
way we want it.
For those of you that don't have the time or the inclination to
create your own build there is always the superb (Slackware based) Live Linux
distribution 'Backtrack' (www.remote-exploit.org) which runs direct from CD or can be installed to
the local
hard drive.
Fedora
Core 5 - Installation Guide
Orinoco Card Information
Prism Card
Information
Installing Prism Card
Manually (hostap drivers)
Installing Atheros Cards
(madwifi drivers)
Installing Atheros Cards
(madwifi-ng drivers)
Updating madwifi-ng drivers
NOTE: We would strongly recommend going with
the Atheros madwifi drivers due to complexities and limitations associated
with the other options.
Choose appropriate
language and keyboard settings. Choose
the 'Install Fedora Core' option. Setup your partitions
using either the Automatic or Manual method. Configure your network
settings (e.g. DHCP or static) as per your ISP (required for later). Select your
time zone.
Configure a suitably strong 'root' password. Enable the following
packages (disabling all others)
Items marked '*' are optional but can be very useful Desktop
Environments:
Applications:
-
Editors
-
Graphical Internet
-
Graphics *
-
Office/Productivity
*
-
Sound and Video
Development:
Servers:
Base System:
-
Administration Tools
-
Base
-
Java
-
System Tools
-
X Windows System
Start the installation
(This takes time!)
Select 'Next' to
initiate the installation, after the installation
is complete simply:
-
Enabled firewall
(default)
-
Deselect all trusted
services (unless required for other purposes)
-
Disable SELinux
(This is unfortunate but SELinux seems to break to many things at present).
-
Set you local date
and time (enable Network Time Protocol, if required)
-
Configure your
display. There are know issues with FC5 and NVIDIA graphics cards, please consult
google : )
-
It is highly advisable to
create a user account (rather than run everything as root).
-
Choose default for
sound options.
Prior to the next
set of steps
you ensure you have Internet connectivity (e.g. Check you IP, netmask, DNS and default
gateway settings).
-
Once the reboot has
taken place login to X, open a shell (now located in Applications >
Accessories)
-
yum update
(This takes time!)
-
To begin downloading
enter 'y' at the 'Is this ok [y/N]:' prompt (This takes time!)
-
To install the
packages enter 'y' at the 'Is this ok [y/N]:' prompt (This takes time!)
-
I would also recommend
disabling the following unnecessary services that start on boot:
-
avahi-daemon
-
bluetooth
-
cups
-
cups-config-daemon
-
hidd
-
nfslock
-
netfs
This will not only
reduce your boot time, but more importantly reduce your footprint from anyone
wishing to attack your system!
Do this by either
completing a chkconfig --level 35
[service] off or by using the GUI tool (system-config-services)
Ensure you reboot
after the update process, before installing card drivers!
NOTE: Whilst most of the major Wireless discovery tools (e.g. Kismet, Airodump) will work out
of the box on FC5. However the card is not capable of performing packet
injection due to limitations with the cards firmware (better to go for a Prism
(hostap) or Atheros cards
(madwifi/madwifi-ng) for full packet injection capabilities).
Insert the Orinoco card
ifconfig eth1 up
kismet (simply start your tool of choice; ensuring kismet.conf is
configured correctly 'source=orinoco,eth1,orinoco')
The Prism card will also work out of the box on FC5, however, whilst perfectly
fine for discovery (e.g. kismet) to take advantage of packet injection
features (e.g. aircrack-ng) you will need to install you own drivers, see
"Installing Prism card manually".
Insert the Prism card
ifconfig eth1 up
kismet (simply start you tools of choice; ensuring kismet.conf
is configured correctly 'source=hostap,eth1,hostap')
NOTE: Packet Injection still not working as required with this Install, any
pointers appreciated.
To install new hostap drivers for FC5 requires a recompilation of the kernel.
This is not for the faint hearted (and compilation takes quite a while) but
will get your prism card working in FC5 with packet injection capabilities.
Thanks to Zero_Chaos for this workaround, see original thread
here (login required).
"Hostap-driver-0.4.7 is to be used on kernel 2.6.15 and BELOW. Hostap
kernel drivers are to be used for kernel 2.6.16 and higher. If you
cannot, or are unwilling to recompile your kernel, for now I suggest not
using kernel 2.6.16."-Zero_Chaos
cd /usr/src
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.1.tar.bz2
bunzip2 linux-2.6.16.1.tar.bz2
tar xvf linux-2.6.16.1.tar
cd /usr/src/linux-2.6.16.1/drivers/net/wireless/hostap
wget http://zerochaos.aircrack-ng.org/hostap-kernel-2.6.16.patch
patch -Np1 -i hostap-kernel-2.6.16.patch
cd /usr/src/linux-2.6.16.1
make clean
make menuconfig or
make oldconfig
make dep
make bzImage
make modules
make modules_install
make install
reboot with your Prism card inserted (ensuring to
select your new kernel on boot "linux-2.6.16.1")
iwconfig should now confirm the card is installed (eth1)
kismet (simply start your tool of choice; ensuring kismet.conf is
configured correctly 'source=hostap,eth1,hostap')
Sorry, nothing provided for Atheros by default in FC5 : (
NOTE: Whilst we have included details for both madwifi and madwifi-ng, we
still find madwifi-ng a little fussy but the option is there if you want to use
it. Boot the laptop with
the Atheros card installed yum install
sharutils enter y when
prompted 'Is this ok [y/N]: cd /root
cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/madwifi
login press return when
prompted for password
cvs -z3 -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/madwifi
co madwifi cd madwifi make make install eject and reinsert the
Atheros card iwconfig should
now confirm the card is installed (ath0)
kismet (simply start your tool of choice; ensuring kismet.conf is
configured correctly 'source=madwifi_b,ath0,madwifi_b')
Sorry, nothing provided for Atheros by default in FC5 : (
NOTE: Whilst we have included details for both madwifi and madwifi-ng, we
still find madwifi-ng a little fussy but the option is there if you want to use
it.
Boot the laptop with the Atheros card installed
yum install
sharutils
answer 'y' when prompted
yum install kernel-devel
answer 'y' when prompted
cd /root
svn checkout
http://svn.madwifi.org/trunk madwifi-ng
cd madwifi-ng
KERNELPATH=/usr/src/kernels/2.6.16-1.2080_FC5-i686/ (Or
replace 2.6.16-1.2080_FC5-i686 with your kernel version)
export KERNELPATH
make
make install (select 'r' remove, if prompted)
NOTE: The following two lines are not persistent and will need to be
entered after each reboot or network restart
wlanconfig ath0 destroy
wlanconfig ath0 create wlandev wifi0 wlanmode monitor
kismet (simply start your tool of choice; ensuring kismet.conf is
configured correctly 'source=madwifi_b,wifi0,madwifi_b')
NOTE: Only the latest development version of kismet will work with the
madwifi-ng drivers (Kismet-2005-08-R1 will not work)
After this initial installation madwifi-ng can be updated by changing to the
/root/madwifi-ng directory and running:
svn update
Then run the following commands:
make clean
make
make install
|
Linux
